TALKS
While our speakers are preparing to educate, inform and perhaps, entertain, with their presentations, take a look at their abstracts.
Jump to a speaker
¦ Sjadi Razak ¦ Phil Day ¦ Anna Maria Mandalari ¦ Michael Richardson ¦ Ian Pearson ¦ Ken Metcalf ¦ Brian Contos ¦ Naor Kalbo
Towards Continuous Assurance of IoT Cybersecurity
Paul Kearney
Birmingham City University
Paul Kearney, Birmingham City University
Paul Kearney is part-time Professor of Cybersecurity in the Networks and Cybersecurity Department at Birmingham City University (BCU). He has had a long and varied career in research and development in industry, and has previously worked for British Aerospace (BAe), Sharp and British Telecom (BT). His research interests include security and trust architectures for large-scale dynamic IoT systems, monitoring cybersecurity in the smart home, model-based security risk assessment, and application of data science and AI to cybersecurity problems. In addition to his role at BCU, Paul is a member of the Advisory Board of METCLOUD, an active contributor to the activities of the IoT Security Foundation, a visiting research fellow at EBTIC, Khalifa University, Abu Dhabi, an expert reviewer for the Horizon Europe programme, and a consultant on cybersecurity R&D.
Towards Continuous Assurance of IoT Cybersecurity
Paul Kearney is part-time Professor of Cybersecurity in the Networks and Cybersecurity Department at Birmingham City University (BCU). He has had a long and varied career in research and development in industry, and has previously worked for British Aerospace (BAe), Sharp and British Telecom (BT). His research interests include security and trust architectures for large-scale dynamic IoT systems, monitoring cybersecurity in the smart home, model-based security risk assessment, and application of data science and AI to cybersecurity problems. In addition to his role at BCU, Paul is a member of the Advisory Board of METCLOUD, an active contributor to the activities of the IoT Security Foundation, a visiting research fellow at EBTIC, Khalifa University, Abu Dhabi, an expert reviewer for the Horizon Europe programme, and a consultant on cybersecurity R&D.
Presentation: Towards Continuous Assurance of IoT Cybersecurity
Future economic prosperity requires a thriving market in IoT products featuring rapid innovation in response to end-user needs. However, this cannot be achieved at the expense of exposing stakeholders to undue cybersecurity risk. Vendors have a responsibility to provide products that are fit for purpose security-wise, with clear guidance and constraints regarding secure usage. Similarly, customers must select products with appropriate security properties, and to operate them securely, often as part of larger systems. This requires confidence in the statements from vendors about their products and development and production practices
The existing market resembles the ‘wild west’, expanding and developing rapidly, fuelled by pioneering spirit, but lawless and with many innocent casualties as a result. This situation cannot be sustained, but how can order be achieved without sacrificing innovation and dynamism? The current product certification ‘solution’ involves a static assessment of a specific product under specific conditions. The associated processes are lengthy, ‘paper heavy’, and resource and capital intensive, which acts as a disincentive to their adoption. Furthermore, the resulting products are likely to be uncompetitive by virtue of being expensive and late to market. It is unlikely that certification will command a premium, although in some niche sectors, products without certification may be excluded. So, can certification be made agile, with greatly reduced timescales and costs and increased automation, and valued by customers? Or is there a better way?
The paper explores these issues, briefly reviews related on-going initiatives, and aims to stimulate debate about fruitful ways forward.
Securing Internet of Drones
Sjadi Razak
ANGOKA Limited
Shadi Razak, ANGOKA Limited
Shadi is a cyber security and business digitisation expert, with a strong foundation in business and IT strategy. His expertise in information security management, data privacy and protection, information governance and compliance, cloud security and business digitisation has made him a sought after advisor to and coach for a number of international blue chip companies, government organisations, financial services and SME’s in the UK and the MENA region for the past 15 years.
He has been a visiting lecturer at a number of International and British universities and is currently a Board Member and President of the Information Security Group (ISG) Alumni, Technology and Finance Society and a mentor for a number of FinTech and SecurityTech start-ups in London and Dubai. Shadi lives and works in London (UK). He holds a BSc in Computer Engineering, a MSc in Information Security from Royal Holloway, University of London and an MBA from the University of Sunderland.
Securing Internet of Drones
Internet of Things (IoTs) technology is rapidly evolving and yet the security aspect of IoT networks needs to be explored in depth before adoption. One promising application of IoTs is Internet of Drones (IoDs), which can be thought of as a managed space for drones connected together. The idea of IoDs has been around for a while and is expected to expedite the efficiency of tasks in services like medical, military, transport, and others. The United Kingdom is moving forward as a global leader in building up an open framework for Unmanned Traffic Management (UTM) for drones. A recent report published by Connected Places Catapult UK highlights a global market of commercial drones worth around GBP127 billion.
Inherent properties of Unmanned Aerial Vehicles (UAVs) such as high mobility propose challenges in deployment of security primitives, thus they still rely on conventional ways of secure communication (VPN/TLS). Based on the report by Drone Association (ARPAS-UK), it could be seen that major partnerships and providers are coming alongside in building open UTM and very soon IoDs would be in action. Therefore to gear up for this IoT revolution, this presentation provides an insight on working of IoDs, threat analysis and proposal of security solution to mitigate the security risks.
A novel security solution based on the idea of Device Private Networks (DPNs) has been proposed for the IoDs framework. The idea has been backed with the design of a real-time attack scenario which would be demonstrated live as part of the presentation.
Secure by Design Configuration Interfaces
Phil Day
Configured Things
Phil Day, Configured Things
Phil is the Director of Engineering at Configured Things, a startup founded by Alumni from Hewlett Packard Labs to build solutions for Connected Places. He has more years that he cares to admit to developing and delivering complex distributed systems. He is also the lead analyst on the newly formed Agri-Tech group within the CyNam security cluster.
Configured Things design and build with security as a core design principle. We were one of just seven companies selected for the National Cyber Security Centre’s cyber accelerator’s 2018 cohort, from a pool of 180 applicants
Secure by Design Configuration Interfaces
Misconfiguration, whether by accident or malicious activity, is a major cause of security breaches.
The more actors that need to be involved in configuring a system, whether that’s people or other systems through automation, the more complex the problem both in terms of the security (more rules to configure and manage) and operationally (understanding the impact that a change from A have on an overlapping change from B).
A distributed IoT system adds a further layer of complexity to configuration management. Such systems are often mobile and frequently offline creating a weakness for configuration drift from a centralised system.
And complexity is generally the enemy of resilient and secure systems. We give resilience equal billing with security because it’s no longer enough to design against known threats: systems must also be designed to deal with, and recover easily from, compromise. AI-driven automation, for example, can be less predictable than people and has the potential to become a new class of attack vector.
Most systems present their configuration interfaces as complex API, with a correspondingly complex set of rules to control who is allowed to change what. Declarative approaches such as those employed in DevOps workflows can help in some areas, but they typically create a single authorisation body, exposed to internal threat vectors.
At Configured Things we take a different approach which both removes much of the complexity and reduces the overall attack surface. Each actor has their own interface, limiting the changes they are allowed to make and keeping their changes fully independent from those of any other actor.
Our approach is based on a “zero trust” paradigm where neither the source or transport is trusted. It does not require any inbound connections to the system, removing a large part of the system’s attack surface. Authorisation to make a change is based on policies that can require multi party approval, addressing the internal threat vector.
The key to providing resilience is to focus on managing the changes rather than the resulting configuration. We treat all changes as ephemeral, so it is possible at any time to remove one or more changes and derive a new configuration from the remaining changes. In this way the person or system requesting a change does not have to take into account the current state of the system. Neither do they have to work out how to undo a specific change, the impact of which may have subsequently been modified by other changes. If a system is found to have been misconfigured or compromised the changes from that source can simply be negated and the remaining valid changes reapplied. This is much more powerful than the simple rollback mechanism approach of other declarative approaches and is essential to supporting multi-tenancy, since it allows the different actors to act independently when making and removing changes.
The management of changes is not restricted to the external interface of the system; The same approach is also used internally to pass changes to both local subsystems and remote devices, and can manage configuration changes across security domains. Each device only needs its initial safe base state and details of how to connect to receive the current set of changes. This makes it possible for devices to recover from errors and compromise, and can ensure that devices always restart in a known and safe configuration and eliminates configuration drift.
This approach, which developed with guidance from the NCSC and other Government agencies, has been developed as part of an InnovateUK funded project and is currently part of a trial system with a Local Authority.
The keystone in Secure by Design and Business Risk Mitigation
Ian Pearson
Microchip Ltd
Ian Pearson, Microchip Ltd
Ian Pearson is a Principle Field Application Engineer with Microchip Technology Inc.The keystone in Secure by Design and Business Risk Mitigation
Secure boot, implemented well, has a significant impact on the all areas of the business from design, procurement, manufacture, in use support and end of life management. Implemented well it becomes a business asset, implemented poorly it becomes a business risk.
Without a correctly implemented secure boot mechanism the impacts on a business may be significant, especially in the light of pending legislation and the need to provide secure firmware updates to a product in the field. Secure Boot is the keystone to ensuring the integrity of future updates to a device in the field. If it cannot be trusted then the potential for system compromise increases.
Secure boot is more than an issue for the software team. It has wide reaching impact on the whole business to ensure that trust and integrity of a product are maintained without impact on manufacture, sales, support and the need for a business to meet ever increasing legislation around privacy and security both in use and at end of life.
Join us for a whistle stop tour that will highlight some of the important factors and consdierations and potential solutions around Secure Boot.
The key to providing resilience is to focus on managing the changes rather than the resulting configuration. We treat all changes as ephemeral, so it is possible at any time to remove one or more changes and derive a new configuration from the remaining changes. In this way the person or system requesting a change does not have to take into account the current state of the system. Neither do they have to work out how to undo a specific change, the impact of which may have subsequently been modified by other changes. If a system is found to have been misconfigured or compromised the changes from that source can simply be negated and the remaining valid changes reapplied. This is much more powerful than the simple rollback mechanism approach of other declarative approaches and is essential to supporting multi-tenancy, since it allows the different actors to act independently when making and removing changes.
The management of changes is not restricted to the external interface of the system; The same approach is also used internally to pass changes to both local subsystems and remote devices, and can manage configuration changes across security domains. Each device only needs its initial safe base state and details of how to connect to receive the current set of changes. This makes it possible for devices to recover from errors and compromise, and can ensure that devices always restart in a known and safe configuration and eliminates configuration drift.
This approach, which developed with guidance from the NCSC and other Government agencies, has been developed as part of an InnovateUK funded project and is currently part of a trial system with a Local Authority.