Cyber-Security for Critical Infrastructures

of 23 /23
1 Cyber-Security for Critical Infrastructures Atsuhiro Goto President and Professor, Institute of Information Security (IISEC) Program Director for SIP, Cabinet Office, Government of Japan

Transcript of Cyber-Security for Critical Infrastructures

1

Cyber-Security

for Critical Infrastructures

Atsuhiro Goto

President and Professor,

Institute of Information Security (IISEC)

Program Director for SIP,

Cabinet Office, Government of Japan

2

Agenda

Cross-Ministerial Strategic Innovation Promotion

Program (SIP) Overview

SIP “Cyber-Security for Critical Infrastructures”

IISEC as Cybersecurity Capacity Building

Leader

Cyber-Attacks to Critical Infrastructures

Cyber Attack

Critical Infrastructures

NISC designates 13 domains

Chemical Industry

Gas

Finance

Public Service

Communication

Logistics Oil Credit

Railroad ElectricityAviation

Medical Service Water

3

SIP Program 2015FY – 2019FY

“Cyber-Security for Critical Infrastructures”

Technologies to strengthen “organizational capability”

Core technologies for secure infrastructures and IoT systems

by boosting their “cyber-security immunity”

4

The 11th SIP program launched in Jan. 2016 (to Mar. 2020)

Annual Budget: around ¥2.5 B ($24M)

Goals are:

globally competitive critical infrastructure systems

supported by advanced cyber-security technologies

contribution to the safe and secure Tokyo 2020 Olympic

and Paralympic Games and Society5.0.

Project Organization for

“Cyber-Security for Critical Infrastructure”

Japanese Government

Cabinet Office

PD: Atsuhiro Goto

METI / NEDO

Corporations

(NTT group, Fujitsu,

Hitachi, Mitsubishi,

Panasonic, Renesas

and others)

National R&D

Institutes

(AIST)

and Industry

Consortium

(ECSEC, CSSC)

Universities

(Keio Univ.

and others)

Promotion Committee

Chair: PD (Atsuhiro Goto)Secretariat: Cabinet Office

Members:

Experts in critical infrastructure

operators, and academia,

NISC, MIC, METI, other related

ministries and agencies

Cybersecurity

Technology WG

System Operation and

Information Sharing WG

Certification and related

regulation WG

Cybersecurity capacity

building WG

Subsidy

R&D Teams

5

NEDO: New Energy and

Industrial Technology

Development Organization

Cybersecurity Risk in Critical Infrastructure

6

Operation Center

Generator

Substation userSubstation

SubstationSubstation User

Infrastructue

FacilitiesSubstation

Control NetworkControl Servers, Control

Switches, etc.

Office Env.(IT)

Cybersecurity Risk in Critical Infrastructure

7

Operation Center

Generator

Substation userSubstation

SubstationSubstation User

Infrastructue

FacilitiesSubstation

Control NetworkControl Servers, Control

Switches, etc.

Cyber attack(in maintenance)

False dataCyber attack(embedded mal-function)

False command

False command

False command

malfunction

mulfunction

Vulnerable maintenance

port and/or terminal

Risk in System

Development

Office Env.(IT) Malware (ex. Stuxnet)

Cyber attack

Boosting Immunity of Facilities and Organizations

Attackerattack

Authenticity verification and

anomaly detection for

infrastructure facilities, suitable

for long lifecycle equipment

and IoT with tiny devices

StopStop

Best of breed from

the world: Anti-Virus,

IDS, IPS, Firewalls

“Armor” techs

Information Sharing

Other operators

Critical Infrastructure Facilities

“Immunity” techs

Increase self-sufficiency Prompt operators initiative

Intrusion

Human Res.

Development

Org. Capability

8

R&D “Cyber-Security for Critical Infrastructure”

9

Boost Cyber-security “Immunity” in Large-scale Control Network

• Authenticity and integrity monitoring technologies based on authenticity verification platform

• Behavior monitoring/analysis technologies for long life-cycle infrastructure systems where new and old equipments are working together

Strengthen Cyber-security for Future IoT Systems

• Anomaly detection and monitoring technology by means of IoT gateways

• Ultra-low power cryptography implementation technology for tiny IoT devices

Enhance “Organizational Capability” of Critical Infrastructure Operators

• Security framework strategy to support core technology dissemination

• Information Sharing Platform Technology

• Development of Human Resources for Cybersecurity

Risk in System Development and Operation

malwareParts

manufacturer

Assembling

Shipping

Installing

Configuring

Software

Installation

10

Risks of mal-operation

in system deployment

Risks of malware

intrusion during operation

mal-hardware

Risks in

Supply-chain

Authenticity verification platform

11

Control Networks

Detection of mal-operation

in system deployment

Detection of malware intrusion

during operation

Authenticity verification platform

based on chain of trust

Security module as

base of trust

Future Critical Infrastructure with IoT

12

Authenticity and integrity monitoring technology

can strictly monitor integrity (detect unauthorized change) of the

software on network and equipment

Anomaly detection and monitoring technology for IoT devices

can automatically adapt to a wide variety of IoT devices and perform

high-precision analyses of cyberattacks including unknown cyberattacks

Control Network

Cloud ServersOperation Center Root of Trust

Analysis

Server

IoT Gateway

IoT Gateway

IoT Gateway

Equipment

vendor

IoT network Infrastructure Facilities

Network Traffic and

Device information

Chain of Trust

Authenticity

verification

platform

Operator a

Information Sharing to enhance Organizational Capability

13

Shares

information

Sector AInformation Sharing

Structure

Sector BInformation Sharing

Structure

Important Infrastructure FieldsCross-Sector Information Sharing

Structure

Operator b

Division α

Division β

SOC/CSIRT

Threat Intelligence

Vulnerable Information

Division α

Division β

SOC/CSIRT

Information Sharing Platform in SIP

14

To Prompt Operators Initiative

Sharing Tools

◆Use STIX, TAXII for

global information

sharing

◆Ease of use on-site

Users’ Guide

◆Operation manuals

for OT engineers

◆Use in support of

security measure

establishment

Grand Design

◆Motivate

information sharing

◆Strategy for cross-

sector information

sharing

Summary of the SIP program

The goals of 11th SIP program “cyber-security for

critical infrastructures” are:

– globally competitive critical infrastructure

systems for Society5.0

– contribution to the safe and secure Tokyo

2020 Olympic and Paralympic Games.

The SIP program focuses on R&D of:

– core technologies to boost “immunity to cyber

attacks”

– platform to enhance “organizational capability”

15

16

IISEC as Cybersecurity Capacity

Building Leader

17

Institute of Information Security

Graduate School specializing in

Information Security founded in 2004.

Master’s Degree (Informatics)

Ph.D.(Informatics)

Most students, about 80%, are working

adults in governments, industries, etc.

FSA, MoD, NPA, JCG, and others

NTT group, Hitachi, NEC, JRs, banks, and

leading manufacturers..

By March 2018, 363 Masters & 33

Ph.D. They play an active part in the

information security fields in Japan.

http://www.iisec.ac.jp/

PresidentAtsuhiro Goto

18

Integrated and Practical Education and

Research at Graduate School, IISEC

Security and Risk Management

Cybersecurity & Governance

System Design

Mathematical Science

Technology

orientedSocial Science

oriented

19

IISEC Graduate School Curriculum

Internet Technology

Cyber-security Techniques

Network System Design and Operation

Management

Law and Ethics in Information Security

Introduction to Legal Study

Intellectual Property System

Legal Cases in Information Security

Individual Identification and Privacy

Protection

Cybersecurity Threat Intelligence

Cybersecurity & Governance

Capture The Flag(CTF)

Incident Response & CSIRT Basics

Practical Secure Systems

Advanced Secure Systems

Hands-on Exercises

Network Security Technology

Web Application Inspection and

Vulnerability Countermeasure

Digital Forensic

Cryptography, Authentication and

Social Systems

Cryptographic Protocol

Algorithms Basics

Basic Number Theory

Theory of Cryptography

AI and Machine Learning

Mathematical Science

20

IISEC Graduate School Curriculum

Statistical Research Methods

Statistical Risk Management

Risk Economics

Risk Control and Mass Media

Security Auditing

System and Security Audit

Information Security Management

System

Security Management and

Business Administration

Risk Management

Organizational Behavior and

Information Security

International Standards and

Guidelines

Security and Risk Management

Programming

Software Design

Operating Systems

Information Devices Technology

Information Systems Design

Secure System Architecture

Secure Programming and Secure

Operating Systems

Practical IoT Security

Systems Design

21

enPiT: educational networking program cultivating practical IT

human resources by Japanese leading universities and industry

collaboration subsidized by MEXT

enPiT/SecCap to enPiT-Pro/ProSec-X

enPiT / SecCap

Graduate School (MS)

Fund 2012-2016

IISEC, Tohoku-U, JAIST, NAIST, Keio-U

enPiT2 / Basic SecCap

Undergraduate

Fund 2016-2020

Tohoku-U and others

enPiT-Pro /

ProSec-X

Professions (Working adults)

Fund 2017-2021

IISEC and othersMEXT : Ministry of Education, Culture, Sports,

Science and Technology

22

IISEC : Cybersecurity Capacity

Building Leader

Cybersecurity

Expert

Beginner Course (MOOC)

Doctor Course

Master Course

enPiT1 security

(SecCap)

enPiT-Pro

(ProSec-X)

Education at Graduate School

Education for

Industry and

Government

Education for

young people

Technologist and Manager

with Cybersecurity Practice

Supremo

Advisory Committee

of Cabinet, others

enPiT2 security

(Basic SecCap)

23

Thank you very much

Cross-Ministerial Strategic Innovation Promotion

Program (SIP) Overview

SIP “Cyber-Security for Critical Infrastructures”

IISEC as Cybersecurity Capacity Building Leader

Atsuhiro Goto

[email protected]