哈佛空间力量太空资产网络安全英文版2018736页

整理文档很辛苦,赏杯茶钱您下走!

免费阅读已结束,点击下载阅读编辑剩下 ...

阅读已结束,您可以下载文档离线阅读编辑

资源描述

PAPERJULY2018CYBERSECURITYPROJECTJobOneforSpaceForce:SpaceAssetCybersecurityGregoryFalcoCyberSecurityProjectBelferCenterforScienceandInternationalAffairsHarvardKennedySchool79JFKStreetCambridge,MA02138:AsetofNanoRacksCubeSatsisdeployedfromtheInternationalSpaceStation,February25,2014.(NASA/iss038e056389)Copyright2018,PresidentandFellowsofHarvardCollegePrintedintheUnitedStatesofAmericaCYBERSECURITYPROJECTPAPERJULY2018JobOneforSpaceForce:SpaceAssetCybersecurityGregoryFalcoiiJobOneforSpaceForce:SpaceAssetCybersecurityAbouttheAuthorGregoryFalcoisaResearchFellowwiththeBelferCenter’sCyberSecurityProjectatHarvardKennedySchool.HereceivedhisPhDinCybersecu-rityfromMIT’sComputerScienceandArtificialIntelligenceLaboratory(CSAIL)andearnedhismaster’sdegreefromColumbiaUniversityandundergraduatedegreefromCornellUniversity.HeisanexpertinIndus-trialInternetofThings(IIoT)cyber-physicalsystemsecurity.HisresearchfocusesonanalyzingcyberrisktocriticalinfrastructureusingAIplan-ning,datascienceandqualitativemethods.Muchofhisworkhasfocusedonthesecurityofsmartcities’industrialcontrolsystemsusedincriticalinfrastructureincludingelectricgrids,waternetworksandtransportationsystems.HehaspioneeredthefieldofDefensiveSocialEngineering—atoolboxofnon-technicaldefensesthatemployssocialengineeringmethodsagainsthackers.GregisanAdjunctProfessoratColumbiaUniversitywhereheteachesclassesonmachinelearning,bigdataandsmartcities.HeisalsotheCo-founderandCEOofNeuroMesh,anIoTmanagedsecurityandend-pointprotectioncompanythatispilotingitstechnologywithmajorutilitiestosecuretheroutingandsmartmeteringinfrastructureoftheSmartGrid.Previously,GreghasworkedasasecurityresearcherforNASA’sJetPro-pulsionLaboratoryoncuttingedgeAI-basedriskassessmentformissioncriticalIoTandwasanexecutiveatAccenturewherehefoundedtheSmartCityStrategyDivision.HewillbeginhispostdoctoralstudiesatStanfordUniversityintheFallwherehewillteachcoursesonCyberRisk.iiiBelferCenterforScienceandInternationalAffairs|HarvardKennedySchoolTableofContentsExecutiveSummary...........................................................................1Whyarespacesystemsanattractivetarget?...............................4Whatattackshaveoccuredonthesesystems?.............................7Whyarespaceassetssovulnerabletoday?.................................10Whatisbeingdonetodaytosecurethesesystems?...................15Recommendations..........................................................................19Whatcanspaceassetorganizationsdo?......................................................19Whatcanpolicymakersdo?...........................................................................22WhatcantheDepartmentofHomelandSecuritydo?................................23Conclusion.......................................................................................26Acknowledgements.............................................................................................27CoverImageAsetofNanoRacksCubeSatsisdeployedfromtheInternationalSpaceStation,February25,2014.(NASA/iss038e056389)1BelferCenterforScienceandInternationalAffairs|HarvardKennedySchoolExecutiveSummaryWhenwethinkaboutcriticalinfrastructure,thefirstassetsthatcometomindincludetheelectricgrid,waternetworksandtransportationsystems.Furtherunpackingthedefinitionofcriticalinfrastructure,weconsiderindustriessuchasagriculture,defenseorthefinancialsector.However,werarelythinkaboutwheretheunderlyingsystemsthatenabletechnologyfunctionalityacrossthesesectorsphysicallyreside,whodevelopedthetechnology,andwhocanaccessandmanagethattechnology.MuchoftheUnitedStates’criticalinfrastructurereliesonspacesys-tems.Idefinespacesystemsasassetsthateitherexistinsuborbitalorouterspaceorgroundcontrolsystems—includinglaunchfacilitiesfortheseassets.Spaceassetorganizationsareorganizationsthatbuild,operate,maintainorownspacesystems.Someexamplesofcriticalinfrastructure’srelianceonspacesystemsareagribusiness’relianceonweatherandclimatesatellites,theU.S.military’srelianceonintel-ligencesatellites,andvarioustransportationindustries’relianceonglobalpositioningsystem(GPS)satellites.Severalcriticalinfrastruc-turesectorsalsorelyonspacesystemsforglobalcommunications.Wealsorelyonspacesystemsforscientificdiscovery,whichoftenrequireshighlyspecializedandadvancedequipment.Suchequipmentoriginallydesignedforscientificdiscoveryislaterusedincriticalinfrastructuresectorsuponfurthertestingandcommercializationoftheintellectualproperty.DespiteeffortstoimprovethecybersecurityofcriticalinfrastructureintheU.S.,therehasbeenlittlefocusoncybersecurityforspacesys-tems.Whilesecuritystandardsforcriticalinfrastructureareoftentechnicallysufficienttodetermanyattacks,theyremainachallengetoimplementduetotimeandresourceconstraints.1Spacesystems,how-ever,aremorecomplexthancri

1 / 36
下载文档,编辑使用

©2015-2020 m.777doc.com 三七文档.

备案号:鲁ICP备2024069028号-1 客服联系 QQ:2149211541

×
保存成功