Cyber Security Work at OMG - Task Force Levels

Introducing the OMG’s Data Residency Maturity Model

With the rise of managed IT services and cloud computing, sensitive data is regularly moved across countries and jurisdictions, which can be in direct conflict with various international, national or local regulations dictating where certain types of data can be stored (e.g., the European Union’ General Data Protection Regulation, or GDPR). Data residency is also a consideration of data owners responsible for protecting and securing data from unintended access.

The Object Management Group® (OMG®), a technology standards consortium, launched a working group in 2015 to address the challenges of data residency and define a standards roadmap to help stakeholders manage the location of their data and metadata.

Given the complexity of the issue, a stepwise improvement plan is necessary. This webinar will introduce a new Data Residency Maturity Model (DRMM) proposed in December 2017. Similar to the Capability Maturity Model (CMM) invented in 1990 at the Software Engineering Institute (SEI), the DRMM contains five maturity levels aimed at helping an organization improve their practices and governance of data residency. The OMG seeks feedback on the DRMM and calls on all interested parties to contribute to this work.

SDRs provide wireless communication components whose trans¬mit and receive characteristics are realized through specialized software running on programmable platforms. The benefit of allowing a single communications platform to be rapidly reconfigured for multiple, highly-diverse communication is to multiplex receive and transmission signals of different encodings on many frequencies (each combination is called a “waveform”). SDRs handle waveforms programmatically are used in fundamentally new ways for multiple domains (e.g. C4ISR, Internet of Things, Robotics, Space, etc.). Sup¬porting several waveforms inside the same device eases bug fixing, enables field re-configurability, allows mul¬tiple data transmission standards to be supported simultaneously, and helps improve the security and integrity of communications. Any communication task can be realized instanta¬neously by uploading/downloading appropriate software that defines the necessary waveforms allowing rapid reconfiguration and upgrades of Over-The-Air Reprogrammable deployed equipment and use of Smart Antennas.

This webinar’s purpose is to provide background and solicit interest for a revised version of the OMG Software-Based Communications Domain Task Force (SBC/DTF), called the Secure Network Communications (SNC) for Software Defined Radios (SDR) Working Group (WG).

For information on OMG SBC visit http://www.omg.org/intro/SCAV.pdf.

DDS Technical Overview Series - Part IV: The OMG Data Distribution Service provides a diverse set of Quality of Service policies. Strategic use of these QoS policies enables intelligent behavior in middleware and allows the application developer to focus on the domain. In this webinar, we examine one application in detail and explore how it uses DDS QoS policies to address several non-functional requirements. We'll also cover the trade-offs involved in different design choices involving DDS QoS and other DDS features. This webinar builds on the Part I and Part II webinars by examining certain QoS policies in more depth and taking a deep dive into a single application as it evolves from simple data transfer to taking full advantage of the Data-Centric Publish/Subscribe model of DDS.

Introduced in 2004, the Data Distribution Service has developed into a mature and proven connectivity standard within the IIoT. Today, DDS is at the heart of a large number of mission- and business-critical systems such as, Air Traffic Control and Management, Train Control Systems, Energy Production Systems, Medical Devices, Autonomous Vehicles, and Smart Cities. Considering the technological trends towards data-centricity and the rate of adoption, tomorrow DDS will be at the heart of an incredible number of Industrial IoT (IIoT) systems.

To help you become an expert in DDS and expand your skills in the growing DDS market, Object Management Group offers this DDS technical oveview webinar series covering three key areas: (1) the essence of DDS and data-centric systems, (2) how to effectively exploit DDS Quality of Service to build applications that perform and scale, and (3) securing your distributed DDS system.

This webinar, Part III of the OMG DDS Webinar series, will take an in-depth look at the latest advances in the DDS standards to meet the demanding cyber-security requirements of today’s industrial connected systems. From authentication and access control to integrity and encryption, learn how to leverage DDS Security features to secure your connected system against cyber attacks, while maintaining a flexible, scalable architecture. Presented by Nina Tucker, Vice President of Twin Oaks Computing.

Part I of the OMG DDS Webinar Series: Introduction to DDS and Key Abstractions presented by Angelo Corsaro, Ph.D., of ADLink Technologies and co-chair of OMG's DDS Special Interest Group, is available here: https://www.brighttalk.com/webcast/12231/252365

Part II of the OMG DDS Webinar series: Applying DDS QoS to Solve Real-World Problems, presented by Gerardo Pardo-Castellote, Ph.D., CTO of RTI and Co-Chair of OMG's DDS Special Interest Group, is available here: https://www.brighttalk.com/webcast/12231/252387

SysML v1 was adopted in 2006, and has been a key enabler of model-based systems engineering (MBSE). Since that time, much has been learned about applying MBSE with SysML. This presentation describes the directions and approach for the next generation of SysML (v2) to provide capabilities that address the limitations of SysML v1, and enable the evolving practice of MBSE.

Introduced in 2004, the Data Distribution Service has developed into a mature and proven connectivity standard within the IIoT. Today, DDS is at the heart of a large number of mission- and business-critical systems such as Air Traffic Control and Management, Train Control Systems, Energy Production Systems, Medical Devices, Autonomous Vehicles, and Smart Cities. Considering the technological trends towards data-centricity and the rate of adoption, tomorrow DDS will be at the heart of an incredible number of Industrial IoT (IIoT) systems.

To help you become an expert in DDS and expand your skills in the growing DDS market, Object Management Group offers this DDS technical overview webinar series covering three key areas: (1) the essence of DDS and data-centric systems, (2) how to effectively exploit DDS Quality of Service to build applications that perform and scale, and (3) securing your distributed DDS system.

This webinar, Part II of the OMG DDS Webinar series, will cover in detail the mechanisms available in DDS to meet challenging real-world application requirements; from discovery to state management, information consistency, data durability, reliability and scalable information distribution. With over 20 different quality-of-service (Qos) policies DDS provides ready-made configurable patterns that can be used to meet most of these use-cases. Learn to leverage DDS Qos and patterns to simplify your application code and increase the robustness of your system. Presented by Gerardo Pardo-Castellote, Ph.D., CTO of RTI and Co-Chair of OMG's DDS Special Interest Group.

Part I: Introduction to DDS and Key Abstractions presented by Angelo Corsaro, Ph.D., of ADLink Technology and co-chair of OMG's DDS Special Interest Group, is available here https://www.brighttalk.com/webcast/12231/252365

Part III: Using DDS to Secure Data Communications presented by Nina Tucker, Vice President of Twin Oaks Computing here: https://www.brighttalk.com/webcast/12231/252391

Filmed during OMG's TC meeting in Reston, DC in 2017, this conversation explores the role of standards in Healthcare IT

With the emergence of the Industrial Internet of Things (IIoT) many are trying to understand how their organization can step up to the new world of connected things that can cause harm, lead to safety issues, and could serve for decades. Join this session as we explore the driving concepts behind creating a safe, secure, and reliable IIoT system and look at how OMG standards play their role in the new IIoT marketplace and IIoT ecosystems as we evolve our IT & OT cultures into the IIoT culture. Topics discussed include:
* Safe, Reliable, and Secure - how to tell?
* Sourcing and integrating trustworthy components
* Standards and evidence-based value chains in IIoT ecosystems

Introduced in 2004, the Data Distribution Service has developed into a mature and proven connectivity standard within the IIoT. Today, DDS is at the heart of a large number of mission- and business-critical systems such as, Air Traffic Control and Management, Train Control Systems, Energy Production Systems, Medical Devices, Autonomous Vehicles, and Smart Cities. Considering the technological trends towards data-centricity and the rate of adoption, tomorrow, DDS will be at the heart of an incredible number of Industrial IoT (IIoT) systems.

To help you become an expert in DDS and expand your skills in the growing DDS market, Object Management Group is offering this DDS Technical Overview webinar series covering three key areas: (1) the essence of DDS and data-centric systems, (2) how to effectively exploit DDS Quality of Service to build applications that perform and scale, and (3) securing your distributed DDS system.

Part I of the OMG DDS Webinar Series will get you started with DDS. We will (1) cover in great details DDS’ key abstractions, (2) introduce the essence of DDS-based data-centric and modular architectures, and (3) clearly position DDS with respect to messaging technologies. After attending this webcast you will know the fundamentals required to start using DDS in your next project. Presented by Angelo Corsaro, Ph.D., CTO at ADLINK Technology and Co-Chair of the OMG's DDS Special Interest Group.

Part II: DDS QoS to Solve Real World Problems presented by Gerardo Pardo-Castellote, CTO of RTI and Co-Chair of OMG's DDS Special Interest Group is available here: https://www.brighttalk.com/webcast/12231/252387

Part III: Using DDS to Secure Data Communications presented by Nina Tucker, Vice President, Twin Oaks Computing is available here: https://www.brighttalk.com/webcast/12231/252391

As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council (CSCC) recently completed a significant effort to analyze and document the challenges posed by data residency.
Data residency issues result from the storage and movement of data and metadata across geographies and jurisdictions. Attend this webinar to learn more about data residency:

•How it may impact users and providers of IT services (including but not limited to the cloud)
•The complex web of laws and regulations that govern this area
•The relevant aspects – and limitations -- of current standards and potential areas of improvement
•How to contribute to future work

The inability to track customers, partners, accounts, agreements, and policies across complex business ecosystems triggers compliance failures and crisis management challenges that degrade brand value, undermine investor confidence, and chip away at consumer loyalty. Executives have found that efforts to address these shortcomings are more time consuming, error prone, and expensive than they could have imagine. Ironically, these same executives either refuse to sponsor business architecture efforts or are forcing business architecture proponents to “prove” its value on small scale, narrowly defined initiatives. This BrightTALK discusses crisis response challenges at a major financial institution and the role business architecture should play in addressing a variety of related scenarios across a multitude of industry sectors.

This webinar demonstrates the practical realization of standards-based executable modeling in UML, showing its importance for moving forward in a number of, perhaps, unexpected areas, including agile development methods, multi-core programming and model-based system engineering. Today’s Executable UML is based on the OMG’s Foundational UML (fUML) standard, for executable object-oriented and activity modeling, and the Action Language for fUML (Alf) standard, which defines a corresponding textual representation. But this is only the beginning. Additional Executable UML standards are being built on this foundation, including recent ones for composite structure and state machines. Come learn about the growing suite of OMG Executable UML specifications, watch these standards in action and discover the promise they hold for the future.

Today's computing infrastructure is changing dramatically to support new requirements in design and structure. This is no more evident than in the Internet of Things, where new types of machines driven by vast, complex industrial, distributed systems, can’t operate without connectivity. These new machines will transform our infrastructure into smart freeways, distributed power generation and autonomous driving cars, etc., revolutionizing the workplace and our lives for years to come.

These new IoT systems need data-centric technology that directly addresses real-time systems to explicitly manage the communications “data model.” No matter what application – from financial trading platforms, to medical devices, to smart electrical grids, to exploration and production and to transportation – industries need solutions to find right data then communicates it to its intended destination in a reliable, flexible, fast, and secure manner.

To learn more about the proven standard for data-connectivity in mission- and business-critical systems join OMG's webinar featuring experts from the leading DDS middleware vendors; PrismTech, RTI and Twin Oaks Computing

The Object Management Group® (OMG®) Space Domain Task Force completed a second very successful quarterly meeting in Coronado, CA last month during which the Space DTF approved work on several standards initiatives in coordination with NASA, the United States Air Force Space and Missile Center (SMC) Enterprise Ground Services (EGS), and the International Council on Systems on Systems Engineering (INCOSE).

At the same meeting, the OMG Space DTF issued an RFI entitled: Vocabularies, Glossaries, or Ontologies for the Spacecraft Ground Systems Domain Request For Information. The OMG Space DTF is seeking to normalize the terminology used within the spacecraft ground systems domain. We are seeking information on existing or emerging dictionaries, glossaries, or ontologies in this domain. Additionally, the Space DTF is interested in hearing from organizations that might be interested in this topic. The Space DTF will use these responses to either adopt an existing reference or recommend the development of a new consolidated reference

The importance of facing, understanding, predicting and even mitigating uncertainty has been well acknowledged and studied in various fields such as philosophy, physics and finance. In terms of software and system engineering, due to the increasing complex of large-scale systems themselves, and the dynamic and unpredictable deployment and operation environments of such systems, increasing attentions have been given to address challenges of explicitly specifying and modeling uncertainty.
Uncertainty Modeling (UM) aims to promote and enable explicit specifications of uncertainty and uncertainty related concepts, at various contexts (e.g., developing large-scale Cyber-Physical Systems and Internet of Things, for different purposes (e.g., enabling uncertainty-wise requirements specifications, modeling, verification and validation, e.g., facilitating the definition of uncertainty-wise testing strategies), and at different phases of the development of such complex and uncertainty-inherent systems (e.g., requirements, architecture, design, testing and operation).
In the context of OMG, we see a diverse set of uncertainty modeling applications, such as 1) integrating with UML use cases, SysML Requirements Diagram, to enable requirements V&V, 2) capturing uncertainty as part of SysML or UML models to facilitate design and/or testing, 3) integrating with BPMN and other OMG standards to facilitate different kinds of analyses and generations.
OMG’s Uncertainty Modeling Request for Information (RFI) is currently open for responses. The RFI aims to solicit ideas, discussions, comments, recommendations, user needs and experiences about uncertainty modeling. Collected responses will be carefully analyzed and will be used to identify requirements, based on an RFP for an UM will be developed. Instructions for responding to this RFI are specified in the OMG Uncertainty Modeling Request for Information document (ad/16-09-02 (Uncertainty RFI)).
We invite you to join the conversation.

Unified Architecture Framework® (UAF®) is the newest standard presented by domain experts in Object Management Group® (OMG®). UAF is a new version of the UPDM2 standard, and it addresses the needs of military frameworks (such as DoDAF and MODAF) as well as industry.

The Unified Architecture Framework offers a structured approach for managing the complexity of systems of systems engineering within the organization in different levels of abstraction. It also provides an infrastructure to ensure complete and correct specification of systems integration using various techniques such as engineering analysis, traceability, and metrics.

The webinar will demonstrate the complete workflow of systems of systems engineering using the UAF Framework. The workflow includes the activities of defining capability requirements, specifying operational scenarios, providing solutions for operational scenarios, and managing project portfolios required to implement the selected solution.

The Internet of Things (IoT) is a complex system of systems (SoS). IoT systems include the electric smart grid, smart manufacturing, autonomous vehicles, smart consumer devices, etc. Technology advancements will continue to evolve to facilitate connection to larger and larger IoT networks and more complex devices. This will be the catalyst that will drive entire infrastructure changes to federal, state, city, and local governments, product development companies, utility and service providers, and even to consumers and their homes. The infrastructure and management will need to be established prior to, or in conjunction with, the smart systems that support them. The future of IoT success is dependent on the application of solid Systems Engineering and Model Based Systems Engineering (MBSE) principles. MBSE enables engineers to manage the definition of interfaces, allocation of behaviors, evolution of technology, and system security: concepts essential to the successful development of IoT applications. Absent of any industry standards, IoT systems would explode in chaos rather than evolve in a controlled manner.
The Unified Architecture Framework (UAF) provides a means to develop and understand complex system of systems architectures and how they evolve. The Systems Modeling Language (SysML) supports systems engineers to define systems requirements, structure, and behavior throughout the system lifecycle. UAF and SysML combined provide a means of defining complex systems of systems as well as detailed devices and how they work together. IoT success will only be realized through application of up to date, standardized systems engineering languages, processes, and tools.

Cyber threats facing a nation's critical infrastructure, mission-critical systems, or any Internet of Things (IoT) system, demand a cyber infrastructure that matches their combined enormity and complexity. Risk management solutions must be capable of understanding intricate attack patterns and assessing complex vulnerabilities to give stakeholders confidence in their system's ability to withstand malicious attacks.

Currently -- understanding, assessing and managing the risks of complex cyber and/or cyber-physical systems is a very costly and challenging task that requires the expertise of well-trained and seasoned security professionals, a scarce commodity. The traditional approach to risk assessment relies primarily on informal inputs such as documentation and personnel interviews, making this approach subjective, non-comprehensive, non-repeatable, and prone to inaccuracies about the true nature of risks and vulnerabilities involved.

OMG's C4I Task Force Request For Information (RFI) is currently open for response “Cyber Security Protection for Front Line Real-Time Systems RFI” seeking input on a) How to develop Standards to move Tool/Integration community forward to reduce costs and focus on higher quality system development b) What area of standards can be addressed to reduce cost in developing Cyber Security solutions and designs for systems and c) What can be done to integrate current standards that will allow standards based tools to better support design, development and life-cycle support to reduce costs and control costs.

We welcome you to join the conversation.

Business architecture has emerged as the essential vehicle to enable and enrich business transformation. Whether the focus is on shifting to a customer-centered business model, realigning business units to achieve new innovative strategies, or digitizing the business ecosystem, business architecture remains at the foundation of the transformative paradigm. This session will outline the role of business architecture in business transformation and walk through an approach that leverages stakeholder value-driven, capability-centered perspectives to envision and transform the business ecosystem as a whole.