Air Force Test Center
|
|
- Abner Morton
- 5 years ago
- Views:
Transcription
1 Air Force Test Center Avionics Cyber Range (ACR) DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. Bill L'Hommedieu ACR Chief Engineer 96 th Cyber Test Group 7 May
2 ACR Overview Mission: An AFTC test range providing a mission based infrastructure, interfacing with other facilities ranging from controlled, secure offensive cyberspace systems to emulations of uncontrolled, non-secure, and adversary networks ACR will support Cyberspace testing for: Aircraft, Logistics systems, C2 Systems, Space and Nuclear platforms 2
3 ACR Concept of Operations Vulnerabilities validated and TTP exercised on Operational platforms Anechoic Chamber Testing Flight line testing Mobile test Kits Mission - Validated Vulnerabilities Operational Test Susceptibilities found though Binary Analysis Fuzz testing across trust boundaries Fuzz testing of code processes and output Binary Hardening Residual Susceptibilities Known Susceptibilities Zero-Day Hacks Susceptibilities exercised in System of Systems testing for evaluation of mission effects in an operationally representative, multiple platform environment SIL/HWIL Test Validated Susceptibilities Component Test Susceptibilities exercised on individual components Functional Security testing Penetration testing Subsystem Fuzzing ACR will consist of three strategic capability areas: Avionics Cyber Test Lab, Cyber Threat Development, and National Cyber Range Complex
4 Avionics Cyber Lab Connects avionics hardware to a test capability with the necessary elements to cover the end-to-end communications associated with a typical weapon system Avionics Test Bench - well-defined hardware interfaces and software API s Allows new technology to be validated/demonstrated in flight representative environment Enable connection with remote elements for example with ground based related testbeds Weapon systems Racks/Pylons Maintenance equipment (for example CMBRE/CAPRE) LRU Virtualization - High-fidelity emulations of an LRU s architecture, native processor, memory layout, etc. providing representative hardware/software environment Reverse Engineering Laboratory - hardware and software reverse engineering of embedded systems including avionics and weapon systems 4
5 Cyber Threat Development Provides representation of the actions of adversaries whose ability and intent is to adversely affect an automated system, facility, or operation Threat Environment - threat representations that are intelligence-informed cyber threat TTPs, equipment, or adversarial command and control networks Representative Threats - threats across the spectrum from hacker to nation state-sponsored cyber attackers, provided through threat scripts and recognized threat vectors Cyber Effects Emulation - capability to inject hostile activity (malformed messages, malware, etc.) into embedded system data buses and cyber-attack surfaces Threat Modeling - Automated modeling tools to assist the test engineer quickly defining a set of possible attacks RF threat injection and tools - injection of cyber effects though RF channels within the mission kill chain 5
6 National Cyber Range, Eglin AFB A secure hosting workspace with the capability to emulate systems under test in a real world, operational environment, in order to perform live fire cyber-attacks Common Cyber Testing Ontology, Taxonomy, and Lexicon How we communicate Common Concept of Operations How the cyber ranges operate Common Cyber Test Data Model How to describe a cyber test Common Cyber Descriptions (Object Definition and Transforms) How components of the cyber test are defined Common Cyber Universe Description How the environment that surrounds the components of the cyber test are defined Common Instrumentation and Control How data is collected and assessed How cyber tests are controlled TECHNICAL CHARACTERISTICS Realistic: Large-scale, high-fidelity virtualized cyber environments operating actual software integrated with hardware-in-the-loop capabilities Repeatable: Archived, reusable environments, procedures, parameters, and event restoration checkpoints to facilitate test-fix-test verification Rapid: Standard tools and processes to automatically create, re-create, and modify mission-specific environments Isolation: Cryptographic segregation of multiple, concurrent cyber environments at varying security classifications Sanitization: Restore all assets to a known, clean state not just range infrastructure, but also mission system equipment E n a b l e d b y a C y b e r - S a v v y W o r k f o r c e
7 ACR OV-1 Hardware In the Loop Facilities Anechoic Chamber Open Air Ranges National Cyber Range Complex Cyber Threat Development JMETC Multi Level Network (JMN) Avionics Cyber Range Multi-level Network (ACRMN) Avionics Cyber Test Lab National Cyber Range, Eglin RF Threat Injection & Tools Threat Models & Simulation Threat Environment LRU Virtualization Reverse Engineering Lab Avionics Test Bed Test Instrumentation Avionics Buss Fuzzing Tools Test Instrumentation Traffic Generation Test Test Virtual Machines Sanitization Server 7
8 Proposed Test FOC RF threat injection LRU Emulation Threat Development Automatic Exploit Generation System Under Test (SUT) Instrumentation & Debugging Avionics Bus Sniffer/Analyzer Avionics Subsystem Fuzzing National Cyber Range Complex SILs/HWIL Integration Avionics Cyber Test Bench 8
9 Planned ACR Connectivity JMETC MILS Network (JMN) will provide connections to remote sites ACR will be integrated with the Nation Cyber Range Complex Any test site requiring ACR resources can connect though JMN Aberdeen Proving Grounds NAS PAX River Edwards AFB 47th OL-B IFAST BAF Redstone Arsenal RTC SPAWAR Charleston Joint Base San Antonio 47 th Test Squadron Eglin AFB 96 th Cyber Test Group Avionics Cyber Range JPRIMES NCRC Orlando 9
10 Avionics Test Bed Capability to emulate avionics architectures including the necessary elements to cover the end-to-end communications associated with a typical weapon system Project Objectives: - Capabilities for rapid integration of avionics subsystems - Capabilities for rapid reconfiguration to support different air platforms and any number of real/emulated/simulated avionics systems - Repeatable processes to monitor, stimulate and perform test and evaluation - Capabilities to monitor or record inputs from real weapon systems, replay the data back to a weapon system, or fuzz the inputs to a weapon system - Capabilities for integration of modern Aircraft Avionics Focus Areas: - A modular architecture with a standardized set of interfaces that allows rapid reconfiguration and expansion using a combination of real, emulated and simulated avionics subsystems technology - Platform Agnostic - Emulated Hardware with operational software - AFRL Avionics Vulnerability Assessment System (AVAS) - allows for rapid integration of simulation models and avionics - Protocol Development for avionics systems - Aircraft LRU Integration 10
11 DIUX VOLTRON Project Defense Innovation Unit Experimental (DIUX) VOLTRON Project Automated vulnerability detection and remediation would result in a revolution in securing mission-critical systems and in the development of offensive capabilities against targets of interest This capability was first demonstrated in August 2016 at the DARPA Cyber Grand Challenge Project Objectives: - Demonstrate the efficacy of autonomous tools in performing vulnerability assessments of DoD weapon systems without the use of external threat/vulnerability information - Identify and remediate vulnerabilities in production software, including the generation of working exploits to prevent false positives - Build autonomous capabilities into tools already used by government vulnerability researchers to meet both offensive and defensive mission needs - With a successful prototype, deliver a system that works against a variety of architectures of interest to the DoD Participating Contractors Contractor Product Architectures ForAllSecure MAYHEM x86 Linux, ARM Linux, x64 Windows GrammaTech Proteus x64 Windows Trail of Bits PowerPC on VxWorks 5.5 Kudu Dynamics PASSED PAWN ArduPilot and Pixhawk (open source autopilot software) Focus Areas: Autonomous vulnerability detection and code hardening of x86 and ARM Linux based avionics and sensor fusion software. Autonomous vulnerability detection and code hardening x64 Windows based mission planning and support systems. (Joint Mission Planning Software)(JMPS) Autonomous vulnerability detection and code hardening of PowerPC VxWorks. Autonomous vulnerability detection and offensive weaponization on software of interest to the offensive cyber community. 11
12 Cyber Threat Automation & Monitoring (CTAM) Florida International University-ARC Miami FL Project Objectives: Developing technologies to detect, monitor, and analyze malware behavior during cyber attacks in a virtualized T&E environment Enables: Fine-grain introspection/data collection/monitoring Machine Learning and Advanced Cyber Analytics Analysis and threat assessment to understand impacts to systems under test Project Completion May 2020 Focus Areas: Capability to create System Under Test (SUT) virtual machines on XEN and KVM platforms and perform Introspection Optimize traditional machine learning algorithms and implementation of deep learning algorithm for accurate prediction to identify the impact of test vectors on defined mission Implementation of deep learning algorithms using CNTK and TensorFlow framework Implementation of Stream processing /Distributed computing using SPARK and Kafka T&E/S&T Program FY2016 End-of-Year Program Execution Review
13 Questions/Discussion? 13
Air Force Test Center
Air Force Test Center Avionics Cyber Range (ACR) Mark Erickson 46 TS/OGE 26 January 2017 DISTRIBUTION STATEMENT A: Approved for public release: distribution is unlimited. 96TW-2017-0005 1 What is the Avionics
More informationCybersecurity Test and Evaluation at the National Cyber Range
Cybersecurity Test and Evaluation at the National Cyber Range 17 November 2015 Dr. Robert N. Tamburello Deputy Director National Cyber Range robert.n.tamburello.civ@mail.mil 571-372-2753 What is a Cyber
More informationAvionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment
Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment 26 January 2017 Presented by: Mr. Chad Miller NAVAIR Cyber T&E What: Replicate Cyber Battlespace
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationJOINT MISSION ENVIRONMENT TEST CAPABILITY (JMETC)
JOINT MISSION ENVIRONMENT TEST CAPABILITY (JMETC) Cyber T&E Initiatives AJ Pathmanathan JMETC Deputy PM for Engineering NCR Technical Director November 14, 2013 GET CONNECTED to LEARN, SHARE, and ADVANCE
More informationOverview of Infrastructure for Cyber, Interoperability, and Distributed Test
Overview of Infrastructure for Cyber, Interoperability, and Distributed Test For LTC Richard Dixon Mission Control Complex, Bde Modernization Command The JMETC Mission JMETC provides the persistent, robust
More informationCombat Effectiveness Testing of System of Systems in the Face of Cyber Threat
Combat Effectiveness Testing of System of Systems in the Face of Cyber Threat Presented at National Defense Industrial Association Conference March 3, 2010 Jon Payne USJFCOM IO Range 256.842.0156 Jonathon.payne@jfcom.mil
More informationJoint Mission Environment Test Capability (JMETC)
Joint Mission Environment Test Capability (JMETC) Distributed Testing for Cyber Security Marty Arnwine JMETC, Deputy for Plans and Operations February 26, 2015 Agenda JMETC Overview JMETC Networks National
More informationCyber, Command, Control, Communications, and Computers Assessments Division (C5AD)
Cyber, Command, Control, Communications, and Computers Assessments Division (C5AD) 1 C5AD Presentation (Approved for Public Release: 20150219) ITEA 26 March 2019 Greg Curth J6/DDC5I/C5AD/ENG Cyber Capability
More informationTest & Evaluation/Science & Technology (T&E/S&T) Cyberspace Test Technology (CTT) Project Overview. 2nd Annual ITEA Cyber Security Workshop
Test & Evaluation/Science & Technology (T&E/S&T) Cyberspace Test Technology (CTT) Project Overview 2nd Annual ITEA Cyber Security Workshop 17 March 2016 Mr. Mark Erickson Phone: 850-882-8110 Email: mark.erickson.2@us.af.mil
More informationCybersecurity Testing
Cybersecurity Testing Tim Palmer Chief Technical Advisor, SAS Business Unit Torch Technologies, Inc. EXPERTISE // INNOVATION // CUSTOMER FOCUS // EXCELLENCE // INTEGRITY // COOPERATION // RELIABILITY About
More informationTest Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event
Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event Mr. George Rumford Deputy Director Major Initiatives and Technical Analyses Test Resource Management Center January
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationTest and Evaluation Methodology and Principles for Cybersecurity
Test and Evaluation Methodology and Principles for Cybersecurity Andrew Pahutski Deputy Director; Cyber & Information Systems Office of the Secretary of Defense (OSD) Developmental Test and Evaluation
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($
More informationSecurity: The Key to Affordable Unmanned Aircraft Systems
AN INTEL COMPANY Security: The Key to Affordable Unmanned Aircraft Systems By Alex Wilson, Director of Business Development, Aerospace and Defense WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY
More informationSecuring the End Node in a Cloud World
Securing the End Node in a Cloud World Approved for Public Release: RY-11-0022, 88 ABW-11-0375 Lt Col Ken Edge, PhD Electronic & Net-Centric Warfare Division Air Force Research Laboratory Of Clouds and
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationNaval Surface Warfare Center,
CAPT Brian R. Durant Commander NSWCDD Technical Director - (540) 653-8103 Dennis M. McLaughlin Technical Director Naval Surface Warfare Center, Dahlgren Naval Undersea DivisionWarfare Center The The Leader
More informationUNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($ in Millions)
More informationUAS Operation in National Air Space (NAS) Secure UAS Command and Control
UAS Operation in National Air Space (NAS) Secure UAS Command and Control Dr. Randal Sylvester Division Chief Technologist L3 CSW 26 October 2015 This information consists of L-3 Communications Corporation,
More informationMission Aware Cybersecurity
Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence
More informationUNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Data to Decisions Advanced Technology FY 2012 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2012 Office of Secretary Of Defense DATE: February 2011 BA 3: Advanced Development (ATD) COST ($ in Millions) FY 2010 FY 2011 Base OCO Total FY 2013 FY
More informationCyber Security CRA Overview
Cyber Security CRA Overview Patrick McDaniel (PM, PSU) & Edward Colbert (CAM, ARL) cra.psu.edu Approved for public release; distribution is unlimited. Cyber Security Collaborative Research Alliance A Collaborative
More informationCyber T&E Standards Panel
Cyber T&E Standards Panel Why Cyber T&E Standards? Mr. George Wauer, Touchstone POCs, LLc Test and Training Enabling Architecture (TENA) Mr. Gene Hudgins, TRMC Cyber Range Environment VV&A Mr. Ryan Kelly,
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete
More informationTowards Effective Cybersecurity for Modular, Open Architecture Satellite Systems
SSC16-IV-6 Towards Effective Cybersecurity for Modular, Open Architecture Satellite Systems Presented to: 30 th Annual AIAA/USU Conference on Small Satellites August 2016 Presented by: Geancarlo Palavicini
More informationAMRDEC CYBER Capabilities
Presented to: HAMA AMRDEC CYBER Capabilities Distribution Statement A: Approved for public release: distribution unlimited 08 July 16 Presented by: Julie Locker AMRDEC Cyber Lead U.S. Army Aviation and
More informationUS Air Force Initiative to Enhance Hypersonic Test Capabilities
Air Force Materiel Command US Air Force Initiative to Enhance Hypersonic Test Capabilities Col Tim West Senior Materiel Leader, Test Ops Division Arnold Engineering Development Complex 32 nd Annual NDIA
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationAerospace Systems Directorate
Aerospace Systems Directorate Dr. Doug Blake Director Aerospace Systems Directorate Air Force Research Laboratory 2 United States Air Force Mission The Mission of the United States Air Force is to Fly,
More informationProtecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations (NIST SP Revision 1)
https://www.csiac.org/ Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations (NIST SP800-171 Revision 1) Today s Presenter: Wade Kastorff SRC, Commercial Cyber Security
More informationSESSION G.1 CONVERGING LIVE AND VIRTUAL ARCHITECTURES FOR TRAINING, TEST AND EVALUATION
SESSION G.1 CONVERGING LIVE AND VIRTUAL ARCHITECTURES FOR TRAINING, TEST AND EVALUATION Common Open Architecture for Test and Training Airborne Instrumentation Packages Presenter: Rob Scott OBJECTIVE Compare
More informationCybersecurity in Acquisition
Kristen J. Baldwin Acting Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) Federal Cybersecurity Summit September 15, 2016 Sep 15, 2016 Page-1 Acquisition program activities must
More informationSpace and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP)
Space and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP) SSC Atlantic is part of the Naval Research & Development Establishment (NR&DE) Information Warfare Research Project
More informationDr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation
Nov 2012 Page-1 Dr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation November 2012 Nov 2012 Page-2 DT&E for Complex Systems Performance Reliability Interoperability Information Security
More informationPlanning and Executing an Integration Test Strategy for a Complex Aerospace System
Planning and Executing an Integration Test Strategy for a Complex Aerospace System Mr. Derrick Hinton Principal Deputy Director, Test Resource Management Center Complex Aerospace Systems Exchange September
More informationI n t e g r i t y - S e r v i c e - E x c e l l e n c e
I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e AF Chief Information Security Officer (CISO) Mr. Pete Kim (SES)
More informationCENTRAL TEST AND EVALUATION INVESTMENT PROGRAM (CTEIP) PE D FY 1998 FY 1999 FY 2000 FY 2001 FY 2002 FY 2003 FY 2004 FY 2005
RDT&E BUDGET ITEM JUSTIFICATION SHEET (R-2) February 1999 DIRECTOR TEST AND EVALUATION, DEFENSE (0450) BUDGET ACTIVITY SIX $'s in Thousands CENTRAL TEST AND EVALUATION INVESTMENT PROGRAM (CTEIP) PE 0604940D
More informationU.S. Army Cyber Center of Excellence and Fort Gordon
U.S. Army Cyber Center of Excellence and Fort Gordon W BUILDING A WORLD CLASS CYBER WORKFORCE TECHNET 2018 Cyberspace Capabilities in Support of Unified Land Operations- Outpacing Our Adversaries This
More informationFPGA-Based Embedded Systems for Testing and Rapid Prototyping
FPGA-Based Embedded Systems for Testing and Rapid Prototyping Martin Panevsky Embedded System Applications Manager Embedded Control Systems Department The Aerospace Corporation Flight Software Workshop
More informationOpen Standards in Aircraft Instrumentation
Open Standards in Aircraft Instrumentation Robert Hill Eglin AFB, FL 96 th Test Wing 96 th Range Group 896 th Test Support Squadron Outline Background Challenges Why Standards? What Standards are Needed?
More informationHigh-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity
Distribution A: SSC17-V-01 High-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity Daria C. Lane, Enrique S. Leon, Francisco C. Tacliad, Dexter H. Solio, Ian L. Rodney, Dmitriy
More informationUNCLASSIFIED FY 2016 OCO. FY 2016 Base
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400:,, Test & Evaluation, Defense-Wide / BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationSmart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability
Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 25,
More informationCybersecurity Metrics: A Red Team Perspective
UNCLASSIFIED Cybersecurity Metrics: A Red Team Perspective Distribution Statement A Distribution: Approved for public release; distribution is unlimited. Bradley R. Horton CISSP-ISSMP, CEH, CISA Chief,
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018
Exhibit R-2, RDT&E Budget Item Justification: PB 2014 Office of Secretary Of Defense DATE: April 2013 BA 3: Advanced (ATD) COST ($ in Millions) All Prior Years FY 2012 FY 2013 # Base OCO ## Total FY 2015
More informationNet-Centric Systems Design and Requirements Development in today s environment of Cyber warfare
Net-Centric Systems Design and Requirements Development in today s environment of Cyber warfare 2015 NDIA Systems Engineering Conference Dr. Craig Arndt Defense Acquisition University 1 Agenda Requirements
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationto-end System Test Architecture
End-to to-end System Test Architecture Sr. Manager, Lockheed Martin SSC masuma.ahmed@lmco.com (408) 742-2553 2553 1 Net-Centric Mission Operations Features Fully Synchronized Interoperable, of ed Systems
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationSystems 2020 Strategic Initiative Overview
Systems 2020 Strategic Initiative Overview Kristen Baldwin ODDR&E/Systems Engineering 13 th Annual NDIA Systems Engineering Conference San Diego, CA October 28, 2010 Oct 2010 Page-1 DISTRIBUTION STATEMENT
More informationNextGen Interagency Experimentation Hub
NextGen Interagency Experimentation Hub Doug Flournoy Matt McNeely Jojo Thoppil Linda Schlipper Michael Krueger rflourno@mitre.org mmcneely@mitre.org jthoppil@mitre.org lschlipper@mitre.org mkrueger@mitre.org
More informationImproving SCADA System Security
Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September
More informationThe DoD T&E/S&T Program
The DoD T&E/S&T Program George Rumford Program Manager Test Resource Management Center Test & Evaluation / Science & Technology Program (TRMC, T&E/S&T) NDIA 16 TH Annual Science & Engineering Technology
More informationQuality Collaboration Across Government and Industry in a Time of Profound Changes
Quality Collaboration Across Government and Industry in a Time of Profound Changes 2018 CQSDI March 12 2018 Todd Nygren Corporate Chief Engineer 2018 The Aerospace Corporation Compelling Time of Change
More informationCyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies
Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies lwihl@scalable-networks.com 2 The Need OT security particularly in the
More informationAutomated Attack Framework for Test & Evaluation (AAFT)
Automated Attack Framework for Test & Evaluation (AAFT) 34 th International Test and Evaluation Association Symposium October 4, 2017 Mr. Andrew Shaffer The Applied Research Laboratory The Pennsylvania
More informationITEN Wired Cyber Competition
ITEN Wired Cyber Competition Kevin Hofstra Chief Technology Officer www.cybercents.com Copyright 2009-2016 by Metova Federal, LLC. All rights reserved. SLAM-R Copyright 2009-2016 by Metova Federal, LLC.
More informationISA 201 Intermediate Information Systems Acquisition
ISA 201 Intermediate Information Systems Acquisition 1 Lesson 8 (Part A) 2 Learning Objectives Today we will learn to: Overall: Apply cybersecurity analysis throughout acquisition lifecycle phases. Analyze
More informationCyberspace: New Frontiers in Technology Insertion
Cyberspace: New Frontiers in Technology Insertion Dr. John S. Bay, ST Chief Scientist, Air Force Research Laboratory, Information Directorate AFRL Structure AFRL Maj Gen C Bedke Staff XP Air Vehicles Space
More informationApproaches and Tools to Quantifying Facility Security Risk. Steve Fogarty, CSO
Approaches and Tools to Quantifying Facility Security Risk Steve Fogarty, CSO ARES Security Corporation ARES is a high-performing Technology Solutions provider with more than 20 offices around the world.
More informationCybersecurity T&E and the National Cyber Range
Cleared for Public Release 23 March 2017 Case # 17-S-1267 Cybersecurity T&E and the National Cyber Range Prepared for 2nd ITEA Cyber Security Workshop "Challenges Facing Test and Evaluation 24 March 2017
More informationdeep (i) the most advanced solution for managed security services
deep (i) the most advanced solution for managed security services TM deep (i) suite provides unparalleled threat intelligence and incident response through cutting edge Managed Security Services Cybersecurity
More informationNetwork Mission Assurance Phoenix Challenge 2002 Conference
Phoenix Challenge 2002 Conference Lockheed Martin Advanced Technology Laboratories Distributed Processing Laboratory 1 Federal Street A&E Building 3W Camden, New Jersey 08102 Mike Junod mjunod@atl.lmco.com
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete Total Cost Total Program Element 8.306 7.299 10.429-10.429 11.464 12.492 12.840 13.010 Continuing Continuing
More informationFAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center
FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center Date: 08 August, 2016 1 2 3 4 5 6 7 8 2 FAA Provides Aviation Portion
More informationProtecting the Nation s Critical Assets in the 21st Century
Protecting the Nation s Critical Assets in the 21st Century Dr. Ron Ross Computer Security Division Information Technology Laboratory OPM. Anthem BCBS. Ashley Madison. 2 Houston, we have a problem. Complexity.
More informationHardcore PI System Hardening
Hardcore PI System Hardening Jozef Sujan, Lubos Mlcoch 1 Agenda 1. No-nonsense approach to Cyber Security 2. The Power of... PowerShell 3. Deadly Sins of PI Administrators Note: All examples in this presentation
More informationConfiguration Security (ConSec) Proposers Day
Configuration Security (ConSec) Mr. Jacob I. Torrey Proposers Day November 17, 2017 1 ConSec objective statement Develop a system to automatically generate, deploy, and enforce secure configurations of
More informationYour Challenge. Our Priority.
Your Challenge. Our Priority. Building trust and Confidence. When Federal managers and military leaders face tough challenges in cyber, data collection & analytics, enterprise IT or systems and software
More informationProtecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities
Cybersecurity Basics For Energy Managers Protecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities Michael Mylrea Manager, Cybersecurity & Energy Technology Pacific
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationThe Success of the AMRAAM DBMS/DAS
The Success of the AMRAAM DBMS/DAS John Gerdine Wyle Laboratories Inc. Niceville Florida 32579 U.S.A. 1 Overview Asymmetric Threat AMRAAM Development Test and Evaluation (T&E) History Current AMRAAM Production
More informationCyber Threat Intelligence Standards - A high-level overview
Cyber Threat Intelligence Standards - A high-level overview Christian Doerr TU Delft, Cyber Threat Intelligence Lab Delft University of Technology Challenge the future ~ whoami At TU Delft since 2008 in
More informationDOE and Test Automation for System of Systems T&E
DOE and Test Automation for System of Systems T&E Larry Harris, Navy SPAWAR PMW-120 APM T&E Luis Cortes, MITRE Corporation Jim Wisnowski, Adsurgo Darryl Ahner, OSD STAT COE Jim Simpson, JK Analytics Bottom
More informationA Better Space Mission Systems threat assessment by leveraging the National Cyber Range
A Better Space Mission Systems threat assessment by leveraging the National Cyber Range Chuck Allen (CISSP) & Jonathon Doubleday CORD Presented to GSAW, Feb-March 2018 2018 The Aerospace Corporation Abstract
More informationCyber Security Update Recent Events in the Wild and How Can We Prepare?
Cyber Security Update Recent Events in the Wild and How Can We Prepare? Bob Cowles August, 2011 DOE Labs Hacked! ORNL off the Internet for nearly 2 weeks extensive remediation efforts put into place JLab
More informationDynamic program analysis
Dynamic program analysis Pierre.Girard@gemalto.com RE-TRUST workshop Meudon, March 19, 2009 Mission of the day Give an overview of tools and procedures for dynamic software analysis in an industrial security
More informationCompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
More informationCyber Maryland 2017: Continuous Innovation and Cyber Incident Response
Cyber Maryland 2017: Continuous Innovation and Cyber Incident Response Thursday 10/12/17 Michael Misumi, CIO Johns Hopkins University Applied Physics Lab (APL) University Affiliated Research Center Sponsors
More informationAdvanced Technology Academic Research Council Federal CISO Summit. Ms. Thérèse Firmin
Advanced Technology Academic Research Council Federal CISO Summit Ms. Thérèse Firmin Acting Deputy DoD CIO Cyber Security Department of Defense 25 January 2018 2 Overview Secretary Mattis Priorities Cybersecurity
More informationCybersecurity Test and Evaluation
Cybersecurity Test and Evaluation Alex Hoover Test Area Manager Cyberspace & Homeland Security Enterprise Programs 202-254-5615 alex.hoover@hq.dhs.gov Office of Test & Evaluation Science and Technology
More informationResilient Architectures
Resilient Architectures Jeffrey Picciotto 2 nd Annual Secure and Resilient Cyber Architectures Workshop Transformation of Thought CONOPS Use Cases End to End Flows Cyber Threats & Intelligence Prioritize
More informationImproving Security in Embedded Systems Felix Baum, Product Line Manager
Improving Security in Embedded Systems Felix Baum, Product Line Manager The Challenge with Embedded Security Business Imperatives Security Imperatives I need to keep my production expenses as low as possible.
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationAn Experimental Analysis of the SAE J1939 Standard
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard 10th USENIX Workshop On Offensive Technologies (WOOT 16) Liza Burakova, Bill Hass, Leif Millar & Andre Weimerskirch Are trucks more secure
More information6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are
PROGRAM Objective Cyber Security is the most sought after domain, and NASSCOM projects a requirment of over 1 million trained professionals by 2025. Tevel training program is an industry & employability
More informationAir Force Digital Strategy
Air Force Digital Strategy Mr. Bill Marion Deputy Chief Information Officer 1 Protect IT Service Management Connect Compute/Store End Devices Data Workforce Compliance Business Innovation Next Gen Desktop
More information48 th Annual NDIA Conference Targets, UAVs & Range Operations Symposium & Exhibition. Boeing QF-16 Program
48 th Annual NDIA Conference Targets, UAVs & Range Operations Symposium & Exhibition Boeing QF-16 Program QF-16 Full Scale Aerial Target Boeing Global Services and Support Maintenance, Modifications, &
More informationA Measurement Companion to the CIS Critical Security Controls (Version 6) October
A Measurement Companion to the CIS Critical Security Controls (Version 6) October 2015 1 A Measurement Companion to the CIS Critical Security Controls (Version 6) Introduction... 3 Description... 4 CIS
More informationDEFENSE LOGISTICS AGENCY AMERICA S COMBAT LOGISTICS SUPPORT AGENCY. Cyber Security. Safeguarding Covered Defense Information.
DEFENSE LOGISTICS AGENCY AMERICA S COMBAT LOGISTICS SUPPORT AGENCY Cyber Security Safeguarding Covered Defense Information 30-31 August 2016 WARFIGHTER FIRST PEOPLE & CULTURE STRATEGIC ENGAGEMENT FINANCIAL
More informationManaging the Emerging Semantic Risks
The New Information Security Agenda: Managing the Emerging Semantic Risks Dr Robert Garigue Vice President for information integrity and Chief Security Executive Bell Canada Page 1 Abstract Today all modern
More informationEngineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
More informationBreaking the Blockchain: Real-World Use Cases, Opportunities and Challenges
SESSION ID: BAC-W12 Breaking the Blockchain: Real-World Use Cases, Opportunities and Challenges Dr. Michael Mylrea Senior Advisor for Cybersecurity & Blockchain Lead Pacific Northwest National Laboratory
More informationBird of a Feather Automated Responses
Bird of a Feather Automated Responses Energy-Sec Summit 2017 13 Th Security and Compliance www.inl.gov August 2017 INL s Position Nationally A network of 17 DOE national labs DOE s lead lab for nuclear
More informationAutomotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division
Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division Cybersecurity is not one Entry Point Four Major Aspects of Cybersecurity How
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationTelemetry of the Future
Telemetry of the Future and the future is not too far off! Thomas Grace TAS Chief Engineer Thomas.Grace@navy.mil 301-342-1227 Traditional Telemetry 50 Years of Service Has served us well but it is starting
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More information