BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Talks.cam//talks.cam.ac.uk// X-WR-CALNAME:Talks.cam BEGIN:VEVENT SUMMARY:Hierarchies\, Lowerarchies\, Anarchies\, and Plutarchies: Historic al Perspectives of Composably Layered High-Assurance Architectures - Peter Neumann\, Principal Scientist\, SRI International Computer Science Lab DTSTART:20101012T151500Z DTEND:20101012T161500Z UID:TALK26524@talks.cam.ac.uk CONTACT:Jonathan Anderson DESCRIPTION:This talk will consider some of the challenges of holistically designing predictably trustworthy system and network architectures\, with consideration of various past efforts and some prospects for the future. In scope are topics such as what might be called the father and son of hie rarchical trustworthy systems\, respectively Multics (rings\, symbolic dyn amic linking\, nested directories) and SRI's Provably Secure Operating Sys tem PSOS design (tagged and typed more-or-less object-oriented capabilitie s in hardware and software)\, MLS and MILS architectures (beginning with K SOS and KVM)\, separation kernels and virtual machines (with pointers to R ushby and DeLong's recent work). Some of the underlying concepts are of c ourse abstraction\, modularity\, strong encapsulation\, explicit mappings between layers\, explicit dependency analyses\, high assurance\, and basic principles that can enhance modular composition\, considered in my DARPA CHATS report\, Principled Assuredly Trustworthy Composable Architecture. A s an example of the pervasive interdependencies that must be addressed\, I will briefly summarize some aspects of A Roadmap for Cybersecurity Resea rch that we developed for Doug Maughan at the U.S. Department of Homeland Security\, November 2009.\n\nNOTE: Plutarch's writings (e.g.\, Parallel Li ves) stimulated among Romans considerable sense of the importance of under standing historical people and events. He observed that little seemed to have changed in human nature. We might observe today that in some regards relatively little has changed in the commercial development of high-assur ance systems\, despite some major advances in the research communities. W e would like to fix that in the future. LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building END:VEVENT END:VCALENDAR