High Performance Computing Infrastructure (HPCI) and Zero Trust Architecture (ZTA)
Abstract: This paper explores the application of Zero Trust Architecture (ZTA) principles to High Performance Computing Infrastructure (HPCI), which has become crucial for scientific, industrial, and AI workloads and increasingly designated nationally as critical infrastructure. Traditional cybersecurity frameworks like the ISO 27000-series and NIST 800-series will prove to be an incomplete fit for the unique challenges posed by HPCI. The paper is in response to a growing threat to HPCI and three evolving regulatory frameworks: OMB Memo M-22-09, CISA's (U.S. Cybersecurity and Infrastructure Security Agency) Zero Trust Maturity Model (ZTMM), and NIST (U.S. National Institute for Standards and Technology) Special Publication 800-223, which collectively are shaping the HPCI market in the U.S. and abroad. The study assesses the compatibility of HPCI security across the five ZTMM “pillars” of Identity, Devices, Networks, Applications, and Data, and then identifies potential challenges in balancing risk with cost, complexity, and performance. The findings suggest that a "Traditional" (level 2 out of 4) maturity level is the most suitable target profile for HPCI, given its unique characteristics and operational demands.
After 6 months of effort and reviews, my new paper on High Performance Computing Infrastructure (HPCI) and Zero Trust Architecture (ZTA) is published through Carleton University's National Centre For Critical Infrastructure Protection, Security and Resilience (NC-CIPSeR). Much thanks to Perry Steckly from NC-CIPSeR and William Ulicny from Canadian Nuclear Laboratories for their invaluable support and comments, and my co-author Daksha Bhasker PEng (CIE), MBA CISM CISSP CCSK CCZT from 微软 . I also have to sincerely thank the participants and reviewers from industry and HPCI centres for their time and insights during the research stages of this paper! Cheers!
You can download the Main Body (26 pages) of the paper here.
You can download the Annex (40+ pages) here.
There is also an interactive slide presentation available here.
#criticalinfrastructure #zerotrust #ztmm #cybersecurity
Impressive insights Tyson Macaulay, CISA, LEL CIE and Daksha Bhasker PEng (CIE), MBA CISM CISSP CCSK CCZT!! The application of Zero Trust Architecture to HPC Infrastructure aligns well with the heightened focus on critical infrastructure protection. With Canada’s Bill C-26 addressing cybersecurity in critical sectors and Bill C-27 covering data privacy, the importance of ZTA in HPCI is clearer than ever. The alignment with U.S. initiatives, such as the CISA Zero Trust Maturity Model Version 2.0, emphasizes a cross-border opportunity to strengthening infrastructure resilience. NC-CIPSeR is eager to see these frameworks shape a more secure future in North America and beyond. Looking forward to seeing how this work begins to drive new conversations and change and how we can continue to support meaningful, evidence-based solutions. #PulseandPraxis #BillC26 #cybersecurity #Criticalinfrastructure #ZeroTrust #HPCI
Sales Executive at HINTEX
5 个月Excited to dive into your paper on HPC infrastructure security and its implications for protecting critical systems.