180 likes | 270 Vues
Summary of discussions on security architecture, algorithms, testing plans, and Key Management. Updates on Threat Green Book revisions, Security WG goals, and technical progress. Addressing resource concerns and open issues for future collaboration.
E N D
Security WG:Report of the Spring 2012 Meeting European Space Operations Centre Darmstadt, Germany 19 April, 2012 Howard Weiss NASA/JPL/SPARTA howard.weiss@sparta.com +1-443-430-8089 skype: hsweiss
Meeting Agenda • 16 April 2012 • 08:45 – 09:45: CCSDS Plenary • 09:45 – 12:30: Systems Engineering Area (SEA) Plenary • 16 April 2012: • 14:00 – 17:30: Security WG • Welcome, introductions, logistics, agenda review • Review results of Fall 2011 (Colorado) meeting • Status of documents, action items • Charter review (if needed) • Security Architecture Status (Black) • SM&C Security Discussion (Fischer) • Algorithm Document RID review (Weiss) • Algorithm Yellow Book review (Weiss) • Testing Plans (CNES, DLR, ESA) • Algorithm Green Book Review (Weiss)
Meeting Agenda (cont) • 17 April 2012 (08:45 – 17:30) • SM&C Support (Fischer) (joint mtg @ 09:00) • Key Management Blue Book revisions(Fischer/Aguilar-Sanchez) • Threat book re-write (Black/Weiss/Biggerstaff) • Network Layer Security Update (Weiss) • Cross Support (All) ?? • Link Layer Security Update (Biggerstaff/Weiss/Aguilar-Sanchez) • Other areas of discussion • New work areas • 18 April 2012 • 08:45-17:30: Space Data Link Security WG • 19 April 2012 • 08:45-12:30: Space Data Link Security WG • 14:30-17:30: SEA Wrap-up Plenary
Executive Summary • Attendees from UK Space Agency, ESA/ESTEC, ESA/ESOC, DLR, BITTT/CNSA, CNES, NASA/JSC, NASA/GSFC, and NASA/JPL. No attendees from ASI. • Reviewed charter updates as recorded on CWE. Action to restructure into two lists: development work and “revise & maintain” activities. • Reviewed the RID changes to the Security Architecture document – ready for 2ndAgency review. • Dispositioned 53 Algorithm Blue Book RIDs. Document will be revised for 2nd Agency review. Algorithm paper to be presented at SpaceOps. • Reviewed the Algorithm Yellow Book and testing that DLR has already accomplished. A few changes are needed to the document. • Reviewed 1st draft of Algorithm Green Book. • Discussed potential directions for Threat Green Book revision. • Discussed and met with SM&C regarding security test cases & eventual integration of Key Management into SM&C. • Reviewed good progress of KM Blue Book. • SDLS making good progress.
Summary of Goals and Deliverables • Action to restructure charter. • Final WG review of Security Architecture after update from RIDs. • RIDs against Algorithm document dispositioned. • 1st draft of Algorithm Green Book reviewed. • DLR has already used the Yellow Book to carry out algorithm testing. ESA is also planning to perform testing. • KM Blue Book for symmetric KM making good progress. • Reviewed & discussed revisions to the Threat Green Book. • Joint meeting with SM&C to discuss security test use cases, their authentication design, and key management.
SEA Area MID-TERM REPORT SUMMARY TECHNICAL STATUS • Security WG • Goal: • Working Status: Active _X_ Idle ____ • Summary progress: documents actively being produced: Glossary, Key Management BB, Algorithms (BB & YB). All docs green. • Progress since last meeting: architecture RIDS done, algorithm RIDS rcvd, glossary in secretariat queue. Other books progressing. • Problems and Issues: Resources – Excellent right now but need to ensure continued participation from all member agencies
Open Issues • Deciding what/how to revise Threat Green Book.
Resource Problems • Resources are adequate to perform the current tasks although personnel have only limited time percentage to apply to CCSDS tasks.
Risk Management Update • Must ensure that the current trend of additional resources remains and that resources don’t shrink. • ASI has not attended for several meetings.
Cross Area WG / BOF Issues • Joint meeting with Space Data Link Security WG • Joint meeting with Spacecraft Monitoring & Control
New Working Items, New BOFs, etc. • Network layer security • Threat document revision • Physical layer security (channel coding for security (based on Shannon codes)) • Security for software defined radios • Continue to discuss security additions for SLE and SM&C