Cyber Security and Information Systems Information Analysis Center

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Cyber Security and Information Systems Information Analysis Center (CSIAC) is a United States Department of Defense (DoD) Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC). The CSIAC is a consolidation of three predecessor IACs: the Data & Analysis Center for Software (DACS), the Information Assurance Technology IAC (IATAC) and the Modeling & Simulation IAC (MSIAC), with the addition of the Knowledge Management and Information Sharing technical area.[1]

CSIAC, one of three IACs sponsored by DTIC,[2] performs the Basic Center of Operations (BCO) functions necessary to fulfill the mission and objectives applicable to the DoD Research, Development, Test and Evaluation (RDT&E) and Acquisition communities’ needs.[3] These activities focus on the collection, analysis, synthesizing/processing and dissemination of Scientific and Technical Information (STI).

The BCO functions, specifically the collection and dissemination of STI, produce several valuable resources (e.g., reports, tool databases, data collections, etc.) in the CSIAC's core technology areas (Cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation, and Knowledge Management/Information Sharing).

CSIAC's mission is to provide the DoD with a central point of access for Information Assurance and Cybersecurity to include emerging technologies in system vulnerabilities, R&D, models, and analysis to support the development and implementation of effective defense against information warfare attacks.[4]

The CSIAC is chartered to leverage best practices and expertise from government, industry, and academia on cyber security and information technology.

History[edit]

The United States is vulnerable to Information Warfare attacks because our economic, social, military, and commercial infrastructures demand timely and accurate as well as reliable information services. This vulnerability is complicated by the dependence of our DoD information systems on commercial or proprietary networks which are readily accessed by both users and adversaries. The identification of the critical paths and key vulnerabilities within the information infrastructure is an enormous task. Recent advances in information technology have made information systems easier to use, less expensive, and more available to a wide spectrum of potential adversaries.

The security of our nation depends on the survivability, authenticity, and continuity of DoD information systems. These systems are vulnerable to external attacks, due in part to the necessary dependence on commercial systems and the increased use of the Internet. The survivability, authenticity, and continuity of DoD information systems is of supreme importance to the Warfighter. With the increasing amount of concern and Information Warfare activities requiring rapid responses, it is difficult to ensure that all appropriate agencies and organizations are given the knowledge and tools to protect from, react to, and defend against Information Warfare attacks. CSIAC has been established under the direction of the Defense Technical Information Center and the integrated sponsorship of the Assistant Secretary of Defense for Research and Engineering (ASDR&E); Assistant to Secretary of Defense/Networks and Information Integration; and the Joint Chiefs of Staff.[5]

CSIAC serves as a central authoritative source for Cyber Security vulnerability data, information, methodologies, models, and analyses of emerging technologies relating to the survivability, authenticity, and continuity of operation of Information Systems critical to the nation's defense in support of the agencies' frontline missions.[5]

CSIAC operates as a specialized subject focal point, supplementing DTIC services within DoD Directive 3200.12, DoD Scientific and Technical Information Program (STIP), dated February 11, 1998.[6]

DTIC Realignment and Restructuring[edit]

Given the evolving Defense environment, as well as recent congressional guidance, the Defense Technical Information Center (DTIC) recognized an opportunity to reshape the IACs to better respond to DoD mission needs. As a result, DTIC is realigning and consolidating the IAC program structure to achieve several objectives:

  • Expand the IAC program scope and increase synergy across related technology areas
  • Increase opportunities for small business
  • Expand the industrial base accessible through the IACs[7]

To achieve these objectives, DTIC is forming new, consolidated IAC Basic Centers of Operation (BCOs). The BCOs are managed by both industry and academia. The DoD establishes IAC BCOs in areas of strategic importance, such as cyber security and information systems. An IAC BCO serves as the center for its technical community, and as such must maintain connection with all of the key stakeholders within that community, in order to understand on-going activities, current information, future strategies and information needs.

This mission remains unchanged in the new IAC structure. However, what the new approach brings is expanded scope, increased focus on technical information needs, and enhanced agility, as the Defense environment continues to evolve.

BCOs will still analyze and synthesize scientific and technical information (STI). However, they also are to take on an expanded role in program analysis and integration by assessing and shaping nearly $6 billion in Technical Area Tasks (TATs). TATs are a companion offering of the IAC Program, by which DTIC leverages industry and academia’s best and brightest to conduct research and analysis, developing innovative solutions to the most challenging requirements. IAC BCOs will ensure consistency with and reduce duplication of prior or other ongoing work and by helping to ensure TATs are more responsive both to customer needs and broader DoD imperatives. BCOs also are to ensure that TAT results are properly documented and made available for broad dissemination. This approach both achieves cost savings and reduces risks, ensuring that in this time of shrinking budgets and evolving requirements, the Defense community leverages all available knowledge to identify and implement innovative solutions.

Creation of CSIAC[edit]

The CSIAC BCO represents the first awarded BCO under the new DTIC structure. As its name suggests, CSIAC's main technical focus is in Cyber Security and Information Systems. CSIAC merges the software engineering technology area of the DACS, the modeling & simulation technology area of the MSIAC, and the information assurance technology area of the IATAC. It will also address two new technology focus areas: knowledge management and information sharing. Additionally, CSIAC will expand into other areas of importance and closely monitor new technologies as they emerge.[7]

Steering Committee[edit]

CSIAC operates under the direction of our Government Steering Committee. The committee is made up of 19 individuals from Government, DoD and the research and development (R&D) community, including representation from the Defense Information Assurance Program (DIAP), Joint Task Force for Global Network Operations (JTF-GNO), National Security Agency (NSA), Naval Postgraduate School (NPS), Office of the Secretary of Defense (OSD), and the Navy Information Operations Command - Norfolk, to name a few. The steering committee meets once a year and provides input and feedback to CSIAC's operations, particularly our information collection and information dissemination efforts. Additionally, the topics of the technical reports that CSIAC authors are dictated by the Steering Committee.[5]

Sponsors[edit]

The Cyber Security and Information Systems Information Analysis Center (CSIAC) is a U.S. Department of Defense Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC), and Assistant Secretary of Defense for Research and Engineering(ASDR&E). CSIAC is hosted by Quanterion Solutions Incorporated.

Team Members[edit]

The CSIAC team members consists of a BCO, Tier 1 team members, and Tier 2 team members.

BCO[edit]

Quanterion Solutions Incorporated, a small business in Utica, New York was awarded the CSIAC contract in fall of 2012.[8]

Tier 1 Team Members[edit]

Tier 2 team members[edit]

In addition to the Tier One team members, the CSIAC team includes Tier Two organizations, that provide reach-back support with subject matter experts (SMEs) that assist with technical inquiries, State-of-the-Art reports (SOARs), and core Analysis Tasks (CATs). The Tier 2 organizations of the CSIAC team include:

Services[edit]

Community of Practice[edit]

CSIAC's strategy to address the broadened scopes of the three IACs (DACS, IATAC, MSIAC), as well as the new areas of knowledge management and information sharing is to build and facilitate a Community of Practice (CoP) for the cyber security and information systems community.[7]

The CSIAC website (www.thecsiac.com) provides the infrastructure for the CoP and serves as the catalyst. The CSIAC website is member driven and encourages participation from the CSIAC community supported by CSIAC resources and activities. The website emphasizes unifying CSIAC resources and its members by supporting conversions and collaborations.[7]

The CoP supports the entire operation of the CSIAC, including information collection, analysis, and dissemination.[7]

Subject Matter Expert (SME) Network[edit]

CSIAC's Subject Matter Expert (SME) Network is one of the most valuable resources to the user community.[citation needed] They provide a wealth of knowledge and information to the center through a variety of means. For example, SMEs are the main contributors of journal articles and webinar presentations. They are also available to respond to inquiries, assist with State-of-the-Art reports (SOARs), and perform research and analysis to support Core Analysis Tasks (CATs).[14]

SME qualifications[edit]

CSIAC SMEs are those individuals who are considered to be experts in the fields that fall within the CSIAC's technical domain (i.e., cybersecurity, information assurance, software engineering, Modeling & Simulation, and Knowledge Management/Information Sharing). No single criterion provides the basis for being considered an expert, but instead it is based on a combination of factors, including an individual’s:

  • Education (i.e., undergraduate, graduate and doctoral degrees)
  • Work experience (years in the field, positions held, past programs, etc.)
  • Publications[14]

The database consists of a wide range of SMEs from various backgrounds. Among those are members of the CSIAC's technical staff, key individuals from team member organizations, retired senior military leaders, leading academic researchers, and industry executives.

Technical inquiries[edit]

The CSIAC provides up to four hours of free technical inquiry research to answer users’ most pressing technical questions. Technical inquiries submitted online are sent directly to an analyst who identifies the staff member, CSIAC team member, or Subject Matter Expert (SME) that is best suited to answer the question. The completed response will be sent to the user, and can take up to 10 working days; though they are typically delivered sooner.[15]

Core Analysis Task (CAT) program[edit]

Challenging technical problems that are beyond the scope of a basic inquiry (i.e., require more than four hours of research) can be solved by initiating a Core Analysis Task (CAT). CATs are separately funded work efforts over and above basic CSIAC products and services. Through the CAT program, the CSIAC can be utilized as a contracting vehicle, enabling the DoD to obtain specialized support for specific projects. These projects, however, must be within the CSIAC’s technical domain (cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation, and Knowledge Management/Information Sharing).[16]

Some of the advantages of the IAC CAT program include:

  • Minimal start-work delay – Not only does the CSIAC provide DoD and other agencies with a contract vehicle, but it is also a pre-competed single award CPFF IDIQ. Work can begin on a project in as little as 4–6 weeks after the order is placed.
  • Expansive Technical Domain – the CSIAC’s broad scope (Cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation and Knowledge Management/Information Sharing) provides numerous resources for potential projects, and is especially valuable for efforts that cross multiple domains.
  • Subject Matter Expert (SME) Network – The CSIAC is able to leverage reach-back support from its expansive SME Network, including technical experts from the CSIAC staff, team members, or the greater community, to complete CATs and other projects.
  • Scientific and Technical Information (STI) Repositories – As a consolidation of three predecessor IACs, the CSIAC has a wealth of data and information to support the completion of CATs.
  • Apply the Latest Findings – Draw from the most recent studies performed for agencies across the DoD, as the results from all CSIAC CATs and SNIM Technical Area Tasks (TATs) are collected, stored and used to support future efforts by the CSIAC.[16]

Scientific and Technical Information (STI) Program[edit]

CSIAC collects IA/DIO related STI to share with the DoD, other federal agencies, their contractors, and the research and engineering (R&E) community. The STI program is governed by DoD Directive 3200.12, DoD STI Program.[17]

CSIAC has thousands of IA/DIO-related documents in their technical repository.[18] This collection is a combination of both classified and unclassified material. All of CSIAC's documents are uploaded to DTIC Online Access Control (DOAC), which is an online repository of STI from all of DTIC's IAC's.[19]

CSIAC's library facilitates knowledge sharing between diverse groups and organizations, and all STI is readily accessible to the IA/DIO community within the classification and secondary distribution instructions.[20]

All STI collected by CSIAC is relevant to IA/CS research, development, engineering, testing, evaluation, production, operation, use, or maintenance. STI is collected in many forms including text-based documents, multimedia, and rich media files. Some topic areas include: Biometrics, Computer Network Attack, Computer Network Defense, Cyber Terrorism, Hacking, Information Warfare, Network-centric Warfare, Malicious Code, Product Evaluations, among others. CSIAC collects unclassified submissions from across all of the IA/CS community.

Events Calendar[edit]

The CSIAC maintains an online calendar of events related to the interests of its members. The Events Calendar is also available as an RSS feed or a HTML viewable from the CSIAC website.[21]

Products[edit]

S2CPAT[edit]

Software & Systems Cost & Performance Analysis Toolkit (S2CPAT) is a web-based toolkit with the goal of capturing and analyzing software engineering data from completed software projects that can be used to improve:

  • the quality of software–intensive systems
  • the ability to predict the development of software–intensive systems with respect to effort and schedule[7]

S2CPAT currently allows users to search for similar software projects and use the data to support:

  • Rough order of magnitude estimates for software development effort and schedule
  • Project planning and management: life cycle model information, key risks, lessons learned, templates, estimation heuristics
  • Software engineering research[7]

The S2CPAT repository contains Software Resources Data Report (SRDR) data provided by the US Air Force. This data has been sanitized for public release by DoD and validated by a DoD-funded academic research team.[22]

Reports[edit]

CSIAC publishes three types of reports on current Cyber Security and Information Systems topics:

  1. State-of-the-art Reports (SOAR) investigate developments in IA issues. Past SOAR topics include: Insider Threat,[23][24] Software Security Assurance,[25] Risk Management for the Off-the-Shelf Information Communications Technology Supply Chain,[26] and Measuring Cyber Security and Information Assurance.[27]
  2. Critical Reviews and Technology Assessments (CR/TA) evaluate and synthesize the latest available information resulting from recent R&D findings. They offer comparative assessments of technologies and/or methodologies based on specific technical characteristics.[28] Topics include Wireless Wide Area Network (WWAN) Security, Network-Centric Warfare, and Biotechnology.
  3. Tools Reports outline a current technology and provide an objective listing of currently available products.[28] Topics for tools reports include firewalls, vulnerability assessment, Intrusion Detection Systems, and malware.

Journal[edit]

CSIAC's Journal of Cyber Security & Information Systems is a quarterly technical journal written from a DoD perspective and contains the following: synopses and critiques of significant, newly acquired reports and/or journal articles; summaries of the initiation of new R&D programs; listing or calendar of future conferences, symposia, etc.; and summaries of significant technological breakthroughs and significant new technological applications and highlights of any other outstanding developments. News from various DoD CSIAC programs that would be of interest to other DoD organizations may also be included. The journal is distributed in print and electronic format to registered CSIAC subscribers free of charge and is available for viewing and download from the CSIAC website.[29]

Journal sources are direct invitations, publishing "Call for Papers", and unsolicited submissions. Direct invites are the most common method, usually by contacting conference presenters and asking if they could write something based on their presentation. Authors are solicited for their expertise or experience relative to the theme of the journal issue.

IA Digest[edit]

The CSIAC's Information Assurance (IA) Digest is a semi-weekly news summary for information assurance and software reliability professionals protecting the global information grid (GIG). It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cyber security, information assurance, and information systems topics.[29]

Webinars[edit]

References[edit]

  1. ^ "DoD Information Analysis Centers". 
  2. ^ "DTIC.mil". Retrieved 22 August 2013. 
  3. ^ "SNIM PWS". 
  4. ^ "About the CSIAC". 
  5. ^ a b c "CSIAC History". 
  6. ^ "DoD Directive NUMBER 3200.12" (PDF). 
  7. ^ a b c d e f g Zember, Christopher. "Welcome to the New and Enhanced Cyber Security and Information Systems Information Analysis Center - CSIAC" (PDF). Journal of Cyber Security & Information Systems. Retrieved 22 August 2013. [permanent dead link]
  8. ^ "CSIAC Team Members". 
  9. ^ "Home - SURVICE Engineering Company". Retrieved October 5, 2016. 
  10. ^ "WetStone Technologies, Inc. - Home". Retrieved October 5, 2016. 
  11. ^ "Home - Aptima". Retrieved October 5, 2016. 
  12. ^ "Minerva Engineering - Engineering Excellence for the Warfighter". Retrieved October 5, 2016. 
  13. ^ "Home - Griffiss Institute". Retrieved October 5, 2016. 
  14. ^ a b "CSIAC Subject Matter Expert (SME) Network". 
  15. ^ "theCSIAC.com - Submit a Technical Inquiry". 
  16. ^ a b "Core Analysis Task (CAT) Program". CSIAC. Retrieved 23 August 2013. 
  17. ^ http://biotech.law.lsu.edu/blaw/dodd/corres/pdf2/d320012p.pdf
  18. ^ http://www.surviac.wpafb.af.mil/csiac/download/Vol7_No4.pdf
  19. ^ "DTIC Online Access Controlled". Dtic.mil. Archived from the original on 2011-10-23. 
  20. ^ Goertzel et al. (2010) CSIAC's Critical Role in Cyber Security, SoftwareTech News, Vol. 13 No. 2
  21. ^ "CSIAC Events". Retrieved 23 August 2013. 
  22. ^ "Welcome to S2CPAT". 
  23. ^ Gabrielson et al. (2008) The Insider Threat to Information Systems, An CSIAC State-of-the-Art Report.
  24. ^ http://www.pnl.gov/coginformatics/media/pdf/TR-PACMAN-65204.pdf
  25. ^ http://iac.dtic.mil/csiac/download/security.pdf
  26. ^ Goertzel et al. (2010) Security Risk Management for Off-the-Shelf (OTS) Information and Communications Technology (ICT) Supply Chain, An CSIAC State-of-the-Art Report.
  27. ^ "404w Page Not Found (DTIC)" (PDF). Retrieved October 5, 2016. 
  28. ^ a b "CSIAC-Reports". iac.dtic.mil. Retrieved August 23, 2013. 
  29. ^ a b "CSIAC FAQs". CSIAC. Retrieved 23 August 2013. 

External links[edit]