CSIS logoCenter for Secure Information Systems

Securing the World's Cyber Infrastructure

I/UCRC: Collaborative Research: Center for Configuration Analytics and Automation (CCAA)

Sponsored by NSF I/UCRC Program
06/01/2013-05/31/2018

Pricipal Investigator

Sushil Jajodia
Center for Secure Information Systems
George Mason University

UNIVERSITY PARTNER

Ehab Al-Shaer
University of North Carolina, Charlotte

Configuration complexity imposes a heavy burden on both regular users and experienced administrators. This complexity dramatically reduces overall effectiveness of operational management and network assurability. A report from the Center for Strategic and International Studies "Securing Cyberspace for the 44th Presidency" in December 2008 states that "inappropriate or incorrect security configurations were responsible for 80% of United States Air Force vulnerabilities". A Juniper Networks report "What is Behind Network Downtime?" states that "human error is blamed for 50 to 80 percent of network outages”. It has been widely reported that the cost of system management has been growing exponentially over years due to increasing complexity of system management including security configuration. It has also been stated in that “more than 40% of the total IT budget of a $1 billion-plus company going to human labor and IT operations accounting for 80% to 90% of the budget”. Moreover, the complexity of future systems and the potential of misconfiguration is likely to increase significantly as the technology progresses toward "smart" cyber infrastructure and “open” configurable platforms (e.g., OpenFlow and virtual cloud computing). As a result large enterprise organizations, product/services providers and government organizations all have interest in this common problem. A recent cyber strategy white paper sponsored by the Department of Homeland Security for cybersecurity stated, “Automation is one of the three interdependent building blocks of a healthy cyber ecosystem, along with interoperability and authentication.” 

Government agencies, critical infrastructure providers, large private or public enterprises, daily must deal with the complexity of managing the configuration of an entire array of products and services that make up their IT infrastructure.  Thus, today’s and tomorrow’s complex network of information systems used by large enterprises can no longer be managed by disparate ‘handcrafted solutions’ and manual processes. Configuration analytics and automation techniques and tools must be developed and adopted to automate the entire IT configuration management cycle including defining, abstraction, synthesis, refinement, verification, validation, testing, debugging, optimization, tuning, and evaluation in order to verify, measure/assess and improve the system assurability (availability and QoS), security (trustworthiness), and sustainability (dependability) of current and future IT services and infrastructures. 

This grant from NSF has permitted the Universities (University of North Carolina Charlotte, and George Mason University) to establish this center, start engaging with industry and government partners, and grow this momentum of research innovation and education in this critical area.

The CCAA vision is to provide research for improved configuration analytics and automation capabilities and their integration for efficient, accurate and timely operations, management and defense of complex networked information technology (IT) systems and environments. The goal of the Center of Configurations Analytics  and Automation (CCAA) is to build the critical mass of inter-disciplinary academic and industry partnership for addressing the current and future challenges of configuration analytics and automation to improve enterprise IT system and service manageability, performance, assurability, security and sustainability; and applying innovative analytics and automation to complex networked systems including: enterprise networking of clouds and data centers, software defined networking, hybrid and cyber-physical systems, smart critical infrastructures, mission-oriented networks (sensor-actuator networks), virtual overlays, social networks and mobile systems.

For more information about CCAA, please visit http://ccaa.gmu.edu/.