George Mason University
University of North Carolina Charlotte
Last Reviewed: (not done)
University of North Carolina Charlotte (lead)
George Mason University
The Center is a multi-University National Science Foundation Industry/University Cooperative Research Center being established in 2013. The Center is a Government and industry supported research effort focused on configuration analytics and automation capabilities and their integration for the efficient, accurate and timely operations management and defense of complex Enterprise IT/Cloud systems environments. The research is directed by an Industry Advisory Board process established by the Center members.
The Center for Configurations Analytics and Automation (CCAA) has been officially renamed as the Center for Cybersecurity Analytics and Automation as it begins Phase 2 in occordance with the approved mission and vision. The mission is to build the critical mass of inter-disciplinary academic researchers and industry partnerships to undertake pre-competitive research that addresses the current and future challenges of analytics and automation. The research objectives are focused on improving enterprise IT system management, security, resiliency, service assurability and performance, and the application of innovative analytics and automation to complex networked systems. The applicable domains for this research include complex enterprise IT environments, Cloud and data centers, hybrid and cyber-physical systems, smart critical infrastructures, mission-oriented networks (sensor-actuator networks), software defined networks, social networks and mobile systems. CCAA will emphasize, encourage and develop top-quality graduates with knowledge and experience in this field.
As a continuingly core component of a Cybersecurity framework, configuration management and analytics is an essential capability required to maintain the performance, availability, security and resiliency of complex networks of information system and services. A ‘Forrester Thought Leadership Paper’ of 2011 commissioned by IBM noted, “Technology use is exploding, driving an exponential increase in the complexity of IT operations while pushing beyond the limits of manual infrastructure management.” The configuration complexity places a heavy burden on organizations and experienced enterprise administrators, and dramatically reduces overall network assurability and usability. Further, U.S. Government strategic directions within a DHS 2011 paper focused on creating distributed security in cyberspace stated “Automation is one of the three interdependent building blocks of a healthy cyber ecosystem, along with interoperability and authentication.” Assuring the configuration of devices can be known, analyzed and managed is fundamental to emerging concepts of automated and agile defense, which is viewed as an essential mechanism for future systems. Analytics that are focused and integrated to achieve this objective is one challenge the research community must address.
Configuration Analytics and Automation
The CCAA NSF award for this collaborative project is effective June 1, 2013 through May 31, 2018. The specific research projects to be undertaken within CCAA are to be presented to the initial Industry Advisory Board (IAB) in August 2013. The results of a planning meeting held in June 2012 with prospective members and subsequent discussions indicated industry’s initial interest for the CCAA research direction are those with a particular emphasis on analytics which can be accomplished and supported through automation capabilities. Research projects being refined include those focused on;
- Analytics focused on predictive analytics that have the ability to learn risks and threats to the enterprise IT environment without manually inputting data. Fusion of a broad range of enterprise related data automatically in machine readable form to support a variety of analytics that can direct automated defensive actions.
- Automating the configuration design process objectively (using measurable metrics) to determine cost-effective security, agility and resiliency counter-measure pattern for each flow to address the issue of identifying residual risk due to incomplete requirements by using hypothesis generation and evaluation and interactive analytics.
- A holistic evaluation of system security and resiliency using formal quantifiable metrics to measure and improve the interconnected configuration of information systems.
- Formal (provable) analytics techniques for defining, verifying and validating system requirements such as service level agreement for large-scale complex system of systems such as cloud data centers, software defined networks and smart grid environments and determining the effectiveness of various analytic methods.
University of North Carolina Charlotte: There are labs and computing facilities which can be used for conducting development and experimentation for the CCAA research projects. Laboratories and test environments at UNC Charlotte include those within the Cyber Defense and Network Assurability (CyberDNA) Center, Smart Grid Lab, Data Privacy Lab, Usable Security Labs, and Network Forensic Lab. These are maintained by Department of Software and Information Systems (SIS) and the College of Computing and Informatics (CCI) also hosts a large cluster of high-end multi-processor machines for analytics and intensive-centric computing. State-of-the-art equipment from Cisco, which includes firewalls, IDS, IPS, QoS routers and wireless access points are available.
CCI and SIS research centers and labs include the Visualization Center, Bioinformatics Center, Forensics Lab, Laboratory of Information Integration, Data Privacy, Intelligent Multimedia and Interactive Systems and the Human Computer Interaction Lab. UNC Charlotte campuses are connected together via the Internet and dedicated high-speed links. The SIS has a network of over 200 Unix, Mac and Windows workstations. Over 4TB of disk space is available on the network. In addition, CCAA can utilize the computational facilities and software of the UNC Charlotte College of Engineering’s Mosaic system of networked PCs and workstations. This environment offers access to an extensive software library of engineering analysis and design programs.
The UNC Charlotte research computing cluster managed by the University Research Computing (URC) group offers the capability to run computationally-intensive codes with highly-refined models. Currently, the facility offers a 108 CPS cluster with access to 2TBs of dedicated network attached storage. The university also has an academic site license for the National Instruments LabVIEW software development environment with a full suite of toolkits for advanced instrumentation and real-time analysis.
George Mason University: George Mason University maintains well equipped and state-of-the-art computing facilities for instruction and research. The facilities include mainframes and workstations from a variety of vendors, Unix-based laboratories, PC-based laboratories, and special purpose research laboratories organized around various research centers. Except for special circumstances, these machines are connected to each other via the MasonNet campus-wide local area network and to the Internet.
All work under this project will be performed at the Center for Secure Information Systems (CSIS), a facility that is physically secured from the general university population. If needed, we have the capability of maintaining the center’s computing infrastructure on its own separate subnet, which we can secure with respect to the university backbone network. The Center is located in over 4000 square feet on the 4th floor of the Research Hall building – Mason’s first totally dedicated research facility. CSIS space includes state-of-the-art computing laboratories, equipped with high-performance rack-mounted Sun Blade servers, machine virtualization technology, wireless network devices, and other hardware/software for network testbed applications.