Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Stanford University

Engineering Cyber Resiliency - A Pragmatic Approach

Stanford University via YouTube

Overview

Absolute security is science fantasy, and perfection is the enemy of good. Good engineers realize the wisdom of that statement, and strive to develop tools, abstractions, and mechanisms that provide desired properties (like resiliency) with known certainty. But providing such properties at a specified level is easier said than done, especially for properties that are probabilistic and systems that are complex distributed combinations of hardware and software.

This talk explores attempts to provide cyber resiliency in systems that are used in critical applications. It argues that CAD tools are needed at design time to choose between alternative resiliency mechanisms, and that resiliency mechanisms are needed that provide redundancy, diversity, and adaptive behavior. It also argues that runtime sensing mechanisms need to correlate information from diverse sensors to expose attackers. Finally, it argues that by focusing on adaptation mechanisms that operate on effects rather than attacks, a system can tolerate many zero-day attacks. Taken together, we describe our work towards a pragmatic, but not perfect, approach to engineer resiliency into cyber systems for use in critical applications.

About the Speaker: William H. Sanders is a Donald Biggar Willett Professor of Engineering and the Head of the Department of Electrical and Computer Engineering (www.ece.illinois.edu) at the University of Illinois at Urbana-Champaign (illinois.edu). He is a professor in the Department of Electrical and Computer Engineering and in the Department of Computer Science. He is a Fellow of the IEEE, the ACM, and the AAAS; a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing; and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. He was the founding Director of the Information Trust Institute (www.iti.illinois.edu) at Illinois (2004-2011), and served as Director of the Coordinated Science Laboratory (www.csl.illinois.edu) at Illinois from 2010 to 2014.

Dr. Sanders's research interests include secure and dependable computing and security and dependability metrics and evaluation, with a focus on critical infrastructures. He has published more than 270 technical papers in those areas. He served as the Director and PI of the DOE/DHS Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Center (tcipg.org), which did research at the forefront of national efforts to make the U.S. power grid smart and resilient. He was the 2016 recipient of the IEEE Technical Field Award, Innovation in Societal Infrastructure, for assessment-driven design of trustworthy cyber infrastructures for societal-scale systems.

Speaker Abstract and Bio can be found here: http://ee380.stanford.edu/Abstracts/1...

Syllabus

Introduction.
Cyber Security Facts (according to Sanders).
THE CRITICAL NEED: Provide Assured Trustworthy System Operation in Hostile Environments.
Engineering in Resiliency: Trust Specification, Design, Implementation, and Validation.
Resiliency Design Challenges.
Notional Architecture for Resiliency.
Challenges in Providing Cyber Resiliency.
Example 1: E-commerce System with Accidental Failures SRDS.
Recovery Engine Architecture.
Example 2: Recovery and Response Approach for Malicious Attacks (DSN'09, IEEE Trans. Par. & Dist. Sys 2014).
Monitor Placement Methodology (DSN'16).
Monitor Fusion Algorithms (SRDS'16).
Trust Assessment Challenge.
Quantifying Resiliency.
Practical Applications of Security Metrics.
Contrasting Approaches.

Taught by

Stanford Online

Reviews

4.7 rating, based on 18 Class Central reviews

Start your review of Engineering Cyber Resiliency - A Pragmatic Approach

  • Profile image for Rodrigo Carvalho
    Rodrigo Carvalho
    The session provided valuable insights from a cybersecurity perspective. A key takeaway is the importance of understanding what needs protection. Identifying your IT assets and assessing their criticality to the organization is fundamental. This understanding lays the groundwork for making informed strategic decisions about IT security and incident response. Overall, a highly informative and practical session.
  • Profile image for Deepinder Kaur Mulae
    Deepinder Kaur Mulae
    Beautiful explanation with great examples. Love this session. I've learnt something new and love the way each and every thing explained by the professor
  • Anna Ashna Joy
    It was a great lecture. Most of the all topics are covered as simple so that learners could grasp it. Glad to complete this course :-)
  • Profile image for Sarang Damle
    Sarang Damle
    Very informative session from cyber security point of view .First, we must understand what we are protecting. Unless you know your IT assets and how important each is to your organization, making strategic decisions about IT security and incident re…
  • The course was good no doubt because it expands my knowledge in cyber.
    He also defines the modern threats and system protection that i like too much it helps me a lot to know about Cyber Security in deep and grows my interest to step in this department.
  • Profile image for Nweme Jonathan Eyo
    Nweme Jonathan Eyo
    Very informative session from cyber security point of view .First, we must understand what we are protecting. Unless you know your IT assets and how important each is to your organization, making strategic decisions about IT security and incident response.
  • Thulani Magagula
    Very good, and made easy to understand, i liked the fact that anybody can do this course as it is self-passed which means no stress to balance between working hours and studying, a person can use their own time table.
  • Class with very good explanation of the subject .
    Trying to explain the system to maintain its functionality and security in adverse situations, such as a cyber attack, a hardware failure or a natural disaster
  • Kavitha Bs
    The training was very useful, have very good coverage, able to understand very clearly and valuable inputs for all. Thank you team for giving me an opportunity to take up this wonderful course!
  • Sagar Gupta
    Great couse it was nice ti learn cloud security and its resilience from all kind of vendors such as azure google cloud, amazon web services aws
  • Profile image for Naveen Karemolla
    Naveen Karemolla
    good but the lecture must be more informative and should provide a course oriented program which can be beneficial to students and jobseekers.
  • Profile image for Celestine Sanford
    Celestine Sanford
    This was a great and very educational material. This is a recommended course to take. I did learn some interesting things in cyber resiliency.
  • Profile image for Ricardo Antonio Ramos Cruz
    Ricardo Antonio Ramos Cruz
    Excellent Course, i hope development diferentes topics related i learn in this coruse. Ciber Resiliency is very important for many people.
  • Anonymous
    This course is excellent. I really enjoyed going through it and I would definitely refer more of my colleagues to try out.
  • Profile image for Shivanku Panday
    Shivanku Panday
    Every thing is good for learned and something new in this training about mentorship every thing is good for me thanks again
  • Caleb Muradzi
    great course very informative,

    Absolute security is science fantasy, and perfection is the enemy of good. Good engineers realize the wisdom of that statement, and strive to develop tools, abstractions, and mechanisms that provide desired properties (like resiliency) with known certainty. But providing such properties at a specified level is easier said than done, especially for properties that are probabilistic and systems that are complex distributed combinations of hardware and software.
  • Profile image for Arga Pangestu
    Arga Pangestu
    It's a good course.
    Clear explanation with related examples. We can learn a new perspective on cyber resiliency based on a pragmatic approach.
  • Kim Soerensen
    A very good introduction to the topic
    Most is entry level but gives a good foundation for further st

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.