Cyber Resiliency Office for Weapon Systems...

I n t e g r i t y - S e r v i c e - E x c e l l e n c e

Headquarters U.S. Air Force

DISTRIBUTION A. Approved for public release: distribution unlimited.

Cyber Resiliency Office for Weapon Systems (CROWS)

Mr. Danny Holtzman, HQE Cyber Technical Director

[email protected]

26 April 2017

1

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.

CROWS Organization Vision

Cyber resiliency ingrained in AF culture

Mission Increase cyber resiliency of Air

Force weapon systems to maintain mission effective capability under adverse conditions

Status IOC Declared: 21 Dec 2016 FOC Projected: 1 Oct 2017 Integrate & Execute Campaign

Plan (7 LOAs) Executing NDAA 1647

2 As Of: 16 March 2017

* Dedicated Staff AF Office with AFLCMC OTE

Cyber Resiliency Steering Group (CRSG)

SAF/AQR, SAF/CIO, LCMC, SMC, NWC, AFTC ,Intel, 24th AF

Cyber Technical Director*

HAFB

Program Manager* HAFB

Deputy Director

HAFB

Director HAFB

1647 Program Manager*

HAFB

LOA #1 Mission Thread

Analysis

LOA #2 Systems

Engineering

LOA #3 Cyber

Workforce Dev

LOA #4 Open System Architecture

LOA #5 Common Secure

Env.

LOA #6 Legacy Systems

Assess & Fix

LOA #7 Intel

Cyber Security

Center Liaisons

Chief Engineer* WPAFB

1647 Deputy PM* WPAFB

AFLCMC/EN Dual Hatted

Lines of Actions

SMC LAAFB

NWC KAFB

AFTC EAFB

AFOTEC KAFB

24th AF JBSA

AFRL WPAFB/Rome

Advisors: AFSC, AFRL


AF Cyber Campaign Plan: Weapon System Focus

7 Lines of Action (LOAs) LOA 1: Perform Cyber Mission Thread Analysis LOA 2: “Bake-In” Cyber Resiliency LOA 3: Recruit, Hire & Train Cyber Workforce LOA 4: Improve Weapon System Agility & Adaptability LOA 5: Develop Common Security Environment LOA 6: Assess & Protect Fielded Fleet LOA 7: Provide Cyber Intel Support

Cyber Squadron Initiatives

Test & Evaluation (infrastructure & capability growth)

Industrial Control Systems/SCADA cyber protection measures

People, Processes, & Products

Ensure mission success in a cyber contested environment

3


4




Questions?


Questions &

Discussion

5


Roadmap to Resiliency

• Develop assessment methodology framework

• Develop cyber acquisition workforce • Assess cyber

posture of fielded systems

• Enable weapon system adaptability • Institutionalized

methodology, tools, T&E infrastructure

• Skilled workforce • Integrated cyber

tools, policy, etc.

Present

Mission Assurance - Mission Thread Analysis

Institutionalize - “Baked” in resiliency

Future

Mx and Aircrew Trainers

System Assurance - Assess and Fix

Off Board Mission Support

6


Cyber resiliency impacts all AF missions New threats require new approaches

Summary

7

Cyber Resiliency is as important as the next

weapon system Present Future

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

Challenge to the community – Increasing the agility in decision making

• Example case: Supply Chain – Counterfeit Part • FAR/DFAR clauses on contract, flow down from Government to prime to sub • Process took maximum time at every point • 354 days after notification of event, action was taken

• Challenges: How do we work collaboratively to reduce these timelines?

354 Days

8



BLUF

SECAF, SAF/AQ, AFMC & AFSPC teamed to establish Cyber Resiliency Steering Group (CRSG) to develop AF Cyber Campaign Plan (CCP) Stood up dedicated office to manage execution → CROWS

AF CCP’s overall mission has two goals: #1 “Bake-In” cyber resiliency into new weapon systems #2 Mitigate “Critical” vulnerabilities in fielded weapon systems

Plus coordination with:

Cyber Squadron Initiatives Test and Evaluation (infrastructure & capability growth) Industrial Control Systems/SCADA cyber protection measures

9


Weapon System Cyber Resiliency Critical to Mission Assurance

We define the Cyber Resiliency of Military systems to be: The ability of weapon systems to maintain mission effective

capability under adversary offensive cyber operations

To manage the risk of adversary cyber intelligence exploitation

Weapon systems differ from general administrative and business IT systems in ways that matter for implementing Cyber Resiliency

Customized

Interfaces Standardized

Cyber Campaign Plan FOCUS

Software/Hardware Design Government control

Diverse

Architectures

COTS

Common

Weapon Systems IT Systems

10


Cyber Resiliency

Definition (What does it mean?)

Cyber Resiliency = The ability to provide required capability despite adversity, that impacts the Cyber aspects of the Systems

“Cyber Aspects” = Software, Firmware and data in electronic form and the associated hardware

Cyber Resilience, like system security, is an end goal: And just like security having protection mechanisms (aka controls)

that do not necessary combine to make one “adequately secure”, Hhaving a set of resilience techniques and a framework for their

application does not necessary combine to make one “resilient”.

11


CROWS Stand-up FY14 NDAA called for Services to develop a plan to increase cyber

resiliency of weapon systems

Jan 15: SECAF, AFMC & AFSPC teamed to establish Cyber Resiliency Steering Group (CRSG) to develop AF Cyber Campaign Plan (CCP)

CRSG identified 7 Lines of Action (LOAs) plus coordination with: Comm Squadron Next (now called Cyber Squadron Initiatives) Test and Evaluation (infrastructure & coordination) Industrial Control Systems/SCADA cyber protection measures

AF CCP’s overall mission has two goals:

#1 “Bake-In” cyber resiliency into new weapon systems #2 Mitigate “Critical” vulnerabilities in fielded weapon systems

Jun 16: AFMC/CC approved standup of dedicated team to manage Cyber

Campaign Plan CROWS

12


FY17 Focus

Foster collaborative efforts across AF, Industry, Academia, FFRDC/UARC Communities

CROWS reach FOC by 1 Oct 2017 Cyber Incident Coordination Cell Standup initial Cyber Acquisition Expert Cell Establish Cyber Resiliency for Weapon Systems Technical Reference Architecture

Complete detailed LOA execution plans for FY18 start

Execute FY16 NDAA 1647 cyber evaluations for Priority 1 systems

Conduct Nuclear Strike mission CMTA - supports 1647 assessments

Prioritize cyber mitigations solutions for maximum benefit

Implement weapon system Cyber Security Classification Guide

Incorporating Resilient-EGI Government Reference Architecture into the EGI program of record – Supports Alt-Nav PNT Capabilities

Field cyber training courses for acquisition personnel, in coordination with AFIT and AETC

13


On Going Alignment of Efforts AF Technical Reference Architecture

Framework for Cyber Resiliency in Weapon Systems Criteria, Observables, Behaviors, Measures Design, Operate, Sustain securely to improve Mission Assurance

Technical Coordination/Reviews – Alignment to Technical Flight Plan, Staffing/Comment adjudication, Technical recommendations

FFRDC/UARC AF Security Engineering Team (AFSET)

PEO / Programs PEO Directors of Engineering (DOE) Council

Service’s, OSD, Academia, NIST

Mitigation Handbook and rubric for efficient application

Industry Engagement via NDIA SE/SSE/T&E Committee’s 18-20 April NDIA Cyber Resiliency for Weapon Systems Summit (AF/OSD Collaboration)

14


Cyber Resiliency for Weapon Systems

Technical Reference Architecture (CRWS TRA) Challenge

How to integrate all the Cyber Security & Cyber Resiliency related energy toward a single, integrated, common view?

Path Forward Establish an AF Cyber Resiliency for Weapon Systems Technical Reference

Architecture (CRWS TRA) and set of integrated technical standards

AS IS? To BE?

15


AF Cyber Boundary Framework

AOC

DCGS

Link 16 UHF

FAC-A/ISR C2ISR

JTAC

OFP Loader

MDL

Mission Planning

Cyber investments need to be made in Weapons Systems & Infrastructure 16



Background – CRSG Action Item Technical Lanes in the Road

Challenge: How do we address the Integration, Overlaps, Governance, given the

maturity of efforts over the past 2 years?

Path Forward: Choose to Evolve the Technical Lanes with respect to the CCP Acquisition Line

of Effort, and its interfaces to the other LOE’s and communities of interest/Stakeholders.

17


Technical Flight Plan v1.0

Oct Nov Dec Jan Feb Mar Apr May Jun July Aug Sep Oct Nov Dec Jan Oct Nov Dec

FY17 FY18 FY19

CROWS IOC

Industry CRWS Summit

CROWS FOC

CRWS Technical

Reference Architecture

V1.0

As Of: 7 Feb 2017

Develop Integrated Technical Flight Plan Establish Cyber Resiliency for Weapon Systems Technical Reference Architecture

(CRWS TRA) Align all efforts, products to the CRWS TRA – along the Technical Flight Plan

Integrate across the AF CCP and stakeholder communities AO, AT, TSN, etc.

Engineering Cyber Resilience in Weapons Systems

Criteria, Observables, Behaviors – What does Cyber Resiliency look like? Requirements, Cost, Measures & Metrics – How to specify and measure Cyber Resiliency? Acquisition Language, Design Standards – How to execute and implement Cyber Resiliency?

Flight Plan v1.5

CRR Update

Flight Plan v2.0

18


Establishing Cyber Technical Governance

Planning for On Going Technical Coordination, Adjudication, Recommendations:

Establishing Governance mechanism (e.g. CRWS CCB) Holistic Cyber Security Engineering & Resiliency for Weapon Systems

Integration of AO’s, TSN, ATEA… Etc. Provides for a Single interface for Internal and External interfaces Technical Recommendation Memo’s (TRM) – Implementation mechanism

Establishing Cadence

Monthly Technical Tag up’s & as needed Summits

Providing a Flight Plan for Success CRWS TRA Technical Flight Plan Measurable progress & impact Alignment of products, mitigation applications and success stories Tactical and Strategic planning Identify What will be done; Measure How we are doing; Document impact

Design, Operate & Sustain AF Systems and Capabilities Securely and with Resiliency

19

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

Technical Advisory Group (CRWS-TAG) • Chair – Cyber Technical Director • CO Chair – AFCISO

Advisory Communities PEO DOE’s AFSET Industry / NDIA AO’s / ATEA / TSN Others

Objective: Holistic Integration of Cyber security and Resiliency efforts

Cadence: Scheduled Monthly Agenda

Technical Recommendation Memo: • Staff Summary Sheet • Documents

• Coordination • Views of others • Decision Risk Space • Alignment to Flight

Plan

Monthly TAG

TRM

Project/Product Review • LOA’s • NDAA 1647 • Others

Adjudication • AO, ATEA,

TSN • PEO/DOE • Others

Institutionalization • Policy • Standards • Best Practice

How Does it Work? • Capture views of others • Coordination across

stakeholder communities • Adjudication of items • Produce Technical

Recommendation Memo • Document findings with

recommended Courses of Action

Examples A. LOA Products

• Products • Process Recommendations • Etc.

B. Institutionalization • Policy • Standards • Best Practices

C.Adjudication Requests

TOPIC A, B, C ….

CR-TAG

TRM

CRWS-TAG

PEO – Program Executive Officers DOE – Directors of Engineering AFSET – Air Force Security Engineering Team (FFRDC/UARC collaboration)

AO – Authorizing Official ATEA – Anti Tamper Executive Agent TSN – Trusted Systems & Networks LOA – Lines of Action

20



See AF News Article (4 Jan 17)

“AF looks to ensure cyber resiliency in weapons systems through new office”

http://www.af.mil/News/ArticleDisplay/tabid/223/Article/1041426/af-looks-to-ensure-cyber-resiliency-in-weapons-systems-through-new-office.aspx

21






Public Release Notice

22

Subject: Cyber Resiliency Office for Weapon Systems (CROWS) (Briefing Charts) Case Reviewer: Deborah Powers Case Number: 66ABG-2017-0019 The material was assigned a clearance of CLEARED AS AMENDED on 07 Mar 2017. This email serves as the official notice of the disposition of this case. If you have additional questions, contact the Review Manager for your case, Deborah Powers, [email protected]. ADDITIONAL COMMENTS: Cleared as Amended


FY16 Accomplishments AFMC/AFSPC #1 FY18 Planning Choice

Drafted/coordinated numerous guides to help Air Force system program offices incorporate cyber into the standard systems engineering processes, including: Critical Program Information (CPI)/Critical Component (CC)

Identification Process Guide; Systems Security Engineering (SSE) Acquisition Language Guidebook; Acquisition milestone entry and exit technical review criteria

Developed/fielded two cyber courses: cyber test/evaluation course and a cyber hygiene for weapon system maintainers

Stood up Open Architecture Management Office in AFLCMC

Conducted numerous cyber assessments Developed enterprise solutions for Secure Memory Loader Verifiers

and Digital Signatures for critical OFP software

23


FY16 Accomplishments

Developed a draft Weapon System Cyber Security Classification Guide; now in SAF staffing

Developed prototype Cyber Mission Thread Analysis Framework to prioritize cyber vulnerabilities, risks, and mitigations in a mission context

Improved integration of intelligence support for weapon system cyber security with NASIC, 7 Intelligence Wings, Defense Cyber Crime Center, NSA, CIA, DIA

Developed AF process for weapon system cyber incident reporting, responding, and tracking

Leading FY16 NDAA 1647 activities for Air Force Requires cyber vulnerability evaluations & mitigation strategies for

50 AF major weapon systems

24


Key Considerations (1/4)

Design and build systems to operate securely Protecting important information about the system (e.g. Critical Program

Information) Ensuring Supply Chain is trusted (e.g. Critical Components) Protecting the Integrity of information (e.g. Information Assurance) Resiliency to operate in face of faults (e.g. Regardless of type)

Operate in a secure manner

Follow prescribed protection measures/procedures (e.g. NO Thumb drives!) Understanding of Risk Tolerance and Acceptance (e.g. Who is accepting what

Risk? When? Why?)

Sustain ability of system to be operated securely Understand dependencies on critical infrastructure (e.g. Power, HVAC, etc.) Maintain systems view (e.g. DMS, P3I, “Form, Fit, Function)

Resiliency, in any dimension, requires a full life cycle view

25



Mission Assurance ← System Assurance ← Systems Engineering Systems engineering spans a spectrum of related, interacting,

conflicting, complimentary, system properties Adaptability, agility, resilience, safety, security, survivability

These properties are achieved through application of a common set of

foundational systems, control systems, and specialty principles and concepts

The composition of a specific property is embodied in the viewpoint of the system Singularly: Safety viewpoint, security viewpoint, resilience viewpoint, etc. Composed: safe, secure, and resilient, etc.

26



Cyber resilience assumes presence and intent of an intelligent adversary Modified hardware, software, or firmware system element

Counterfeit component, malicious insertion Trusted individual misuse or abuse of system

Unauthorized use of system function/service Unauthorized use of data/information

Cyber resilience assumes the adversary presence may not be detectable

May be masked completely, or be interpreted as non-persistent or byzantine fault or failure

27



Cyber resilience has the objective to limit the extent of damage due to intelligent adversary actions Data/information loss and loss consequences Function/service loss and loss consequences

Cyber resilience focuses on specific cases of system correctness in

system ability to deliver specified function Correctness is system integrity Deliver specified function is availability and continuity

Objectives of cyber resilience overlap with other emergent property

objectives with focus on intelligent adversary presence Achieving only the specified

Behaviors Interactions Outcomes

28




Cyber Resiliency Office for Weapon Systems (CROWS) Technical Integration & Governance

Mr. Danny Holtzman, HQE Cyber Technical Director

[email protected]

29

Cyber Resiliency Office for Weapon Systems...

Documents

Transcript of Cyber Resiliency Office for Weapon Systems...