WEBVTT

1
00:00:00.270 --> 00:00:02.340
In this section of the course, we are going

2
00:00:02.340 --> 00:00:05.400
to discuss Specialized System Security.

3
00:00:05.400 --> 00:00:07.410
The specialized system security section

4
00:00:07.410 --> 00:00:11.700
of the course focuses on domain 3, Security Engineering,

5
00:00:11.700 --> 00:00:16.200
specifically objective 3.5, which states that given a set

6
00:00:16.200 --> 00:00:19.770
of requirements, you must be able to secure specialized

7
00:00:19.770 --> 00:00:22.590
and legacy systems against threats.

8
00:00:22.590 --> 00:00:25.770
Securing specialized systems requires addressing the

9
00:00:25.770 --> 00:00:28.260
complexities of older technologies,

10
00:00:28.260 --> 00:00:30.150
particularly in environments

11
00:00:30.150 --> 00:00:33.030
where operational technology is essential.

12
00:00:33.030 --> 00:00:35.580
Operational technology are the hardware

13
00:00:35.580 --> 00:00:37.830
and software systems that monitor

14
00:00:37.830 --> 00:00:41.070
and control physical processes in industries

15
00:00:41.070 --> 00:00:44.970
like manufacturing, utilities, and transportation.

16
00:00:44.970 --> 00:00:48.480
Specialized systems, including operational technology,

17
00:00:48.480 --> 00:00:51.270
present unique challenges due to their age

18
00:00:51.270 --> 00:00:52.860
and critical roles.

19
00:00:52.860 --> 00:00:56.190
Managing specialized systems also involves implementing

20
00:00:56.190 --> 00:00:58.470
strong data handling procedures

21
00:00:58.470 --> 00:01:01.980
and ensuring compliance with regulatory standard.

22
00:01:01.980 --> 00:01:05.010
Both commercial and government sectors must overcome

23
00:01:05.010 --> 00:01:08.820
these challenges to maintain the security, reliability,

24
00:01:08.820 --> 00:01:11.400
and resilience of their vital systems.

25
00:01:11.400 --> 00:01:13.110
As we go through this section,

26
00:01:13.110 --> 00:01:15.000
we will cover many topics related

27
00:01:15.000 --> 00:01:17.010
to specialized system security,

28
00:01:17.010 --> 00:01:20.790
including Specialized Systems, Operational Technology,

29
00:01:20.790 --> 00:01:22.410
Characteristics of Specialized

30
00:01:22.410 --> 00:01:26.280
and Legacy Systems, Security Practices, Data Management,

31
00:01:26.280 --> 00:01:28.950
Compliance and Regulatory Considerations,

32
00:01:28.950 --> 00:01:31.890
Critical Services, Challenges, and Commercial

33
00:01:31.890 --> 00:01:33.660
and Government Challenges.

34
00:01:33.660 --> 00:01:36.750
First, we will look at Specialized Systems.

35
00:01:36.750 --> 00:01:40.260
Specialized Systems are unique purpose-built technologies

36
00:01:40.260 --> 00:01:43.680
such as systems on a chip, embedded systems,

37
00:01:43.680 --> 00:01:47.100
Internet of Things devices, and wireless technologies.

38
00:01:47.100 --> 00:01:49.440
Each of these specialized systems requires

39
00:01:49.440 --> 00:01:51.180
tailored security measures

40
00:01:51.180 --> 00:01:54.180
due to their specific functions and constraints.

41
00:01:54.180 --> 00:01:56.850
System-on-a-Chip technology integrates

42
00:01:56.850 --> 00:01:59.460
all necessary electronic components

43
00:01:59.460 --> 00:02:02.520
into a single chip, requiring security

44
00:02:02.520 --> 00:02:04.920
to be embedded at the hardware level

45
00:02:04.920 --> 00:02:08.220
to protect against physical and cyber threats.

46
00:02:08.220 --> 00:02:10.050
Embedded systems are designed

47
00:02:10.050 --> 00:02:13.650
to perform specific functions within larger devices

48
00:02:13.650 --> 00:02:15.390
and must be securely configured

49
00:02:15.390 --> 00:02:17.820
to prevent unauthorized access

50
00:02:17.820 --> 00:02:20.040
and ensure reliable operation.

51
00:02:20.040 --> 00:02:23.460
Embedded systems include automotive control systems

52
00:02:23.460 --> 00:02:25.170
and smart home devices.

53
00:02:25.170 --> 00:02:29.400
Internet of Things, or IoT devices are widely deployed

54
00:02:29.400 --> 00:02:32.460
and introduced significant security challenges due

55
00:02:32.460 --> 00:02:35.910
to potential vulnerabilities in communication channels

56
00:02:35.910 --> 00:02:38.100
and their extensive connectivity.

57
00:02:38.100 --> 00:02:41.370
Wireless technologies, including radio frequency

58
00:02:41.370 --> 00:02:44.430
or RF, play a crucial role in connecting

59
00:02:44.430 --> 00:02:46.800
Internet of Things devices to the network

60
00:02:46.800 --> 00:02:48.660
and require strong encryption

61
00:02:48.660 --> 00:02:52.410
and security measures to prevent unauthorized access.

62
00:02:52.410 --> 00:02:55.740
For example, in a connected automotive system,

63
00:02:55.740 --> 00:02:58.110
the System-on-a-Chip must be designed

64
00:02:58.110 --> 00:03:00.720
to secure the vehicle's critical functions,

65
00:03:00.720 --> 00:03:03.270
such as engine control and braking,

66
00:03:03.270 --> 00:03:06.900
ensuring they cannot be compromised by external threats.

67
00:03:06.900 --> 00:03:08.940
Embedded systems within the vehicle,

68
00:03:08.940 --> 00:03:11.010
like those managing infotainment

69
00:03:11.010 --> 00:03:12.900
or navigation must be hardened

70
00:03:12.900 --> 00:03:15.060
to prevent unauthorized access.

71
00:03:15.060 --> 00:03:17.370
Internet of Things devices integrated

72
00:03:17.370 --> 00:03:20.040
into the vehicle's ecosystem need protection

73
00:03:20.040 --> 00:03:21.510
against potential breaches

74
00:03:21.510 --> 00:03:25.110
while RF communications used for vehicle to vehicle

75
00:03:25.110 --> 00:03:28.800
or vehicle to infrastructure communication must be encrypted

76
00:03:28.800 --> 00:03:30.120
to maintain the security

77
00:03:30.120 --> 00:03:32.580
and safety of the vehicle's operation.

78
00:03:32.580 --> 00:03:36.420
Next, we will explore operational technology.

79
00:03:36.420 --> 00:03:38.700
Operational technology is the hardware

80
00:03:38.700 --> 00:03:40.920
and software that is often part

81
00:03:40.920 --> 00:03:42.810
of a critical infrastructure.

82
00:03:42.810 --> 00:03:45.090
Operational technology monitors

83
00:03:45.090 --> 00:03:47.190
and controls the physical processes

84
00:03:47.190 --> 00:03:48.810
within the infrastructure.

85
00:03:48.810 --> 00:03:51.570
Operational Technology systems require

86
00:03:51.570 --> 00:03:55.200
robust security measures to protect against disruptions

87
00:03:55.200 --> 00:03:57.090
and unauthorized access

88
00:03:57.090 --> 00:03:58.890
because of the critical processing

89
00:03:58.890 --> 00:04:00.840
that they monitor and control.

90
00:04:00.840 --> 00:04:04.110
Operational technology examples include heating,

91
00:04:04.110 --> 00:04:06.000
ventilation, and air conditioning,

92
00:04:06.000 --> 00:04:10.140
or HVAC systems, industrial control systems

93
00:04:10.140 --> 00:04:14.430
and supervisory control and data acquisition systems.

94
00:04:14.430 --> 00:04:18.000
HVAC systems must be secured to prevent tampering

95
00:04:18.000 --> 00:04:20.970
that could lead to unsafe environmental conditions

96
00:04:20.970 --> 00:04:22.860
for persons or equipment.

97
00:04:22.860 --> 00:04:24.630
Industrial control systems

98
00:04:24.630 --> 00:04:27.570
or ICS manage industrial processes

99
00:04:27.570 --> 00:04:30.090
and are highly vulnerable to cyber threats,

100
00:04:30.090 --> 00:04:31.950
if not properly secured.

101
00:04:31.950 --> 00:04:35.250
Industrial control systems control essential functions

102
00:04:35.250 --> 00:04:37.860
in manufacturing and utilities.

103
00:04:37.860 --> 00:04:40.560
Supervisory control and data acquisition

104
00:04:40.560 --> 00:04:43.230
or SCADA systems are a subset

105
00:04:43.230 --> 00:04:47.010
of industrial control systems used for remote monitoring

106
00:04:47.010 --> 00:04:49.770
and control of infrastructure like power plants

107
00:04:49.770 --> 00:04:51.750
and water treatment facilities.

108
00:04:51.750 --> 00:04:55.230
In practice, securing an industrial control system

109
00:04:55.230 --> 00:04:57.750
that manages an HVAC system

110
00:04:57.750 --> 00:05:01.860
in a large facility would require implementing safeguards

111
00:05:01.860 --> 00:05:03.960
within the supervisory control

112
00:05:03.960 --> 00:05:06.570
and data acquisition network to ensure

113
00:05:06.570 --> 00:05:08.250
that the system remains operational

114
00:05:08.250 --> 00:05:10.380
and protected from cyber attack.

115
00:05:10.380 --> 00:05:13.080
After that, we will look at characteristics

116
00:05:13.080 --> 00:05:15.660
of specialized and legacy system.

117
00:05:15.660 --> 00:05:17.520
The characteristics of specialized

118
00:05:17.520 --> 00:05:21.900
and legacy systems include being obsolete, unsupported,

119
00:05:21.900 --> 00:05:24.510
unsecurable, or highly constrained.

120
00:05:24.510 --> 00:05:26.520
These attributes make them challenging

121
00:05:26.520 --> 00:05:28.890
to protect against modern threats.

122
00:05:28.890 --> 00:05:30.840
Obsolete systems are outdated

123
00:05:30.840 --> 00:05:33.450
and may lack the latest security features,

124
00:05:33.450 --> 00:05:35.250
making them vulnerable to attacks

125
00:05:35.250 --> 00:05:37.440
that exploit known weaknesses.

126
00:05:37.440 --> 00:05:40.980
Unsupported systems no longer receive security updates

127
00:05:40.980 --> 00:05:44.730
or patches increasing the risk of exploitation by attackers

128
00:05:44.730 --> 00:05:47.550
who target these unpatched vulnerabilities.

129
00:05:47.550 --> 00:05:51.900
Unsecurable systems are those that due to design limitations

130
00:05:51.900 --> 00:05:54.810
or age cannot be adequately protected

131
00:05:54.810 --> 00:05:56.820
with current security measures.

132
00:05:56.820 --> 00:06:00.210
Highly constrained systems have limited processing power,

133
00:06:00.210 --> 00:06:04.380
memory, or connectivity, restricting their implementation

134
00:06:04.380 --> 00:06:06.420
of standard security protocol.

135
00:06:06.420 --> 00:06:09.840
Bringing these concepts together, consider an organization

136
00:06:09.840 --> 00:06:12.210
that relies on an unsupported,

137
00:06:12.210 --> 00:06:14.430
highly constrained embedded system

138
00:06:14.430 --> 00:06:16.140
in a critical infrastructure.

139
00:06:16.140 --> 00:06:17.550
This organization would face

140
00:06:17.550 --> 00:06:19.770
significant security challenges

141
00:06:19.770 --> 00:06:23.730
since their system cannot be easily patched or secured.

142
00:06:23.730 --> 00:06:26.490
They would need to employ compensating controls

143
00:06:26.490 --> 00:06:28.440
such as network segmentation

144
00:06:28.440 --> 00:06:32.010
or specialized monitoring to mitigate risks.

145
00:06:32.010 --> 00:06:35.490
Next, we will explore security practices.

146
00:06:35.490 --> 00:06:38.550
Security practices involve implementing strategies

147
00:06:38.550 --> 00:06:41.130
such as segmentation, hardening,

148
00:06:41.130 --> 00:06:44.370
and monitoring to protect specialized systems

149
00:06:44.370 --> 00:06:45.900
from potential threats.

150
00:06:45.900 --> 00:06:47.880
Segmentation divides a network

151
00:06:47.880 --> 00:06:50.130
into smaller isolated segments

152
00:06:50.130 --> 00:06:51.870
to limit the spread of attacks

153
00:06:51.870 --> 00:06:54.180
and reduce the exposure of critical systems

154
00:06:54.180 --> 00:06:56.190
to unauthorized access.

155
00:06:56.190 --> 00:06:59.070
Hardening is the process of securing a system

156
00:06:59.070 --> 00:07:01.170
by reducing its attack surface.

157
00:07:01.170 --> 00:07:03.720
Hardening techniques include disabling

158
00:07:03.720 --> 00:07:07.440
unnecessary services, applying security patches,

159
00:07:07.440 --> 00:07:09.780
and configuring security settings.

160
00:07:09.780 --> 00:07:13.530
Monitoring is the continuous observation of system activity

161
00:07:13.530 --> 00:07:14.910
to detect and respond

162
00:07:14.910 --> 00:07:18.030
to potential security incidents in real time.

163
00:07:18.030 --> 00:07:21.990
When applied to a specialized industrial control system,

164
00:07:21.990 --> 00:07:24.210
network segmentation might be used

165
00:07:24.210 --> 00:07:27.960
to isolate critical components from the broader network.

166
00:07:27.960 --> 00:07:29.820
Hardening measures could be implemented

167
00:07:29.820 --> 00:07:32.100
to secure the system's configuration

168
00:07:32.100 --> 00:07:36.300
and continuous monitoring could ensure that any anomalies

169
00:07:36.300 --> 00:07:37.980
or suspicious activities are

170
00:07:37.980 --> 00:07:40.170
promptly detected and addressed.

171
00:07:40.170 --> 00:07:43.380
Following that, we will look at data management.

172
00:07:43.380 --> 00:07:46.410
Data management involves organizing, protecting,

173
00:07:46.410 --> 00:07:50.880
and analyzing data to ensure its integrity, confidentiality,

174
00:07:50.880 --> 00:07:54.240
and availability within specialized systems.

175
00:07:54.240 --> 00:07:57.450
Data management concepts include aggregation

176
00:07:57.450 --> 00:07:59.250
and data analytics.

177
00:07:59.250 --> 00:08:01.830
Aggregation refers to the process of collecting

178
00:08:01.830 --> 00:08:04.710
and combining data from various sources

179
00:08:04.710 --> 00:08:07.680
to create a single comprehensive data set

180
00:08:07.680 --> 00:08:11.850
that can be analyzed for patterns, trends, or anomalies.

181
00:08:11.850 --> 00:08:15.180
Data analytics involves examining aggregated data

182
00:08:15.180 --> 00:08:19.110
to identify insights, detect potential security threats,

183
00:08:19.110 --> 00:08:21.660
and inform decision making processes.

184
00:08:21.660 --> 00:08:25.500
For example, in a specialized healthcare system,

185
00:08:25.500 --> 00:08:29.580
data from various medical devices may be aggregated into a

186
00:08:29.580 --> 00:08:33.390
central database where data analytics can be used to monitor

187
00:08:33.390 --> 00:08:37.050
for unusual patterns that could indicate a security breach

188
00:08:37.050 --> 00:08:38.850
or system malfunction.

189
00:08:38.850 --> 00:08:41.250
Then we will explore compliance

190
00:08:41.250 --> 00:08:43.440
and regulatory considerations.

191
00:08:43.440 --> 00:08:47.190
Compliance and regulatory considerations include adhering

192
00:08:47.190 --> 00:08:50.190
to industry specific laws, standards,

193
00:08:50.190 --> 00:08:53.520
and guidelines to ensure that systems operate safely,

194
00:08:53.520 --> 00:08:56.730
securely, and within legal requirements.

195
00:08:56.730 --> 00:09:00.090
Regulatory compliance requires meeting specific legal

196
00:09:00.090 --> 00:09:01.470
and industry standards,

197
00:09:01.470 --> 00:09:04.380
such as the General Data Protection Regulation

198
00:09:04.380 --> 00:09:06.840
or GDPR for data protection

199
00:09:06.840 --> 00:09:10.320
or the Health Insurance Portability and Accountability Act

200
00:09:10.320 --> 00:09:13.170
or HIPAA for healthcare systems.

201
00:09:13.170 --> 00:09:16.680
Next, environmental considerations involve ensuring

202
00:09:16.680 --> 00:09:19.440
that specialized systems operate securely

203
00:09:19.440 --> 00:09:21.300
within their physical environment.

204
00:09:21.300 --> 00:09:24.720
This means ensuring factors like temperature, humidity,

205
00:09:24.720 --> 00:09:26.670
or electromagnetic interference

206
00:09:26.670 --> 00:09:28.530
that could impact system performance

207
00:09:28.530 --> 00:09:30.510
and safety are maintained.

208
00:09:30.510 --> 00:09:33.600
Finally, safety compliance focuses on ensuring

209
00:09:33.600 --> 00:09:34.980
that systems are designed

210
00:09:34.980 --> 00:09:39.090
and operated in a way that protects users, operators,

211
00:09:39.090 --> 00:09:40.890
and the public from harm.

212
00:09:40.890 --> 00:09:43.410
Safety compliance often requires adherence

213
00:09:43.410 --> 00:09:48.410
to standards like ISO 26262 for automotive safety,

214
00:09:48.510 --> 00:09:52.710
or IEC 61508 for functional safety

215
00:09:52.710 --> 00:09:54.270
and industrial systems.

216
00:09:54.270 --> 00:09:57.750
In practice concerning a medical device system,

217
00:09:57.750 --> 00:10:01.560
regulatory compliance might involve meeting American food

218
00:10:01.560 --> 00:10:03.480
and drug administration requirements,

219
00:10:03.480 --> 00:10:06.240
while environmental considerations address the device's

220
00:10:06.240 --> 00:10:08.520
operation in various clinical settings.

221
00:10:08.520 --> 00:10:11.160
And finally, safety compliance ensures

222
00:10:11.160 --> 00:10:13.980
that the device does not pose any risk to patients

223
00:10:13.980 --> 00:10:15.540
or healthcare providers.

224
00:10:15.540 --> 00:10:19.410
Next, we will explore Critical Services Challenges.

225
00:10:19.410 --> 00:10:21.210
Critical Services Challenges

226
00:10:21.210 --> 00:10:24.390
in specialized system security involve protecting

227
00:10:24.390 --> 00:10:26.400
essential infrastructure sectors

228
00:10:26.400 --> 00:10:29.280
such as utilities, transportation,

229
00:10:29.280 --> 00:10:31.110
and healthcare from disruptions

230
00:10:31.110 --> 00:10:34.590
and threats that could have significant societal impact.

231
00:10:34.590 --> 00:10:36.120
Un the Utilities sector,

232
00:10:36.120 --> 00:10:39.600
security challenges include safeguarding power grids

233
00:10:39.600 --> 00:10:42.060
and water systems from cyber attacks

234
00:10:42.060 --> 00:10:45.720
that could cause widespread outages or contamination.

235
00:10:45.720 --> 00:10:49.230
In transportation, securing systems like rail networks,

236
00:10:49.230 --> 00:10:50.520
air traffic control,

237
00:10:50.520 --> 00:10:53.640
and public transit against cyber threats is crucial

238
00:10:53.640 --> 00:10:57.420
to prevent accidents and ensure the safety of passengers.

239
00:10:57.420 --> 00:11:01.530
In healthcare, the security of medical devices, patient data

240
00:11:01.530 --> 00:11:03.810
and hospital networks is paramount

241
00:11:03.810 --> 00:11:05.700
to protect patient privacy

242
00:11:05.700 --> 00:11:08.700
and ensure uninterrupted delivery of care.

243
00:11:08.700 --> 00:11:10.830
Finally, we will look at commercial

244
00:11:10.830 --> 00:11:12.420
and government challenges.

245
00:11:12.420 --> 00:11:14.880
Commercial and government challenges include securing

246
00:11:14.880 --> 00:11:16.890
sensitive operations and data

247
00:11:16.890 --> 00:11:19.740
in sectors like manufacturing, finance,

248
00:11:19.740 --> 00:11:21.690
and government, or defense

249
00:11:21.690 --> 00:11:24.360
against sophisticated threats and vulnerabilities.

250
00:11:24.360 --> 00:11:27.690
In manufacturing, protecting industrial control systems

251
00:11:27.690 --> 00:11:30.720
and intellectual property from cyber attack helps

252
00:11:30.720 --> 00:11:33.210
to maintain operational continuity

253
00:11:33.210 --> 00:11:34.980
and competitive advantage.

254
00:11:34.980 --> 00:11:36.450
In the Financial Sector,

255
00:11:36.450 --> 00:11:40.080
challenges in securing transaction systems, customer data,

256
00:11:40.080 --> 00:11:43.380
and ensuring regulatory compliance protect against fraud

257
00:11:43.380 --> 00:11:44.490
and data breaches.

258
00:11:44.490 --> 00:11:46.170
In the Government and Defense Sector,

259
00:11:46.170 --> 00:11:48.750
classified information, critical infrastructure

260
00:11:48.750 --> 00:11:51.780
and military operations must be safe

261
00:11:51.780 --> 00:11:55.110
from state sponsored cyber attack and espionage.

262
00:11:55.110 --> 00:11:56.910
For example, a breach in a

263
00:11:56.910 --> 00:11:58.680
government defense system could lead

264
00:11:58.680 --> 00:12:01.710
to the theft of classified military information,

265
00:12:01.710 --> 00:12:03.750
putting service members at risk,

266
00:12:03.750 --> 00:12:06.750
while an attack on a financial institution could result

267
00:12:06.750 --> 00:12:11.040
in a massive financial loss and erosion of public trust.

268
00:12:11.040 --> 00:12:14.250
Both of these scenarios underscore the importance

269
00:12:14.250 --> 00:12:17.370
of tailored security strategies in each sector.

270
00:12:17.370 --> 00:12:20.250
To finish things off, we'll take a short quiz to see

271
00:12:20.250 --> 00:12:23.070
what you learned during this section of the course,

272
00:12:23.070 --> 00:12:26.430
and we will review each of those quiz questions fully

273
00:12:26.430 --> 00:12:27.930
to ensure that you can explain

274
00:12:27.930 --> 00:12:29.490
why the right answers were right

275
00:12:29.490 --> 00:12:31.230
and the wrong answers were wrong.

276
00:12:31.230 --> 00:12:35.400
So let's get ready to dive into Specialized System Security

277
00:12:35.400 --> 00:12:37.443
in this section of the course.