[mile] Fwd: New Version Notification for draft-murillo-mile-cps-00.txt
Martin Murillo <murillo@ieee.org> Fri, 24 January 2014 02:11 UTC
Return-Path: <murillo@ieee.org>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F68F1A01BE for <mile@ietfa.amsl.com>; Thu, 23 Jan 2014 18:11:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HKfS8rGvk6QO for <mile@ietfa.amsl.com>; Thu, 23 Jan 2014 18:10:56 -0800 (PST)
Received: from m1plsmtpa01-08.prod.mesa1.secureserver.net (m1plsmtpa01-08.prod.mesa1.secureserver.net [64.202.165.187]) by ietfa.amsl.com (Postfix) with ESMTP id BC46A1A017D for <mile@ietf.org>; Thu, 23 Jan 2014 18:10:56 -0800 (PST)
Received: from [10.8.90.31] ([66.205.162.90]) by m1plsmtpa01-08.prod.mesa1.secureserver.net with id HeAt1n0081xKu6y01eAu0L; Thu, 23 Jan 2014 19:10:55 -0700
X-Sender: martin@murillos.net
Message-ID: <52E1CBB5.6000906@ieee.org>
Date: Thu, 23 Jan 2014 21:11:01 -0500
From: Martin Murillo <murillo@ieee.org>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: mile@ietf.org
References: <20140122155745.18162.21877.idtracker@ietfa.amsl.com>
In-Reply-To: <20140122155745.18162.21877.idtracker@ietfa.amsl.com>
X-Forwarded-Message-Id: <20140122155745.18162.21877.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [mile] Fwd: New Version Notification for draft-murillo-mile-cps-00.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: murillo@ieee.org
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jan 2014 02:11:01 -0000
Dear all, Please find below a link to a proposed draft for extending IODEF for the reporting of cyber-physical system incidents. These systems are often referred as Operational Technology Systems, Industrial Control Systems, Automatic Control Systems, or simply Control Systems. Cyber-Physical systems have been around for decades. However, they are now at a higher risk to be the target of attacks by individual highly-skilled attackers, organized groups, nation-states, or simply suffer repercussions of mainstream IT cyber-attacks. While over 90% of critical control system infrastructure is currently owned by private enterprises, these can have direct repercussions on national security of world nations. Indeed, various of these systems are key parts of nuclear reactor facilities, transportation systems, electric power distribution, oil and natural gas distribution, health care, water and waste-water treatment, dam infrastructure, missile and defense systems, and others. The disruption of these control systems could have a significant impact on public health, safety, and lead to large economic losses. Among the issues that catalyze this higher risk are: i) these systems are gradually becoming more interconnected, ii) legacy systems do not have proper cybersecurity protection, iii) the existence of highly-skilled individuals and motivations, iv) some these systems are generally considered critical, v) these are a natural extension of IT cyber-attacks, vi) the emergence of the Internet of Things (IOT), and vi) these attacks can be carried out remotely and quite inexpensively. While there might exist national approaches to deal with incidents, there's the need of a global international approach that will engulf governments, private organizations and other stakeholders. IETF, as a leading global Internet standards organization, seeks to satisfy this need through open standards that seek to encompass issues that are critical for the global community. Feedback at two levels are welcome: 1. On the existence and inclusion either by utilizing any already existing industry formats (XML- encoded) and/or by utilizing atomic data 2. Contributions on making the extension (and background information) more comprehensive, accurate and principally useful for the community Look forward to feedback and other input! Martin Murillo A new version of I-D, draft-murillo-mile-cps-00.txt has been successfully submitted by Martin Murillo and posted to the IETF repository. Name: draft-murillo-mile-cps Revision: 00 Title: IODEF extension for Reporting Cyber-Physical System Incidents Document date: 2014-01-21 Group: Individual Submission Pages: 24 URL: http://www.ietf.org/internet-drafts/draft-murillo-mile-cps-00.txt Status: https://datatracker.ietf.org/doc/draft-murillo-mile-cps/ Htmlized: http://tools.ietf.org/html/draft-murillo-mile-cps-00 Abstract: This draft document will extend the Incident Object Description Exchange Format (IODEF) defined in [RFC5070] to support the reporting of incidents dealing with attacks to physical infrastructure through the utilization of IT means as a vehicle or as a tool. These systems might also be referred as Cyber-Physical Systems (CPS), Operational Technology Systems, Industrial Control Systems, Automatic Control Systems, or simply Control Systems. These names are used interchangeably in this document. In this context, an incident is generally the result of a cybersecurity issue whose main goal is to affect the operation of a CPS. It is considered that any unauthorized alteration of the operation is always malign. This extension will provide the capability of embedding structured information, such as identifier- and XML-based information. In its current state, this document provides important considerations for further work in implementing Cyber-Physical System incident reports, either by utilizing any already existing industry formats (XML- encoded) and/or by utilizing atomic data. In addition, this document should provide appropriate material for helping making due considerations in making an appropriate decision on how a CPS reporting is done: 1) through a data format extension to the Incident Object Description Exchange Format [RFC5070], 2) forming part of an already existing IODEF-extension for structured cybersecurity information (currently draft draft-ietf-mile-sci-11.txt), or others. While the format and contents of the present document fit more the earlier option, these can also be incorporated to the later. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [mile] Fwd: New Version Notification for draft-mu… Martin Murillo
- Re: [mile] Fwd: New Version Notification for draf… Jerome Athias
- Re: [mile] Fwd: New Version Notification for draf… Johnson, Blake
- Re: [mile] Fwd: New Version Notification for draf… Martin Murillo
- [mile] Fwd: New Version Notification for draft-mu… Alexey Melnikov
- Re: [mile] Fwd: New Version Notification for draf… Takeshi Takahashi
- Re: [mile] New Version Notification for draft-mur… Eric Burger
- Re: [mile] New Version Notification for draft-mur… Takeshi Takahashi
- Re: [mile] New Version Notification for draft-mur… Kathleen Moriarty
- Re: [mile] New Version Notification for draft-mur… Martin J. Murillo