Engineering Cyber Resiliencyy
A Pragmatic* Approach

William H. Sanders
University of Illinois at Urbana-Champaign

Absolute security is science fantasy, and perfection is the enemy of good. Good engineers realize the wisdom of that statement, and strive to develop tools, abstractions, and mechanisms that provide desired properties (like resiliency) with known certainty. But providing such properties at a specified level is easier said than done, especially for properties that are probabilistic and systems that are complex distributed combinations of hardware and software.

This talk explores attempts to provide cyber resiliency in systems that are used in critical applications. It argues that CAD tools are needed at design time to choose between alternative resiliency mechanisms, and that resiliency mechanisms are needed that provide redundancy, diversity, and adaptive behavior. It also argues that runtime sensing mechanisms need to correlate information from diverse sensors to expose attackers. Finally, it argues that by focusing on adaptation mechanisms that operate on effects rather than attacks, a system can tolerate many zero-day attacks. Taken together, we describe our work towards a pragmatic, but not perfect, approach to engineer resiliency into cyber systems for use in critical applications.

Slides:

Download the slides for this presentation in PDF format. Slides are frequently not available until after the presentation.

Videos:

• Join the live presentation. Wednesday 4:30-5:45 (Pacific).  Requires Microsoft Windows Media player.
• View the Stanford Consolodated Archive Lectures
• View video by lecture sequence in HTML5. Available after 8PM Pacific on the day of the lecture.
• View Video on YouTube. The YouTube video is uploaded the day following the presentation. You may need to disable your pop-up blocker for this link to work. Or use the direct link which is available here only after the presentation has been published to YouTube.

About the speaker:

William H. Sanders is a Donald Biggar Willett Professor of Engineering and the Head of the Department of Electrical and Computer Engineering (www.ece.illinois.edu) at the University of Illinois at Urbana-Champaign (illinois.edu). He is a professor in the Department of Electrical and Computer Engineering and in the Department of Computer Science. He is a Fellow of the IEEE, the ACM, and the AAAS; a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing; and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. He was the founding Director of the Information Trust Institute (www.iti.illinois.edu) at Illinois (2004-2011), and served as Director of the Coordinated Science Laboratory (www.csl.illinois.edu) at Illinois from 2010 to 2014. Dr. Sanders's research interests include secure and dependable computing and security and dependability metrics and evaluation, with a focus on critical infrastructures. He has published more than 270 technical papers in those areas. He served as the Director and PI of the DOE/DHS Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Center (tcipg.org), which did research at the forefront of national efforts to make the U.S. power grid smart and resilient. He was the 2016 recipient of the IEEE Technical Field Award, Innovation in Societal Infrastructure, for assessment-driven design of trustworthy cyber infrastructures for societal-scale systems. He is also co-developer of three tools for assessing computer-based systems: METASAN, UltraSAN, and Möbius. Möbius and UltraSAN have been distributed widely to industry and academia; more than 1,700 licenses for the tools have been issued to universities, companies, and NASA for evaluating the performance, dependability, and security of a variety of systems. He is also a co-developer of a tool for assessing the security of networked systems that is available commercially under the name NP-View from the startup company Network Perception, which he co-founded.

Contact information:

William H. Sanders
University of Illinois at Urbana-Champaign