Cybersecurity Testing

Similar documents
Test and Evaluation Methodology and Principles for Cybersecurity

The Perfect Storm Cyber RDT&E

Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment

T&E Workforce Development

Integrated C4isr and Cyber Solutions

DoD Strategy for Cyber Resilient Weapon Systems

AMRDEC CYBER Capabilities

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

The Success of the AMRAAM DBMS/DAS

Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Joint Federated Assurance Center (JFAC): 2018 Update. What Is the JFAC?

April 25, 2018 Version 2.0

Air Force Test Center

Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview

Cybersecurity Test and Evaluation at the National Cyber Range

DHS Cybersecurity: Services for State and Local Officials. February 2017

UNCLASSIFIED UNCLASSIFIED

Cybersecurity in Acquisition

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

ISA 201 Intermediate Information Systems Acquisition

Air Force Test Center

Looking Forward: USACE MILCON Cybersecurity Integration

Systems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities

Radiance Capabilities Overview Concepts to Capabilities

Cybersecurity Test and Evaluation

Shift Left: Putting the Process Into Action

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Space Cyber: An Aerospace Perspective

THE UNDER SECRETARY OF DEFENSE 3010 DEFENSE PENTAGON WASHINGTON, DC ACQUISITION, TECHNOLOGY AND LOGISTICS January 11, 2017

Department of Defense. Installation Energy Resilience

Dr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation

Marine Corps Tactical System Support Activity

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Data to Decisions Advanced Technology FY 2012 OCO

Implementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs

Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies

Corporate Capabilities

Test & Evaluation/Science & Technology (T&E/S&T) Cyberspace Test Technology (CTT) Project Overview. 2nd Annual ITEA Cyber Security Workshop

Defense Engineering Excellence

UNCLASSIFIED. UNCLASSIFIED R-1 Line Item #49 Page 1 of 10

Achieving DoD Software Assurance (SwA)

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

The Operational Test & Evaluation Cybersecurity Terrain

JOINT MISSION ENVIRONMENT TEST CAPABILITY (JMETC)

DOE and Test Automation for System of Systems T&E

Mission Aware Cybersecurity

Modular Open Systems Approach (MOSA) Panel on Standards

Test and Evaluation. The Key to Successful Acquisition Outcomes DHS SCIENCE AND TECHNOLOGY. Steve Hutchison. 20 April 2017

The DoD T&E/S&T Program

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

DEFENSE LOGISTICS AGENCY

UNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018

Department of Management Services REQUEST FOR INFORMATION

US Air Force Initiative to Enhance Hypersonic Test Capabilities

Federal Mobility: A Year in Review

Establishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security

Joint Mission Environment Test Capability (JMETC)

Cyber T&E Standards Panel

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

CONE 2019 Project Proposal on Cybersecurity

Cybersecurity, Trade, and Economic Development

Cybersecurity for Department of Defense Microgrids: An Army Perspective

Cybersecurity Metrics: A Red Team Perspective

Cybersecurity Test and Evaluation Achievable and Defensible Architectures

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18

National Policy and Guiding Principles

Cybersecurity and Program Protection

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Naval Surface Warfare Center,

NDIA SE Conference 2016 System Security Engineering Track Session Kickoff Holly Dunlap NDIA SSE Committee Chair Holly.

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Air Force Civil Engineer Center. Director s View. Randy Brown Director 4 May Battle Ready Built Right! 1

Information Technology & Cybersecurity Services & Solutions

The Office of Infrastructure Protection

Electricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

UBIQUITIOUS, RESILIENT, SECURE CONNECTIVITY IN THE NEAR-PEER THREAT ENVIRONMENT

Approaches and Tools to Quantifying Facility Security Risk. Steve Fogarty, CSO

Cybersecurity for Security Personnel

Acquisition and Intelligence Community Collaboration

Planning and Executing an Integration Test Strategy for a Complex Aerospace System

Task Force Cyber Secure

Federal Data Center Consolidation Initiative (FDCCI) Workshop I: Initial Data Center Consolidation Plan

CENTRAL TEST AND EVALUATION INVESTMENT PROGRAM (CTEIP) PE D FY 1998 FY 1999 FY 2000 FY 2001 FY 2002 FY 2003 FY 2004 FY 2005

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

United States Energy Association Energy Technology and Governance Program REQUEST FOR PROPOSALS

Space and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP)

I n t e g r i t y - S e r v i c e - E x c e l l e n c e

TRIAEM LLC Corporate Capabilities Briefing

Medical Device Cybersecurity: FDA Perspective

Improving SCADA System Security

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

A ROADMAP TO STANDARDIZING THE IRIG 106 CHAPTER 10 COMPLIANT DATA FILTERING AND OVERWRITNG SOFTWARE PROCESS

Copyright 2016 EMC Corporation. All rights reserved.

Office of Acquisition Program Management (OAPM)

48 th Annual NDIA Conference Targets, UAVs & Range Operations Symposium & Exhibition. Boeing QF-16 Program

HQ 754 th Electronic Systems Group. Application Software Assurance Center of Excellence (ASACoE) Maj Michael Kleffman, CTO ASACoE

Transcription:

Cybersecurity Testing Tim Palmer Chief Technical Advisor, SAS Business Unit Torch Technologies, Inc. EXPERTISE // INNOVATION // CUSTOMER FOCUS // EXCELLENCE // INTEGRITY // COOPERATION // RELIABILITY

About Torch Torch Technologies, Inc. established in October 2002 Focused on Government Engineering Support and Solutions Headquartered in Huntsville, AL Small Business NAICS Code: 541712 (R&D) Five Corporate Office Locations, Eight Field Locations CMMI Level 3, ISO 9001 Certified Broad-Based Employee Ownership 100% ESOP Top Secret Facility Clearance Highest Caliber Engineering Services Offered at Best Value Modeling & Simulation Systems Engineering & Integration Advanced Technologies Test & Evaluation Programmatic Support Information Assurance and Information Technologies Torch Recognized Nationally and Locally

Torch Employee Locations Aberdeen, MD Albuquerque, NM 750

Torch at Eglin Torch was awarded the $27.7M Gulf Range Drone Control System (GRDCS) Support Task for Software and Torch was awarded the $186M Systems OASIS Technical Engineering and support for the GRDCS to the 96th Management Advisory Services Range (TMAS) Group Armament and Test Task Wing at Eglin AFB. GRDCS is Order. Torch s award provides for operational advisory at and Tyndall AFB and the Utah Test and assistance services (A&AS) to fully Training support Range. Aerospace Torch will provide software engineering Research, Development, Test and and Evaluation systems engineering (RDT&E) support at the Central Control activities at the Air Force Test Center Facility (AFTC). at Eglin The AFB TMAS using CMMI L3 processes. GRDCS is program primarily focuses on robust used to systems control remotely piloted drones for test engineering and technical assistance purposes, services. including the full-scale QF-16 and QF-4 target drones and the sub-scale BQM-167A target drone.

Cybersecurity Testing Topics of Interest

DoD Mandate for Cybersecurity Testing 2010 Quadrennial Defense Review Although it is a man-made domain, cyberspace is now as relevant a domain for DoD activities as the naturally occurring domains of land, sea, air, and space. 2010 DoD Strategy for Operating in Cyberspace ensure that it has the necessary capabilities to operate effectively in all domains air, land, maritime, space, and cyberspace. 2014 DoDI 8500.01 Cybersecurity, added and clarified requirements for cybersecurity resilience including performing developmental T&E of cybersecurity and OT&E, including the ability to detect and react to penetrations and exploitations and to protect and restore data and information 2015 DoD Cyber Strategy From 2013-2015, the Director of National Intelligence named the cyber threat as the number one strategic threat to the United States, placing it ahead of terrorism for the first time since the attacks of September 11, 2001 Monday, April 3, 2017

DoD Mandate for Cybersecurity Testing 2015 DoDI 5000.02 Operation of the Defense Acquisition System : Emphasized cybersecurity requirements to develop a strategy and budget resources for cybersecurity testing. The test program will include, as much as possible, activities to test and evaluate a system in a mission environment with a representative cyber-threat capability. The revision also added a requirement, beginning at Milestone A, to conduct periodic cybersecurity risk assessments to determine the appropriate Blue/Green/Red Team, and operational impact test events in alignment with the overall test strategy for evaluating the program for real world effects. 2015 DoDI 5200.39 Critical program infrastructure (CPI) will be identified early and reassessed throughout the RDT&E program so that CPI protections requirements and countermeasures may be identified and applied as the CPI is developed and modified throughout the lifecycle as needed, and that CPI protection measures will be integrated and synchronized, then documented within the Program Protection Plan (PPP). Monday, April 3, 2017

CyberSecurity Test Bed (CSTB) In FY14, the U.S. Army Program Executive Office Missiles & Space (PEO MS) defined the need for an improved capability to assess the cybersecurity posture of PEO weapon systems throughout the acquisition lifecycle, and especially as a cooperative Developmental Test & Evaluation (DT&E) tool for its program managers (PMs). The Aviation and Missile Research Development and Engineering Center (AMRDEC) was given the task of developing a CyberSecurity TestBed (CSTB) to meet this need. The CSTB reached an Initial Operating Capability (IOC) in FY15 and was validated in a Proof of Concept (PoC) with the Army Integrated Air and Missile Defense (AIAMD) Program Office (PO) in April 2016. The CSTB is a joint PEO MS and AMRDEC initiative

CSTB Overview CSTB supports distributed LVC components, and local and national assets

CSTB Architecture The CSTB includes all required elements for conducting CEMA testing

CSTB Common Use Cases Find Validate Evaluate Test Component or system vulnerabilities Known or suspected vulnerabilities Effectiveness of Blue defenses Vulnerability assessments prior to OT Fixes to known vulnerabilities Against current or evolving threats Software or hardware upgrades New concepts before HW available Interop with new systems, JIIM There are many program use cases for the CSTB

Key Enablers for Successful Cybersecurity Testing Early and (nearly) continuous testing Cooperative T&E Virtualization Modeling and simulation (M&S)

Early and (nearly) continuous testing Programs can t afford to wait for milestone-based cyber T&E Vulnerabilities may be found too late for optimal (read: cheap and effective) fixes Early testing enables architecture and design trade-space Ensures cybersecurity posture is understood after changes Hardware, software, interfaces, APIs, host OS version, etc. Promotes built-in cyber testability Some cyber testing can be automated Conducted overnight, results next day Similar to continuous software building

Cooperative T&E Program subject matter experts (SMEs) participate They know the most about the platform IT (PIT) components They know what is ready, and what is still under development Can place blue team members in red cell Along with red team members, or entirely blue Has the extra benefit of training blue-team to think like a red team Non-reportable T&E Programs want to know the state of their system before test events Maximizes the chance of a succeeding in official red-team tests

Virtualization Virtualization means to create a software simulation of a computer The virtual machine is ideal for cybersecurity testing Allows a damaged (or infected) virtual computer to be reloaded fresh Enables large scenarios through replication Common example is Operating System Virtualization Less Common example is Full System Simulator The virtual computer has all of the same parts as the physical computer Same CPU, memory, buses, peripheral chips, disk interfaces and drives, etc. Software targeted for the specific physical hardware runs unmodified (binary form) This is much more interesting from a cyber testing perspective Hardware vulnerabilities can be tested (assuming high fidelity part models) Example: Wind River Simics

Virtualization (cont d) Virtualization also works for other components Example: Scalable s EXata Real-time network emulator (radios, antennas, propagation, ) Used to model complex, heterogeneous networks Models terrain, weather, power, transmission delay, etc. Has cyber effects and impacts capability Active and passive attacks DDoS, SIGINT, viral, eavesdropping, wireless jamming, Can interface to physical networks Very good scalability (lots and lots of nodes)

Modeling and Simulation (M&S) Stimulation Used to simulate external entities (LINK-16, BFT, ) to stimulate POR components Simulator or Emulator A simulation of POR components (radar, missile, etc.) Emulation adds interfaces and allows tactical connection to POR components Cyber impact studies Cyber effect models are constructed from effects observed during cyber T&E The models are then added to external high-fidelity simulations Useful for answering the so what? question of how an exploit affects service delivery Black-listing for T&E M&S components do not normally include the cyber defense present in real-world component They are black-listed during T&E events

CSTB and Shift Left Early and (nearly) continuous testing Virtualization Modeling and simulation (M&S) Cooperative T&E The Deputy Assistant Secretary of Defense (DASD) Acquisition Technology and Logistics (ATL) recognized that our current process fails to adequately highlight cybersecurity testing as a critical test activity during DT&E, and established a Shift Left strategy that requires DT&E to occur earlier in the timeline; prior to the Milestone C decision. PMs can incorporate CSTB relative to acquisition milestones

Questions? Tim Palmer Torch Technologies, Inc. Office: (256) 319-6075 Mobile: (256) 679-0431 Tim.Palmer@TorchTechnologies.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback