U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Presentations 2022
Presentation

Composable Security: The Challenge of Security Models That Can Span from the Silicon to Software and Systems

March 2, 2022

Presenters

Jeremy Bellay - Battelle Memorial Institute

Description

Cybersecurity, by its nature, is a complex and continuously evolving field. Recently, understanding of the supply chain’s role in security has received new emphasis due to the high-profile Solar Winds attack, and the increasing movement of state-of-the-art silicon manufacturing off American shores. This raises the question of how we integrate security models used at the factory or by the supplier with security assessment estimates that are required later in the lifecycle and at the system level. In this talk we review the resources currently available to describe cyber vulnerabilities and weaknesses in hardware, software, and systems. We then look at what is required to characterize vulnerabilities in hardware and software components, compound components, and systems.  Finally we describe how this infrastructure could support the goal of security models that are composable and meaningful across the abstractions and contexts of real systems.

Downloads

Created April 27, 2022