6th Cybersecurity Pre-Workshop Tutorials (2018)

Cybersecurity: From Requirements to Test & Evaluation

Program Guide (UPDATED)

Technical Track Session Schedule

March 6 - Pre-Workshop Tutorials

March 7-8 - Workshop Plenary and Technical Track Sessions

Hosted by the ITEA Emerald Coast Chapter

 NOTE: Tutorials require a separate fee from the Workshop.

  • Single 4-hour Tutorial - $205
  • Two 4-hour Tutorials - $385 (use discount code "TWO-Tutorials" at check out)

Register for ITEA Tutorials HERE




Cybersecurity Test & Evaluation

Instructor: Mr. Pete Christensen – Director, Cyber Support to OSD Programs, The MITRE Corporation

Now more than ever, Program Managers (PM) must ensure that cybersecurity be given careful consideration throughout the system lifecycle. Specifically, this includes identifying cybersecurity requirements early in the acquisition and systems engineering lifecycle. Initiating a focus on cybersecurity earlier will provide PMs the opportunity to give careful consideration, upfront, to related cybersecurity testing activities that can be integrated into the engineering planning and design phases. Results of informal cybersecurity testing can then be applied to influence design and development efforts and to posture programs for success in Developmental Test (DT) and Operational Test (OT). The Deputy Assistant Secretary of Defense (DASD) Developmental Test and Engineering (DT&E) has collaborated with key systems engineering stakeholders to develop disciplined processes that will assist Program Managers (PM) in implementing an incremental and iterative phased approach to develop cyber secure systems. The National Cyber Range (NCR), under the purview of the Test Resource Management Center (TRMC), is a resource that can be leveraged by PMs to support cybersecurity testing. This presentation will provide an overview of the cybersecurity test and evaluation phased approach and the NCR.

How to Use Data Mining Methods to Better Detect Cyber Attacks

Instructor: Thomas A. Donnelly, PhD, CAP, SAS Institute, Inc.

This tutorial will primarily focus on learning how to effectively apply various data mining methods to existing internet traffic data with known cyber attacks to build scoring models to monitor new traffic to flag potential attacks.  Data mining methods to be discussed include decision trees, logistic regression, penalized regression, and neural networks.  Model averaging and the building of ensemble models will be shown to improve prediction over individual models.  Effective methods to prevent overfitting models to data will be presented.  The data mining methods taught can effectively be used with any large data sets in the T&E community such as databases of sensor data.

Planning and Executing Cyber Table Tops, Facilitator Training

Instructor: Ms. Sarah Standard, Cybersecurity/Interoperability Technical Director, DASD DT&E

The primary objective of the Cyber Table Top (CTT) Facilitator Training Workshop is to build the knowledge, skills and abilities that will allow trainees to successfully construct, coordinate, organize, and execute a Cyber Table Top (CTT) exercise. The primary audience for this training are those personnel who will facilitate and moderate CTT’s for their program, command. The training will include tips, tools, and resources for CTT facilitators as well as a practical example of the process and outputs.


Identifying Requirements and Vulnerabilities for Cybersecurity; or How We Learned to Stop Worrying and Love the Six-Phase Cybersecurity T&E Process

Instructor: Michael Lilienthal, PhD, CTEP, Director of Cyber and Navy Programs, Electric Warfare Associates, and Mr. Patrick Lardieri, Lockheed Martin Corporation

Many Service acquisition, System Engineering (SE), and Test and Evaluation (T&E) teams are starting to move their programs from “checklist information assurance or compliance” cyber security approach to a proactive, iterative risk management process with the goal of ensuring personnel can still carry out their duties in a cyber contested environment. Many people are struggling to formulate a practical and effective approach to develop requirements and a plan to incorporate cyber security into their SE and T&E activities using the recent spate of cybersecurity policies and guidelines released by the Office of the Secretary of Defense (OSD). This tutorial will step using the Navy’s Cyber Table Top (CTT) Wargaming Process and the National Cyber Range’s cyber security evaluation testing process as an approach to gain actionable cyber threat understanding. The tutorial will also show how the use of the CTT and the NCR support execution of DOT&E’s Six Phase Cybersecurity T&E process. The CTT (which has been adopted by the Navy) is a rigorous, intellectually intensive and interactive data collection and analysis process that introduces and explores the potential effects of cyber offensive operations on the capability of a system to carry out its designed functions. It produces a prioritized list of actionable recommendations to support more informed decisions and tradeoffs in a fiscally constrained environment. Personnel using the process are better able to identify threat vectors, understand the vulnerabilities and mission risks of their system under development, and understand cyber threat consequences categorized by their impact and their likelihood of successful attacks. This helps scope the cyber security testing done at the NCR and other places. The tutorial will also show how the use of the cyber wargaming process in conjunction with the NCR will inform systems engineers on tradeoffs and potential workarounds to prevent or minimize cyber effects. The tutorial is based on the lessons learned from using the process and the NCR to support NAVAIR and SPAWAR acquisition programs. It is intended for use by Acquisition Program Management Offices, Systems Engineers, Chief Developmental Testers, and Lead Developmental Test and Evaluation (DT&E) Organizations.

Mission Threat Analysis and Cybersecurity

Instructors: James Wells, Deputy Director for Cyberspace and Homeland Security Enterprise Systems, Office of Test and Evaluation, Science and Technology Directorate, Department of Homeland Security, and Alex Hoover, Deputy Director for Cybersecurity Engineering, Office of Systems Engineering, Science and Technology Directorate, Department of Homeland Security

For cybersecurity to not be a “bolt-on” to the development effort, it must be considered as part of the holistic security requirements process.  This tutorial will walk through an integrated threat analysis process that treats cyber capabilities as a combined-arms part of threats’ overall capabilities to subvert and exploit government missions supported by information technology.  Specific points to be addressed and discussed are:

  • Starting with the operational compromise baseline vice a historical list of cyber events
  • Characterizing the potential mission impacts of all the threat’s capabilities
  • Identifying which portions of the threat’s intent are likely to be carried out in cyberspace
  • Mapping the relevant potions of the threat’s intent to the technical and data architecture
  • Using the attack surface as the basis for adversarial
  • Defining the evaluation boundaries in terms of initial conditions for adversary TTP
  • Designing cyber events into the performance space for effectiveness and suitability evaluation
  • Scoping an appropriate Rules of Engagement for the adversarial team
  • Integrating live, virtual, and constructive adversarial analysis into a composite cyber evaluation

The threat analysis topics will be discussed from a government leadership and management perspective, focusing on what to get done rather to what to do at an implementation level.

Fundamentals of Hardware Security and Assurance

Instructor - Mr. Jason Vosatka - USAF/96TW

The world of Cybersecurity is rapidly evolving with emerging threats and new vulnerabilities being exploited every day.  The traditional Computer Science perspective of Cybersecurity focuses on software and networking, and relies on an inherent trust of the underlying hardware.  However, the argument that hardware is inherently trustworthy is no longer accurate.  Over the past decade, there has been a dramatic shift in the business models of design companies as they move from organic in-house capabilities towards an outsourced global marketplace.  Companies are now being forced to rely on untrusted foundries and vendors to supply hardware, intellectual property, and other components that are integrated into electronic systems.  These trends and dependencies are creating unprecedented attack surfaces for adversaries; therefore resulting in new risks to the hardware comprising all electronic systems.

In this tutorial, we focus on learning the fundamental concepts of Hardware Security and Assurance of Microelectronics.  This tutorial provides an insight into Counterfeit Integrated Circuits affecting supply chains, Hardware Trojan attacks and countermeasures, and Side-Channel Analysis techniques regarding extraction of sensitive information.  We will also cover intrinsic hardware security primitives such as Physically Unclonable Functions, offensive physical attacks such as Reverse Engineering of ICs and Printed Circuit Boards, as well as defensive techniques of Hardware Metering and Split-Manufacturing.  We also touch on other topics including basics of cybersecurity, applied cryptography, cross-layered systems security. 

If you are curious about the following questions, this course is for you:

    1. How do we test and evaluate the hardware components and chipsets (e.g., ASIC, FPGA, SoC, MPU/MCU, PCB) that are installed into electronic systems to determine if they are genuine or counterfeit?
    2. How can malicious modifications, tampering, and backdoors in hardware jeopardize the security of trusted platforms?
    3. How do we research and analyze electronic systems for leakage (e.g., power, timing, EMI/RF) of sensitive information?

The goal of this tutorial is for students to gain an introductory education of this emerging hardware-centric domain of Cybersecurity.  It will be taught from the Electrical & Computer Engineering perspective, which is a novel departure from the conventional Computer Science viewpoint.  This tutorial will span several topics and dive into specific aspects offering both academic theory and real-world examples; all without the rigorous mathematics.  It will not cover policies and procedures, but the topics covered will better educate the Test & Evaluation community.  Target audience:  anyone interested in this growing domain of Cybersecurity.

International Test and Evaluation Association (ITEA) | E-mail: info@itea.org | www.itea.org © 2015 | All Rights Reserved.
4400 Fair Lakes Court, Suite 104, Fairfax, VA 22033-3899 | Phone: 703-631-6220 | Fax: 703-631-6221
See ITEA on Facebook Visit ITEA on LinkIn Web Graphic Design of Warrenton, VA - Hosting and Construction by Moe Technologies (MoeTec)