Publications

As cyber-security is becoming more and more important in systems development, engineers have begun to recognize and understand the types of errors they can introduce through hurried coding technique and design. This overall trend is certainly moving the software industry in the right direction and can lead to developing higher quality software-centric systems. Unfortunately, we have barely begun to examine the results of poor architectural choices, nor do we have much insight into what secure and securable architectures look like. In this paper, based on the past 40 years of work identifying specific security principles, we create a taxonomy of principles that address the abstract cyber-security needs of systems. We then tie these principles to studies of insecure systems architectures to demonstrate applicability. We close the paper with a description of other cyber-security taxonomies, how they specifically differ from this presented taxonomy, and add new principles to address gaps shown in taxonomic comparisons.

Abstract not provided.

This paper provides a survey of work in secureable architectures with a focus on security principles that enable secure and secureable systems over the last 40 years. The paper begins with a description of secureable architectures, including the definitions of secure and secureable and the working definitions of architecture currently used in practice. Then we begin to outline the principles for secure systems as described by various authors, starting in academia in 1975, stretching to textbooks in common use today, and finally finishing with the most recent guidance from IEEE.

Abstract not provided.

Abstract not provided.

Abstract not provided.

On September 5th and 6th, 2012, the Dynamic Defense Workshop: From Research to Practice brought together researchers from academia, industry, and Sandia with the goals of increasing collaboration between Sandia National Laboratories and external organizations, de ning and un- derstanding dynamic, or moving target, defense concepts and directions, and gaining a greater understanding of the state of the art for dynamic defense. Through the workshop, we broadened and re ned our de nition and understanding, identi ed new approaches to inherent challenges, and de ned principles of dynamic defense. Half of the workshop was devoted to presentations of current state-of-the-art work. Presentation topics included areas such as the failure of current defenses, threats, techniques, goals of dynamic defense, theory, foundations of dynamic defense, future directions and open research questions related to dynamic defense. The remainder of the workshop was discussion, which was broken down into sessions on de ning challenges, applications to host or mobile environments, applications to enterprise network environments, exploring research and operational taxonomies, and determining how to apply scienti c rigor to and investigating the eld of dynamic defense.

Abstract not provided.

Abstract not provided.