week02

Welcome back!

Come up and ask me questions for 5 mins :)

Something Awesome Project (SAP)

Its pretty awesome - even more so if you come to me at the end of class and tell me what you are doing :)

If not message me on discord @merhi or email me [email protected]

“We want an acceptable project which can be scaled in the sense of being appropriately challenging”

If you want a HD, then you need to have a project that gives you capacity for a HD… its kinda like a thesis!

We care more about progress you have made! Need analysis, technical component and a reflection!

Dont do OverTheWire if you can… Try PicoCTF or HackTheBox

Type 1 and Type 2 Errors.

What are they?

Errors

Who here knows what the TSA is?… Who has experienced the TSA?

Why are they good to have?

Why do they SUCK?

Case Study: Doors

Who did the prep work?

In future - If you dont prep, you dont participate peoples!

Its unfair for those who did.

Jesse did not do the prep work

What was EgyptAir and German Wings?

You are Dick Smith!

Does anyone know who Dick Smith is?

In light of the German Wings incident and the earlier EgyptAir incident the Civil Aviation Safety Authority, the government statutory authority responsible for the regulation of civil aviation, has asked you to return and lead a review into physical security of airplane cockpits and controls

You have been asked to consider the main lessons that that should be learned from these and other relevant incidents and to produce a shortlist of recommendations for actions to be taken to prevent future disasters.

Your review is widely supported by all major airlines and the Australian Government + Defence. These parties are all prepared to devote considerable resources to implement your recommendations. State and justify your top recommendations. Give them in decreasing order of importance (i.e. most important first).

Before we start. This is basically Threat modelling.

Assets -> what can go wrong -> recommendations

(Jesse Showing you a real one because its cool and demonstrates that this course applies to real life)

GO

Things to Consider

  • Physical security of Airplane cockpits
  • Related policies and practices for air crew on board a flight
  • Reevaluate the need for co-pilots to be in the cockpit
  • any additional requirements to place on airline companies
  • Requirements to place on airplane manufacturers
  • Requirements to place on air traffic controls and on airports
  • Requiring systems to be installed on planes which allow their controls to be overriden by air traffic control towers in extreme events
  • Any other such matters relevant to the physical security of the cockpit in order to prevent the re-occurrence of German Wings type incidents in the future.

Things to Remember!

Trust Is Key! Can we trust people? Systems? Things?