The Perfect Storm Cyber RDT&E

Similar documents
Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment

Test and Evaluation Methodology and Principles for Cybersecurity

Dr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation

T&E Workforce Development

Air Force Test Center

Cybersecurity Test and Evaluation at the National Cyber Range

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Shift Left: Putting the Process Into Action

Cyberspace T&E Drivers and Initiatives

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Naval Surface Warfare Center,

The Operational Test & Evaluation Cybersecurity Terrain

Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event

Cybersecurity T&E and the National Cyber Range Top 10 Lessons Learned

JOINT MISSION ENVIRONMENT TEST CAPABILITY (JMETC)

DoD Strategy for Cyber Resilient Weapon Systems

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Cyber, Command, Control, Communications, and Computers Assessments Division (C5AD)

Joint Mission Environment Test Capability (JMETC)

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018

Test & Evaluation/Science & Technology (T&E/S&T) Cyberspace Test Technology (CTT) Project Overview. 2nd Annual ITEA Cyber Security Workshop

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18

PCTE Program Management Update. Liz Bledsoe Acting Product Manager Cyber Resiliency and Training

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Program Protection Implementation Considerations

Space and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP)

align security instill confidence

Information Warfare Industry Day

Air Force Test Center

A Supply Chain Attack Framework to Support Department of Defense Supply Chain Security Risk Management

AMRDEC CYBER Capabilities

Achieving DoD Software Assurance (SwA)

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

UNCLASSIFIED UNCLASSIFIED

Cybersecurity Test and Evaluation Achievable and Defensible Architectures

Cybersecurity Metrics: A Red Team Perspective

Space Cyber: An Aerospace Perspective

Cybersecurity vs. Cyber Survivability: A Paradigm Shift

RiskSense Attack Surface Validation for IoT Systems

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Joint Federated Assurance Center (JFAC): 2018 Update. What Is the JFAC?

IoT & SCADA Cyber Security Services

Integrated C4isr and Cyber Solutions

Security by Default: Enabling Transformation Through Cyber Resilience

6/18/ ACC / TSA Security Capabilities Workshop THANK YOU TO OUR SPONSORS. Third Party Testing Program Overview.

Cyber T&E Standards Panel

Cybersecurity in Acquisition

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Next Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Cybersecurity Testing

Planning and Executing an Integration Test Strategy for a Complex Aerospace System

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Cybersecurity is one of the most important challenges for our military today. Cyberspace. Cybersecurity. Defending the New Battlefield

Industry role moving forward

UNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014

White Paper. View cyber and mission-critical data in one dashboard

DOE and Test Automation for System of Systems T&E

THE UNDER SECRETARY OF DEFENSE 3010 DEFENSE PENTAGON WASHINGTON, DC ACQUISITION, TECHNOLOGY AND LOGISTICS January 11, 2017

April 25, 2018 Version 2.0

DEFENSE LOGISTICS AGENCY

Cybersecurity T&E and the National Cyber Range

DHS Cybersecurity: Services for State and Local Officials. February 2017

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Introducing Cyber Resiliency Concerns Into Engineering Education

Automating the Top 20 CIS Critical Security Controls

Cyber Security Maturity Model

Advancing the Role of DT&E in the Systems Engineering Process:

DoD Joint Federated Assurance Center (JFAC) Update

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Overview of Infrastructure for Cyber, Interoperability, and Distributed Test

INFORMATION ASSURANCE DIRECTORATE

Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview

FPM-IT-420B: FAC-P/PM-IT Planning & Acquiring Operations of IT Systems Course Details

Machine-Based Penetration Testing

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Test and Evaluation. The Key to Successful Acquisition Outcomes. Steve Hutchison. 3 October Director Office of Test and Evaluation

The NIS Directive and Cybersecurity in

Transformation in Technology Barbara Duck Chief Information Officer. Investor Day 2018

Sachin Shetty Old Dominion University April 10, Cyber Risk Scoring and Mitigation(CRISM)

Rethinking Cybersecurity from the Inside Out

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

Eirene Sceptre Cyber Defense Services

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Securing Digital Transformation

DOWNLOAD OR READ : THREAT AND VULNERABILITY MANAGEMENT COMPLETE SELF ASSESSMENT GUIDE PDF EBOOK EPUB MOBI

Protecting the Nation s Critical Assets in the 21st Century

Cyber Resilience. Think18. Felicity March IBM Corporation

Shaping the Department of Defense Engineering Workforce

Machine-Based Penetration Testing

UNCLASSIFIED. UNCLASSIFIED R-1 Line Item #49 Page 1 of 10

Transcription:

The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare Lead

BLUF Weaponization of the Cyber domain has created a "perfect storm" of new requirements and challenges for the Research Development Test and Evaluation (RDT&E) community Programs and Platforms must now consider and test for: Offensive and defensive Cyber effects in realistic battlespace scenarios Operational resilience against Cyber threats Mission impact of Cyber effect in System of Systems (SoS) These new requirements necessitate innovative Modeling and Simulation (M&S) solutions and creation of RDT&E environments that include effects of both offensive and defensive Cyber Warfare 1

RDT&E Cyber STORM Proliferation of software systems into weapons systems creates new vulnerabilities Integrated SoS drives increased use of networking Dynamic and complex Battle-space environment Interoperability and integration Advanced Persistent threat Commercial Software Widely Exploited Obsolescence Common Weaknesses Zero Day Exploits cc Cybersecurity Patch Management Develop and test mitigations and patches before deployment Multiple Versions and configurations Legacy Systems Keep interoperable with newer fielded systems Sustainment Non-proprietary and open architecture Increased Cyber vulnerabilities and exposure based on open concept Attack Surface: A system s exposure to reachable and exploitable cyber vulnerabilities Source: SANS Attack Surface Problem: http://www.sans.edu/research/security-laboratory/article/did-attack-surface 2

System Design and Development Simulations (DoD, Ctr) Systems Integration Labs (DoD, Ctr) Installed Systems Test Facilities (DoD, Ctr) Open Air Ranges (DoD) Battlespace Integration Joint Complex Integrated - Collaborative Multiple Cyber Attack Surfaces Acquisition Process System Focused Each System Developed to Program Requirements without assurance of System Interoperability at Fleet Introduction Live Assets (DoD, coalition, other agency) Fleet Introduction Fleet Interoperable Systems of Systems Environment Requires New and Innovative Approaches throughout Development to ensure Systems are Interoperable Interoperability Must be Built In SYSTEMS OF SYSTEMS 3

Cybersecurity Testing Traditional Cybersecurity framework must be applied differently for weapon systems Categorize system and operational environment Select required Cybersecurity controls Implement Cybersecurity Assess Cybersecurity controls Perform Security scans to verify compliance with mitigations Authorize system Develop supporting documentation for accreditation Monitor Cybersecurity controls Security scans and patches to address vulnerabilities cc Weapon systems are NOT adequately addressed 4

Cyber Hardening Strategy Enable Testing of Cybersecurity defensive measures during concept, design, development and deployment Perform vulnerability assessments against defined standards early in development cycle Assess the Cyber defense capability of the System Under Test (SUT) in a realistic combat environment enabled by Live, Virtual, Constructive (LVC) Perform Cybersecurity assessment of Operational Test (OT) readiness in context of Protect, Detect, React and Restore (PDRR) Emulate the system or critical components that are susceptible to Cyber threat Not practical to expose fielded weapon systems to malicious code Develop capability to simulate Cyber threat against systems and platforms Develop instrumentation capable of distinguishing between performance issues and malicious code Collect data to assess operator, system, and malicious activity 5

Cybersecurity T&E Test early and often to prevent proliferation of vulnerable designs Cybersecurity T&E of real-time systems with unique bus interfaces Cybersecurity hardening and non-traditional testing methods Non-networked and intermittent connectivity Unique domain issues Holistic approach to Cybersecurity testing to requirements, influences areas to be tested based on potential attack surfaces and impacts to mission from a Cyber attack Concurrent Cyber System Engineering System lifecycle Cybersecurity T&E Developers must design in cybersecurity measures Perform risk reduction events Identify mission effectiveness measures MDD T&E Phases Materiel Solution Analysis Understand Cybersecurity Requirements MS A Req Decision Pre- EMD Characterize Cyber Attack Surface MS B Cooperative Vulnerability Identification IATT MS C ATO Technology DRAFT Engineering & Maturation & CDD Manufacturing Risk Reduction Development CPD DT&E ASR SRR SFR PDR CDR TRR Event SVR DT&E Assessment Adversarial Cybersecurity DT&E DT&E Assessment Full Rate Production Decision Review Production and Deployment OTRR IOT&E Vulnerability and Penetration Assessment O&S Adversarial Assessment 6

Cyber Initiatives Supporting RDT&E NAVAIR Cyber Warfare Detachment (CWD) Federated (Red) Penetration Team Partnerships Navy Information Operations Command (NIOC) Norfolk Threat Systems Management Office (TSMO) - Army Cyber Test Analysis and Simulation Environment (CyberTASE) National Cyber Range (NCR) Regional Service Delivery Points (RSDP) 7

NAVAIR Cyber Warfare Detachment NAVAIR Cyber Warfare Detachment established to address Cyber requirements and gaps Create a Cyber-aware workforce with right mix of Cyber and domain system expertise Create integrated Cyber policies, processes, best practices and standards Smart make/buy Cyber infrastructure decisions to support our weapons systems and business systems Deliver Cyber-resilient integrated warfighting capabilities Partner - leverage external Cyber expertise Cyber Infrastructure / R&D Investments 8

NAVAIR Cyber Warfare Detachment Efforts Conduct prioritized risk assessments of deployed weapon systems Cross-competency teams Identify access points Maintenance connections, removable media, intermittent connections, apertures, supply chain Influence Cyber Security System Engineering Cyber resiliency Mission Analysis Kill chain mission effects Field Response System Design Build adequate Systems-of-Systems (SoS) architecture / system documentation Cyber hygiene does not fully mitigate sophisticated attacks 9

CyberTASE Cyber Test Analysis and Simulation Environment Development of testing instrumentation to assess how defensive mechanisms perform against an ongoing cyber attack and the correlation of data gathered across Cyber stacks Live-Virtual-Constructive (LVC) environment capable of mimicking large scale operational scenarios with Cyber instrumentation Support evaluation of operational resilience against Cyber threats utilizing instrumentation, models, and simulations that perform data collection, monitoring, near real-time and post-test analysis, storage, and visualization of test data SUT Red Team - Portray Advanced Persistent Threat Operators Exercise SUT, Mission Threads - Protect, Detect, React, Restore 10

National Cyber Range (NCR) NCR provides secure facilities, innovative technologies, repeatable processes, and the skilled workforce necessary to rapidly create hifidelity, mission representative Cyberspace environments Computing Assets/Facility Encapsulation Architecture & Operational Procedures Integrated Cyber Event Tool Suite Cyber Test Team 11

RSDP Regional Service Delivery Points (RSDPs): Provide enterprise resources to generate virtualized representative cyber environments Provide increased capacity and scalability to create persistent, representative cyber-threat environments Provide common range services (i.e., traffic generation, simulation, instrumentation, visualization, and integrated event management) Flexible and adaptable to evolving users requirements Leverage the latest technology to deliver cost and performance efficiencies Key component of the JMETC MILS Network (JMN) Address Cyber T&E Capacity & Capability Gaps 12

M&S and LVC for Cyber Testing Linking system-of-systems and families-of-systems in distributed test environment to assess cyber resilience Deliver Cyber resilient integrated warfighting capabilities Determine mission critical components necessary to achieve objective Assessment of kill chain impact and Cyber effects on mission Performance of SUT subjected to Cyber effects to inform further detailed Cyber testing Adding Cyber components to the existing cc modeling and simulation that model and capture the Cyber effects and capture mission impact Ability to operate system and in presence of Cyber attack Design and Development Reconstruction and Regression Analysis Live Virtual Constructive System of Systems Evaluation Survivability and Resiliency Kill Chain Assessment 13

Installed Systems Cyber Testing Installed Systems Cyber testing supports identifying susceptibilities of attack surfaces within the system or system of systems Key Elements of Cyber M&S for Mission Level Testing Authoritative cyber data model to emulate in M&S realistic environment Assess Cyber effect propagation throughout the system or system of systems Perform analysis of Cyber effects and ability of systems and operators to detect and mitigate Repeatable methodology for evaluation of the Cyber test results Effect of Cyber attack on mission outcome 14

Cyber Needs and Gaps Ability to assess kill chain and mission impact Realistic models for constructive T&E Threat vectors and behaviors Engineering level models of SUT feeding higher level models Authoritative data sources for cyber threats Development of autonomous defensive measures to mitigate Cyber effects Warning indications that the system is under attack 15

Key Take Away Conduct M&S to assess Cyber effects Perform Cyber risk assessments Develop Cyber laboratories and tools for offensive and defensive techniques and measures Increase investments in Cyber workforce, processes, and infrastructure 16

Questions Think like a Hacker Insights - Ideas 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback