Trustworthy Computational Science: A Multi-decade Perspective

  • View
    85

  • Download
    3

Embed Size (px)

Text of Trustworthy Computational Science: A Multi-decade Perspective

  1. 1. A Multi-decade Perspective! Trustworthy Computational Science! Von Welch! Indiana University! Director, CACR! April 15, 2015!
  2. 2. AbouttheCenterforApplied CybersecurityResearch Interdisciplinaryappliedresearchinto cybersecurity. Bridgecybersecurityresearchandprac7ce acrossIndianaUniversity. Externallyfacing,withprojectsfundedby NSF,DOE,DHS, PartofPervasiveTechnologyIns7tute. 2
  3. 3. Mytalk:CybersecurityandScience Theriseofscien7ccompu7ng. Cybersecurityasriskmanagement. Whataretheriskstoscience? Whatcanscienceteachcybersecurity? PuOngitalltogether. Howputthisintoprac7ce? 3
  4. 4. The Good Old Days Scientists were employees or students physically co-located. Image credit: Wikipedia 4
  5. 5. Then remote access Scientists start being remote from the computers. But still affiliated with computing centers. Image credit: All About Apple Museum Creative Commons Attribution-Share Alike 2.5 Italy 5
  6. 6. Growth of the scientific collaboration Number of scientists, institutions, resources. Large, expensive, rare/unique instruments. Increasing amounts of data. Image credit: Ian Bird/CERN 6
  7. 7. Cyberinfrastructure! Scientic Community! Multiple Universities and/or Research Orgs! Regional R&E and Commercial Services! Open Source and Scientic Software! R&E Networks,! IRNCs,! Science DMZs! TheScienceStack 7
  8. 8. Cyberinfrastructure PCs/Mobile HPC HTC HPSS Instruments Science Data Servers Portals Commodity Unique SatelliteLinks HPN ScienceDMZCloud Data Subjects 8
  9. 9. WhatistheGoal ofCybersecurity forScience? 9
  10. 10. Cybersecurity Historically! Firewalls, IDS, encryption, logs, passwords, etc.! ! Not inspirational to the science community" (or many others).! 10
  11. 11. Contemporary Cybersecurity! Cybersecurity supports the organizations mission by managing risks to science.! 11
  12. 12. MaximizingTrustworthyScience Trustworthy Science Output Too much risk Too little Science Security 12
  13. 13. WhataretheriskstoScience? 13 ?
  14. 14. Trustworthy Science! Integrity of data and computation are critical to maintaining the trust of scientists and the public in CI.! ! Perception of integrity is often just as important as reality.! ! 14
  15. 15. Do No Harm! Cyberinfrastructure represents some impressive cyber- facilities.! ! Being used as a tool to harm others would be very damaging to ones reputation. 15
  16. 16. Collaboration is key to science. " " Trust is key to collaboration.! 16
  17. 17. Identity Matters to Science! ScottKoranda/LIGO-Oct11 17
  18. 18. Specic Concerns! Many science domains, communities, and projects have particular concerns.! ! The risks related to condentiality, integrity, and availability vary greatly, and go by their own nomenclature.! 18
  19. 19. Cyberinfrastructure! Scientic Community! Multiple Universities and/or Research Orgs! Regional R&E and Commercial Services! Open Source and Scientic Software! R&E Networks,! IRNCs,! Science DMZs! HowdowemanagetheseRisks? 19
  20. 20. Leverageserviceswhenpossible Leveragecybersecurityintheseservices. Saveeortforscience-specicchallenges. Challenge:Quan7fyandmanageresidual risksfromthoseservices. Multiple Universities and/or Research Orgs! Regional R&E and Commercial Services! Open Source and Scientic Software! R&E Networks,! IRNCs,! Science DMZs! 20
  21. 21. CommodityIT Usebaseline cybersecurity prac7cesfromNIST andothers. E.g.hXp:// trustedci.org/guide/ docs/commodityIT 21 Commodity IT
  22. 22. UniqueIT/ Instruments/ Data/etc. Mustunderstand andmanagerisk Acustomtaskcan behelpedwith resources E.g.hXp:// trustedci.org/guide/ 22 Unique Assets
  23. 23. WhatabouttheScienceitself? Themissionweareul7matelysuppor7ng. Asourceofrisks. Butisthatall? Scientic Community! 23
  24. 24. ScienceManagesRisksasWell Biases Errors 24 http://www.ligo.org/news/blind-injection.php
  25. 25. http://cms.web.cern.ch/news/blinding- and-unblinding-analyses 25 https://theoreticalecology.wordpress.com/2012/06/22/statistical- analysis-with-blinded-data-a-way-to-go-for-ecology/
  26. 26. Bias:TheUltimateInsiderThreat InsiderThreatdealingwithrisksthat originatefrominsidetheorganiza7on. Sciencehasbeendealingwiththeriskofbias foralong7me. Maturescienceprojectsbringalotofrisk managementaroundbiasthatshouldbe leveragedbycybersecurity. Whatistheresidualriskincomputa7onal sciencea^erbiasmanagement? 26
  27. 27. 27
  28. 28. Cyberinfrastructure! Scientic Community! Multiple Universities and/or Research Orgs! Regional R&E and Commercial Services! Open Source and Scientic Software! R&E Networks,! IRNCs,! Science DMZs! Puttingitalltogether Leverage science processes, understand risks. Baseline controls, risk management. Leverage services and cybersecurity to conserve effort, understand and manage residual risks. 28
  29. 29. Howdowe putthisinto practice? 29
  30. 30. http://science.energy.gov/~/media/ascr/ascac/pdf/charges/ASCAC_Workforce_Letter_Report.pdf DOEAdvancedScientiPicComputingAdvisory CommitteeWorkforceSubcommitteeLetter Inpar7cular,thendingsrevealthat:AlllargeDOE na7onallaboratoriesfaceworkforcerecruitmentand reten7onchallengesintheeldswithinCompu7ng Sciencesthatarerelevanttotheirmission(),including Algorithms(bothnumericalandnon-numerical); AppliedMathema7cs;DataAnalysis,Managementand Visualiza7on;Cybersecurity;So^wareEngineeringand HighPerformanceSo^wareEnvironments;andHigh PerformanceComputerSystems. 30
  31. 31. http://blog.ted.com/bridging-the-gulf-in-mental-health-care-vikram-patel-at-tedglobal2012/ MaximizingLimitedExpertise 31
  32. 32. SUNDAR Simplifythemessage UNpackthetreatment Deliveritwherepeopleare Aordableandavailablehumanresources Realloca7onofspecialiststotrainand supervise 32
  33. 33. Center for Trustworthy Scientic Cyberinfrastructure" TrustedCI.org! ! Increase the NSF communitys understanding of cybersecurity for science, and advance its implementation.! Three-year project funded by NSF ACI.! 33
  34. 34. CTSC Activities! Engagements! LIGO, SciGAP, IceCube, Pegasus, CC-NIE peer reviews, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, OOI, NEON.! Education and Training! Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, Securing Commodity IT in Scientic CI Projects, Baseline Controls and Best Practices, Training for CI professionals.! Leadership! Organized 2013, 2014 & 2015 Cybersecurity Summits for Large Facilities and CI, vulnerability awareness, Cybersecurity for Large Facilities Manual.! 34
  35. 35. Cybersecurity Program Guide! Baselineprac7cesandriskmanagement, tailoredforscienceprojectswithguidance andtemplates. http://trustedci.org/guide/ 35
  36. 36. Please Join Us!! ! 2015 NSF Cybersecurity Summit for ! Large Facilities and Cyberinfrastructure.! August 17-19, 2015. Arlington, VA! ! ! Email lists, details and CFP coming soon at trustedci.org! 36
  37. 37. In conclusion! Cybersecurityforscienceisaboutmanagingrisksfor sciencetomaximizetrustworthyscience. Scienceitselfhasmuchtooerintheprocessifwecan gureouthowtheworldsofcybersecurityandscience interact. Byleveragingourspecialistsfortrainingandmaximum impact,wecanovercomeworkforceconstraintstomake thisareality. 37
  38. 38. Acknowledgements ColleaguesatCACR,CTSC,XSIMwhomakeallthis workpossible. MikeCorn,AdamLyonfordiscussionsandfeedback. DepartmentofEnergyNext-Genera7onNetworksfor Science(NGNS)program(GrantNo.DE- FG02-12ER26111). Na7onalScienceFounda7on(Grant1234408). Theviewsandconclusionscontainedhereinarethoseoftheauthorandshouldnot beinterpretedasnecessarilyrepresen7ngtheocialpoliciesorendorsements, eitherexpressedorimplied,ofthesponsorsoranyorganiza7on 38
  39. 39. Notes ScienceOutput Sciencehaserrormanagement SUNDAR==Beau7fulinIndian NeedtoclarifyScience/cybersecurityrisk managementrela7onship. 39