SEI Makes Smart Grid Maturity Model Freely Available
October 11, 2018—The Software Engineering Institute (SEI) has transitioned the Smart Grid Maturity Model (SGMM) to a Creative Commons Attribution licensing agreement. This change effectively transitions SGMM to an open-source model. Under the Creative Commons Attribution, users can freely copy, create, and share SGMM materials, including for commercial use, so long as they provide appropriate credit to the SEI, provide a link to the license, and indicate any changes made. In light of this change, the SEI is retiring its SGMM licensing and certification programs
Created by a coalition of utilities and stewarded by the SEI, the SGMM is a resource for utility industry transformation. The model provides a framework for understanding the current extent of smart grid deployment and capability within an electric utility, a context for establishing strategic objectives and implementation plans in support of grid modernization, and a means to evaluate progress over time toward those objectives. More than 380 utilities are using the model or have taken the survey.
The SGMM product suite includes the following components:
The SGMM Model Definition. This document fully details the eight domains and six maturity levels comprising the model. It also includes introductory material to help users understand the purpose and use of the SGMM.
Compass Survey. This questionnaire-based assessment tool is designed to collect demographic and performance data and to characterize the status of the responding utility’s smart grid implementation in the context of the SGMM. The data collected provide a maturity level rating for each domain in the model.
Navigation Process. This is a defined process to complete the Compass Survey to build a common understanding across the organization of the current state of smart grid implementation and to set future aspirations.
The primary audience for the SGMM is electric utilities and related stakeholders who are interested in modernizing and improving their operations and practices associated with delivery of electricity with a focus on transmission and distribution.
For more general information about SGMM, see the SGMM overview. Or, download the SGMM product suite.
NSA Recognizes SEI and CMU Researchers
October 9, 2018—Researchers from both Carnegie Mellon University (CMU) and the Software Engineering Institute (SEI) have been honored by the National Security Agency (NSA) for papers submitted to the agency’s annual Best Scientific Cybersecurity Paper Competition. The NSA conducts this competition to promote the development of scientific foundations for the field of cybersecurity.
This year’s winning paper, How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games, was co-authored by CMU’s Tiffany Bao and David Brumley in collaboration with researchers from the University of California, Santa Barbara.
The SEI’s Jonathan Spring, a senior vulnerability researcher in the CERT Division, also won the notice of the NSA. Spring co-authored the paper Practicing a Science of Security: A Philosophy of Science Perspective, which examined obstacles to the practice of a science of security. The competition judges cited this work for addressing the philosophical question, “What is a science of security?”
Spring’s research concerns human decision making in computer security incident response, one of the mission threads of the SEI’s CERT Division. Part of his work elucidates the ways in which security practitioners in general, and specifically incident responders, function as scientists in the conduct of their work. Spring plans to further develop this analysis at the SEI and apply his reasoning to specific problems.
In commending the paper, the NSA noted, “The reviewers in the competition appreciate their work in helping to shape and mature the security discipline.” Spring coauthored the paper with Tyler Moore and David Pym while pursuing a Ph.D. at University College London. In recognition of their work, the NSA has invited the authors to discuss their perspectives at the Hot Topics in Science of Security (HoTSoS) meeting in April 2019.
“I was pleasantly surprised that the paper committee mentioned our paper,” said Spring. “Our intended contribution is to refocus the question about cybersecurity research from ‘Is this process scientific?’ to ‘Why is this scientific process producing unsatisfactory results?’ The purpose is to generate more productive answers and get better at moving the practice forward.”
Spring works in the Threat Analysis Directorate of the SEI CERT Division. His current work focuses on evidence and reasoning in security, via logic and philosophy of science, applied to practical problems. Spring joined the SEI in 2009. In 2015 he began work on a doctorate. Spring has also served as an adjunct professor at the University of Pittsburgh and as a researcher for the Internet Corporation for Assigned Names and Numbers (ICANN). Spring holds master’s and bachelor’s degrees from the University of Pittsburgh.
New CERT Tool Speeds Artifact Extraction and Analysis
October 3, 2018—The SEI’s CERT Division has released Cyobstract, an open source incident response tool. Cyobstract is designed to help analysts quickly and efficiently extract artifacts from any textual source or collection of sources, such as incident reports and threat assessment summaries. The tool is freely available on GitHub.
“We created Cyobstract to support exploratory work we conducted on a dataset of Department of Homeland Security (DHS) incident reports,” said Samuel Perl of the CERT CSIRT Development team. Perl was a developer of Cyobstract. “It streamlined the process by eliminating the need for a lot of cutting and pasting between data sources and tools. We quickly realized the tool could be of great help across the incident response analyst community.”
Cyobstract targets 24 security-relevant data types, including
IP addresses: IPv4, IPv4 CIDR, IPv4 range, IPv6, IPv6 CIDR, and IPv6 range
hashes: MD5, SHA1, SHA256, and ssdeep
Internet and system-related strings: FQDN, URL, user agent strings, email addresses, filenames, filepath, and registry keys
Internet infrastructure values: ASN, ASN owner, country, and ISP
security analysis values: CVE, malware, and attack type
Cyobstract can extract malformed or “defanged” values, and it also includes a developer kit teams can use to adapt the tool to capture custom security data types. But that’s not all.
"Not only does it extract artifacts," said Matt Sisk, a colleague of Perl and lead developer of Cyobstract, “it also includes a tool that can automatically build optimized regular expressions from lists of target data.”
The Cyobstract library can be downloaded from GitHub at https://github.com/cmu-sei/cyobstract.
To learn more about Cyobstract, visit https://insights.sei.cmu.edu/cert/2018/09/new-sei-cert-tool-extracts-artifacts-from-free-text-for-incident-report-analysis.html.
SATURN 2019 Conference Now Accepting Submissions
The 15th annual SEI Architecture Users Network (SATURN) Conference 2019 call for submissions is now open. SATURN 2019 will be held at the Sheraton Pittsburgh Hotel at Station Square in Pittsburgh from May 6 to 9, 2019.
As SATURN celebrates its 15th year, it has become the leading conference for software architects who look beyond the details of today’s technologies to the underlying trends, techniques, and principles that underpin lasting success in this fast-moving field. SATURN attracts attendees from many domains and technical communities who share interests in both proven and emerging practices. This unique mix makes it the best place to learn, exchange ideas, and find collaborators at the leading edge of modern software architecture.
This year's technical program will feature the three tracks:
data analytics, machine learning, big data, and artificial intelligence
microservice, event-driven, and serverless architectures; containerization; and the Internet of Things
other design and development techniques, patterns, and solutions
More information about these tracks and about session types and lengths is available in the SATURN 2019 Call for Submissions.
All proposals must be submitted to the online submission system no later than January 11, 2019. Presenters whose proposals are accepted will receive free or discounted admission to the conference depending on the submission type.
For more information about SATURN 2019, visit the conference website.
WiCyS Announces Women in CyberSecurity 2019 Conference
September 25, 2018—The call for participation is now open for the sixth annual Women in CyberSecurity (WiCyS) Conference and workshops to be hosted in Pittsburgh by the WiCyS organization and Carnegie Mellon University from March 28 to 30, 2019.
The WiCyS Conference brings together women in cybersecurity from academia, research, government, and industry to share knowledge, experience, networking, and mentoring. The event’s goal is to broaden participation in cyber by recruiting, retaining, and advancing females in the field of cybersecurity.
There are approximately 300,000 unfilled cybersecurity jobs nationwide according to cyberseek.org, and various projections estimate that the number of unfilled cybersecurity jobs may double by 2021. At the same time, women currently comprise only 11 percent to 14 percent of the cybersecurity workforce.
“Carnegie Mellon University’s strong commitment to supporting women’s pathways in cybersecurity disciplines makes the institution an ideal local host for WiCyS’ annual conference,” said Dr. Janell Straach, chair of the Governing Board, WiCyS organization. “This event celebrates not only diversity (especially women) in the cybersecurity workforce, but also the tremendous gains that can be achieved through our unique collaboration among academia, industry, government and research.”
Founded by Dr. Ambareen Siraj from Tennessee Tech University as a National Science Foundation project, the WiCyS Conference annually attracts about 1,000 attendees including students, professionals, and leaders in the cybersecurity field. Half the participants are students attending through scholarships awarded by WiCyS with the support of its sponsors.
“It’s especially fitting for Carnegie Mellon University to host the 2019 WiCyS Conference because the university is known as the birthplace of cybersecurity. It was here in the university’s Software Engineering Institute (SEI) that the world’s first computer security incident response team, the CERT Coordination Center, was founded to respond to widespread Internet attacks,” said Dr. Greg Shannon, chief scientist, CERT Division, SEI, and a member of the WiCyS Board of Governors. “Our leadership in cybersecurity research and education continues to this day.”
The 2019 conference will have a new expanded schedule that includes four concurrent tracks to allow for greater participation. The four technical program tracks include
Today’s Technology and Challenges: Current issues and challenges, advances in research and development, experimental findings
Looking Ahead: Important technology and R&D trends, challenges on the horizon, upcoming solutions, tomorrow’s vision
Best Practices: Institutional, operational, and academic best practices, tools, techniques and approaches
Career Development: Leadership and advancement
Presenters may submit proposals through the WiCyS website at www.wicys.net/participate for lightning talks, technical presentations, birds of a feather sessions, workshops, and panels. Students and faculty can apply for scholarships to attend WiCyS at https://www.wicys.net/scholarships. The scholarships cover students’ and faculty members’ shared lodging and meals.
Deadline for both is Nov. 1. For more information about the 2019 WiCyS Conference, visit www.wicys.net.