CCCCatalyzing the computing research community and enabling the pursuit of innovative, high-impact research.
  • Twitter
  • Facebook
  • Youtube
  • Rss
  • About
    • About CCC
    • Council Members
    • Council Meetings
    • CCC Council Nominations
    • Governing Documents
    • FAQ
    • Contact
  • Visioning
    • Visioning Activities
      • 2022
      • 2021
      • 2020
      • 2019
      • 2018
      • 2017
      • 2016
      • 2015
      • 2014
      • 2013
      • 2012
      • 2011 and Prior Years
    • Workshop Reports
    • RFP – Creating Visions for Computing Research
    • Blue Sky
    • CS for Social Good White Paper Competition
    • Robotics Roadmap
  • Leadership Development
    • Call for Council Nominations
    • Leadership in Science Policy Institute
    • Big Data Regional Hubs
    • Postdoc Best Practices
      • Postdoc Best Practice Final Reports
      • Postdoc Best Practice Resources
    • CIFellows
      • CIFellows 2021
      • CIFellows 2020
      • CIFellows 2020: For the Record
      • CI Fellows 2014 Workshop
      • 2011 Class
      • 2010 Class
      • 2009 Class
      • Assessment
      • Diversity
      • Success Stories
  • Task Forces
    • Computing Challenges to Humanity
    • Future of Life in a Hybrid World
    • Security, Integrity, and Trust
    • Weird Ways to Compute
    • AI Working Group
    • Past Task Forces
  • Resources
    • CCC Call for Content
    • Workshop Reports
    • CCC-Led White Papers
    • Presentations
    • CCC Responds to the Community
    • Recent CCC Activities
    • Ongoing CCC Activities
    • CIFellows Spotlight
    • Great Innovative Ideas
    • Event Videos
    • Catalyzing Computing Podcast
    • Computing Research in Action
    • Computing Research Highlights
  • Events
    • Upcoming Events
    • Special Events
    • Past Events
    • CCC at AAAS
      • CCC at AAAS 2022
      • CCC at AAAS 2020
      • CCC at AAAS 2019
      • CCC at AAAS 2018
      • CCC at AAAS 2017
      • CCC at AAAS 2016
      • CCC at AAAS 2013
  • CCC by CS Area
    • AI /ML / Robotics
    • Architecture / Systems / Networking
    • Databases / Informatics / Data Science / HPC
    • Human-Computer Interaction / Graphics / Visualization
    • IoT / Ubiquitous
    • Programming Languages / Compilers / Software Engineering
    • Security / Privacy / Fairness
    • Theory / Algorithms
    • Miscellaneous
  • Blog
  • Podcast
  • Search
  • Menu

Cyber Security for Manufacturers Workshop


   Workshop Report   

March 14-15, 2017

Washington D.C.
The Westin Arlington Gateway, North Glebe Road, Arlington, VA, United States



Event Contact

Ann Drobnis
adrobnis@cra.org


Event Type

2017 Events, 2017 Visioning Activities


Event Category

CCC


Tags

cybermanufacturing, cyberphysical security, human-machin, manufacturing, privacy, security, sociotechnical security

Overview

MForesight, in collaboration with the Computing Community Consortium (CCC), hosted a visioning workshop on emergent theme of Cyber Security for Manufacturers.

Cyber-attacks pose a growing threat not only to national security but also to U.S. economic competitiveness. Manufacturing firms are vulnerable to threats including sabotage of operations, alteration of data and product designs, and theft of intellectual property. The sector presents special security challenges because of the unique nature of interconnected supply chains, industrial control systems (ICSs), and operational technology (OT), which consist of networked machines, sensors, data, and software.

The cyber security experts and leaders from the private sector, federal government, and academic community in attendance had the opportunity to contribute their knowledge and expertise to clarify manufacturing-specific cyber security challenges, identify emerging technology solutions, and define action items. The primary goal of the workshop was to provide actionable insights and recommendations that, if implemented, will benefit manufacturers of all sizes. All information shared was considered information for public consumption and was not attributed to specific individuals or organizations.

Day 1 broke down four key challenge areas into specific, addressable needs. Gaps were identified and solutions and action items were developed to address these gaps. The four key challenge areas are:

  • System Level Security: The focus of this breakout was the system level interaction of the IT and OT realms. The integration of multiple layers and types of software and the security challenges that happen at the gaps between those layers was explored. System-level resilience was addressed, as well as, monitoring, patching, and assessing OT assets.
  • Integrity of Manufactured Goods: This breakout focused on the integrity of manufactured goods, with an emphasis on protection and validation of design data across all platforms. Tampering and theft of designs and manufacturing parameters were covered, along with the respective protection and verification of the data.
  • Machine to Machine Security: The focus of this breakout was the communication of manufacturing equipment with 1. Its own internal elements, 2. Other manufacturing equipment, and 3. Its direct controlling software. Key issues here were protecting, verifying, and detecting issues with the “lowest level” manufacturing equipment data. Legacy systems were a key focal point in this discussion.
  • Supply Chain to Factory Security: The focus of this breakout is what is sometimes called “through the perimeter” security. This is security of a manufacturing organization when working with suppliers, customers, service providers, and other outside entities. The focus was on the future of manufacturing, where interconnectivity will be more prevalent, and data and access will shared on a deeper level.

Day 2 addressed cyber intelligence with the aim to investigate manufacturing-specific challenges in collecting, analyzing, and distributing threats, indicators, and adversaries. The appropriate security posture for manufacturers as well as the mechanics of performing the intelligence operations will be discussed. The role of academia, manufacturers, and different agencies in the government was also  covered. Breakout groups covered the following three topics:

  • Intelligence Gathering: This breakout focused on collecting, centralizing, and prioritizing threats and indicators, sourced both from manufacturers and academia. This included the mechanics of how to best perform this, the privacy barriers, and the structure of public-private partnerships that can best accelerate manufacturing specific intelligence gathering.
  • Intelligence and Adversary Assessment: This breakout focused on assessment of an adversary’s capabilities, intentions and activities, and using that assessment to inform manufacturers’ overall security posture. The discussion focused on the mechanics of the information transfer, but rather on the type of information and the role government defense and intelligence agencies can perform to assist manufacturers in defining their security priorities and overall posture.
  • Intelligence Sharing: This breakout focused on sharing cyber threats, indicators, priorities and strategies. This was discussed for manufacturer-to-manufacturer, government-to-manufacturer, and academia-to-manufacturer channels of information.

MForesight Event Page

Agenda

March 14, 2017 (Tuesday)

07:30 AM Breakfast | Ernest Hemingway Salon
08:00 AM Check-in Begins | F. Scott Fitzgerald DE
08:30 AM Keynote: Kenneth Krieg | F. Scott Fitzgerald DE
09:00 AM Introductions | F. Scott Fitzgerald DE
09:30 AM Expected Outcomes | F. Scott Fitzgerald DE
09:45 AM Key Challenges | F. Scott Fitzgerald DE
10:00 AM BREAK | Perfunction D
10:15 AM Breakout 1 | Ernest Hemingway Salon 1, 2, and 3

Break down key challenges into specific needs and prioritize. Output a list of group’s top priority needs to be addressed.

A. System level security and cyber-resilience
B. Integrity of manufacturing goods from design to the factory floor
C. Machine-to-machine security, especially legacy systems
D. Securely connecting the factory to the supply chain

11:15 AM Group Outputs and Discussion | F. Scott Fitzgerald DE
12:00 PM Lunch and Networking | Pinzimini Dining Room 1 & 2
01:30 PM Priority R&D and Implementation Gaps to Address | F. Scott Fitzgerald DE
01:45 PM Breakout 2 | Ernest Hemingway Salon 1, 2, and 3

Explore potential solutions to fill gaps. Recommend and prioritize action items to realize solutions. Output key recommendations to be presented in discussion.

02:45 PM BREAK | Prefunction D
03:00 PM Breakout 3 | Ernest Hemingway Salon 1, 2, and 3

Repeat Breakout 2 for a different gap.

04:00 PM Recommendations and Discussion | F. Scott Fitzgerald DE
05:30 PM Cocktail Reception | Ernest Hemingway 1 & 2

March 15, 2017 (Wednesday)

07:30 AM Breakfast | Ernest Hemingway Salon
08:30 AM Today's Objectives | F. Scott Fitzgerald DE
08:40 AM Key Challenges | F. Scott Fitzgerald DE
09:00 AM Breakout 4 | Ernest Hemingway Salon 1, 2, and 3

Define specific needs associated with the challenge. Begin to recommend and prioritize action items to realize solutions.

Challenges:
A. Intelligence gathering: privacy, security, and efficiency
B. Intelligence and adversary assessment
C. Intelligence sharing in the supply chain

10:00 AM BREAK | Prefunction D
10:15 AM Breakout 4 Continued | Ernest Hemingway Salon 1, 2, and 3

Finalize prioritization of action items and prepare recommendations to be presented in discussion.

11:00 AM Recommendations, Discussion and Next Steps | F. Scott Fitzgerald DE
11:55 AM Closing Remarks and Evaluations | F. Scott Fitzgerald DE
12:00 PM Box Lunch and Networking | Pinzimini Dining Room 1 & 2
Speakers
Keynote Speaker:

Ken Krieg, Samford Global Strategies

Horvitz

Ken Krieg runs Samford Global Strategies, a consulting practice focused on helping clients lead and manage through periods of strategic change. He is a member of the Board of Directors of BWXTechnologies, Advantac, Lenovo US, Nexen US,, and the Board of Trustees of LMI, as well as the SSA Board for GlobalFoundries and the Proxy Board for DRS Technologies. He serves on several CEO advisory boards and is also a senior fellow at CSIS. He is an Executive in Residence with Renaissance Strategic Advisors and a member of the Enlightenment Capital Board of Advisors.

He previously served as the Under Secretary of Defense for Acquisition, Technology and Logistics from June 2005 to July 2007. In that role, Mr. Krieg was responsible for advising the Secretary of Defense on all matters relating to the DoD acquisition system, research and development, advanced technology, developmental test and evaluation, production, logistics, installation management, military construction, procurement, environmental security, nuclear, chemical, and biological matters.

Before his appointment to USD (AT&L), Mr. Krieg served at the Department of Defense as Special Assistant to the Secretary and Director for Program Analysis & Evaluation. In this capacity, he led an organization that provides independent advice to the Secretary of Defense on a range of areas including defense systems, programs and investment alternatives as well as providing analytic support to planning and resource allocation.

He joined the Department of Defense in July 2001 to serve as the Executive Secretary of the Senior Executive Council (SEC). The SEC, comprised of the Secretary, Deputy Secretary, Service Secretaries and Under Secretary (AT&L), was responsible for leading initiatives to improve the management and organization of the Department of Defense.

Prior to joining the Department of Defense, Mr. Krieg worked for International Paper, most recently as Vice President and General Manager of the Office and Consumer Papers Division. He had responsibility for the company’s $1.4 billion retail, commercial office and consumer papers businesses. During his 11 years with IP, Mr. Krieg held roles as special assistant to the Chairman and CEO and in marketing, sales and business management and was actively involved in the merger of three major paper companies into International Paper.

Before moving to industry, Mr. Krieg worked in a number of defense and foreign policy assignments in Washington, DC, including positions at the White House, on the National Security Council Staff, and in Office of the Secretary of Defense.

Mr. Krieg received his BA degree in history from Davidson College and his Masters in Public Policy from the Kennedy School of Government at Harvard University.

Organizers
Michael Russo – Executive Committee Chair, MForesight
Sridhar Kota – Executive Director, MForesight
Jim Davis – UCLA and MForesight Leadership Council
Ann Drobnis – Director, CCC
Kevin Fu – University of Michigan and CCC Council
Greg Hager – Johns Hopkins and CCC Council

Sponsors


M Foresight logo
CCC-Fallback
CRA - Uniting Industry, Academia and Government to Advance Computing Research and Change the World.
CCC - Catalyzing the computing research community and enabling the pursuit of innovative, high-impact research.
Increasing the Success and Participation of Underrepresented Groups in Computing Research.
CRA-E - Addressing society’s need for a continuous supply of talented and well-educated computing researchers.
CERP - Promoting diversity in computing through evaluation and research.
Increasing interaction between industry partners and other organizations involved in computing research for the benefit of all.
CRA Home | Contact Us | Unsubscribe/Removal of Information | Terms of Use         © Copyright 2021 - CRA
Cyber-Social Learning Systems Workshop 3 AAAI Symposium on AI for Social Good
Scroll to top