Cyber Resiliency Office for Weapon Systems (CROWS) Mr. Dennis - - PowerPoint PPT Presentation

I n t e g r i t y - S e r v i c e - E x c e l l e n c e

Headquarters U.S. Air Force

DISTRIBUTION A. Approved for public release: distribution unlimited. Case Number: 66ABG-2017-0050

Cyber Resiliency Office for Weapon Systems (CROWS)

• Mr. Dennis Miller, SES
• Mr. Danny Holtzman, HQE

Col Ed Masterson

1

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Topics

 Air Force Cyber Campaign Plan & CROWS overview  FY16 NDAA 1647 directed cyber vulnerability analysis  Cyber Resiliency Considerations

2

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Overview

 SECAF, SAF/AQ, AFMC & AFSPC teamed to establish Cyber

Resiliency Steering Group (CRSG) to develop AF Cyber Campaign Plan (CCP)

 Stood up dedicated office to manage execution →

CROWS

 AF CCP’s overall mission has two goals:

 #1 “Bake-In” cyber resiliency into new weapon systems  #2 Mitigate “Critical” vulnerabilities in fielded weapon systems

 Plus coordination with:

 Cyber Squadron Initiatives  Test and Evaluation (infrastructure & capability growth)  Industrial Control Systems/SCADA cyber protection measures

3

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Weapon System Cyber Resiliency Critical to Mission Assurance

• We define the Cyber Resiliency of Military systems to be:

 The ability of weapon systems to maintain mission effective

capability under adversary offensive cyber operations

 To manage the risk of adversary cyber intelligence exploitation

 Weapon systems differ from general administrative and business

IT systems in ways that matter for implementing Cyber Resiliency

Customized

Interfaces

Standardized Cyber Campaign Plan FOCUS

Software/Hardware Design

Government control Diverse

Architectures

COTS Common

Weapon Systems IT Systems

4

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

AF Cyber Boundary Framework

AOC DCGS Link 16

UHF

FAC-A/ISR C2ISR JTAC OFP Loader MDL Mission Planning

Cyber investments need to be made in Weapons Systems & Infrastructure

5

DISTRIBUTION A. Approved for public release: distribution unlimited.

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

AF Cyber Campaign Plan: Weapon System Focus

 7 Lines of Action (LOAs)

 LOA 1: Perform Cyber Mission Thread Analysis  LOA 2: “Bake-In” Cyber Resiliency  LOA 3: Recruit, Hire & Train Cyber Workforce  LOA 4: Improve Weapon System Agility & Adaptability  LOA 5: Develop Common Security Environment  LOA 6: Assess & Protect Fielded Fleet  LOA 7: Provide Cyber Intel Support

 Cyber Squadron Initiatives  Test & Evaluation (infrastructure & capability growth)  Industrial Control Systems/SCADA cyber protection measures

People, Processes, & Products

Ensure mission success in a cyber contested environment

6

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

CROWS Organization

 Vision

 Cyber resiliency ingrained in

AF culture

 Mission

 Increase cyber resiliency of Air

Force weapon systems to maintain mission effective capability under adverse conditions

 Status

 IOC Declared: 21 Dec 2016  FOC Projected: 1 Oct 2017  Integrate & Execute Campaign

Plan (7 LOAs)

 Executing NDAA 1647

7

As Of: 16 March 2017 * Dedicated Staff AF Office with AFLCMC OTE

Cyber Resiliency Steering Group (CRSG) SAF/AQR, SAF/CIO, LCMC, SMC, NWC, AFTC ,Intel, 24th AF

Cyber Technical Director* HAFB Program Manager* HAFB Deputy Director HAFB Director HAFB 1647 Program Manager* HAFB LOA #1

Mission Thread Analysis

LOA #2

Systems Engineering

LOA #3

Cyber Workforce Dev

LOA #4

Open System Architecture

LOA #5

Common Secure Env.

Legacy Systems Assess & Fix

LOA #7

Intel Cyber Security

Center Liaisons

Chief Engineer* WPAFB 1647 Deputy PM* WPAFB

AFLCMC/EN Dual Hatted

Lines of Actions

SMC LAAFB NWC KAFB AFTC EAFB AFOTEC KAFB 24th AF JBSA

AFRL WPAFB/Rome

Advisors: AFSC, AFRL

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

FY17 Focus

Foster collaborative efforts across AF, Industry, Academia, FFRDC/UARC Communities

 CROWS reach FOC by 1 Oct 2017



Cyber Incident Coordination Cell



Standup initial Cyber Acquisition Expert Cell



Establish Cyber Resiliency for Weapon Systems Technical Reference Architecture  Complete detailed LOA execution plans for FY18 start  Execute FY16 NDAA 1647 cyber evaluations for Priority 1 systems  Conduct Cyber Mission Thread Analysis to support 1647 assessments  Prioritize cyber mitigations solutions for maximum benefit  Implement weapon system Cyber Security Classification Guide  Incorporating Resilient-EGI Government Reference Architecture into the EGI

program of record – Supports Alt-Nav PNT Capabilities

 Field cyber training courses for acquisition personnel, in coordination with

AFIT and AETC

8

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Roadmap to Resiliency

• Develop assessment

methodology framework

• Develop cyber

acquisition workforce

• Assess cyber

posture of fielded systems

• Enable weapon

system adaptability

• Institutionalized

methodology, tools, T&E infrastructure

• Skilled workforce
• Integrated cyber

tools, policy, etc.

Present

Mission Assurance

• Mission Thread Analysis

Institutionalize

• “Baked” in resiliency

Future

Mx and Aircrew Trainers

System Assurance

• Assess and Fix

Off Board Mission Support

9

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Topics

 Air Force Cyber Campaign Plan & CROWS overview  FY16 NDAA 1647 directed cyber vulnerability analysis  Cyber Resiliency Considerations

10

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited. 11

NDAA 1647 Background

 FY16 NDAA Section 1647  Complete cyber vulnerabilities evaluation of major

weapon systems NLT 31 Dec 19

 Prioritize based on mission criticality  Build on existing efforts  Develop risk mitigation strategies  FY17 NDAA; amended Section 1647  Develop tools to improve detection & evaluation  Conduct non-recurring engineering for design of

mitigation solutions

 Establish Department-wide repository

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited. 12

NDAA 1647 OSD and AF Plan

 Dep SECDEF Memo signed 20 Dec 16  OUSD (AT&L) appointed lead  Joint Staff analysis determined 50 AF weapon systems  Aligned each system to Major Service or COCOM

exercise

 9 Step evaluation process  SAF/AQR Program Plan  Assigns CROWS as implementation org  Conduct Mission Thread Analysis  Maintain cyber vulnerability mitigation list  Operationalize cyber injects into COCOM or Service

level exercises

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited. 13

Air Force NDAA 1647 Strategy

 Use agreed upon methodology on 50 weapon systems  Sys Analysis  Intel Likeliness  Mission Impact  Gather prior assessments/tests up front  Leverage existing scheduled T&E activities  Front load schedule with Cyber System Risk Analysis (CSRA)  Build cross-org evaluation teams  Use common data storage consistent with security

classification guidelines

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited. 14

NDAA 1647 Partnerships

 AFRL – Assessment methodology and support developing

mitigation efforts

 AFTC – Leverage weapon system expertise  AFOTEC – Existing scheduled OTA efforts  24th AF – Cyber Protection Team support  Intel – Threat input to risk analysis  Red Teams – Performing CVPAs  AO Teams – Leverage existing ATO docs and augment

certification process

 PEOs, Program Offices, and users – Support of CSRAs

Discovering “Islands of Cybersecurity Expertise” and bridging islands

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Air Force NDAA 1647 Programs

 Evaluation Priority 1  AEHF MILSTAR, B-2, B-52H, E4-B, FAB-T, GPS-OCS, ICBM,

ISPAN, SBIRS/SBIRS-High, WGS

 Evaluation Priority 2  3DELRR, AFSCN, DCGS-AF, DMSP, Space Fence, U-2/SYERS-

2C

 Evaluation Priority 3  A-10, AC-130J, AOC-WS, B-1, C-130J, C-17, C-5, CRH,

DCAPES, E-3, E-8C, EC-130H, F-15, F-16, F-22, F-35, GBS, HC- 130J, JMPS, JMS, KC-10, KC-135, KC-46A, MC-12, MC-130J, RC-135, RQ-4, TBMCS-FL, UH-1N

 Evaluation Priority 4  CV-22, HH-60, MQ-9

15

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Topics

 Air Force Cyber Campaign Plan & CROWS overview  FY16 NDAA 1647 directed cyber vulnerability analysis  Cyber Resiliency Considerations

16

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

CR Government Reference Architecture Communications & Collaborations

Criteria Observables Behaviors Cyber Resiliency Government Reference Architecture

• CR Technical Reference Architecture (CR-TRA)
• CR Technical Advisory Group (CR-TAG)
• CR Technical Flight Plan (CR-TFP)
• Information Sharing
• Classification
• Configuration Management
• Mechanism/Process
• Expectation Management
• Cyber Flash
• Within Organization
• External to Organization
• FFRDC/UARC – AFSET
• Industry – NDIA SE/SSE/TE Committee
• CR Round Table
• Quarterly Industry Sponsored / Hosted
• Adoption of Anti Tamper Model (as applicable)
• YOUR IDEAS HERE !!

Design Operate Maintain Hardware Software Carbon Based Units

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Key Cyber Resiliency Considerations (1/4)

 Design and build systems to operate securely

 Protecting important information about the system (e.g. Critical Program

Information)

 Ensuring Supply Chain is trusted (e.g. Critical Components)  Protecting the Integrity of information (e.g. Information Assurance)  Resiliency to operate in face of faults (e.g. Regardless of type)

 Operate in a secure manner

 Follow prescribed protection measures/procedures (e.g. NO Thumb drives!)  Understanding of Risk Tolerance and Acceptance (e.g. Who is accepting what

Risk? When? Why?)

 Sustain ability of system to be operated securely

 Understand dependencies on critical infrastructure (e.g. Power, HVAC, etc.)  Maintain systems view (e.g. DMS, P3I, “Form, Fit, Function)

Resiliency, in any dimension, requires a full life cycle view

18

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Key Cyber Resiliency Considerations (2/4)

 Mission Assurance ← System Assurance ← Systems Engineering  Systems engineering spans a spectrum of related, interacting,

conflicting, complimentary, system properties

 Adaptability, agility, resilience, safety, security, survivability

 These properties are achieved through application of a common set of

foundational systems, control systems, and specialty principles and concepts

 The composition of a specific property is embodied in the viewpoint of

the system

 Singularly: Safety viewpoint, security viewpoint, resilience viewpoint, etc.  Composed: safe, secure, and resilient, etc.

19

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Key Cyber Resiliency Considerations (3/4)

 Cyber resilience assumes presence and intent of an intelligent adversary

 Modified hardware, software, or firmware system element  Counterfeit component, malicious insertion  Trusted individual misuse or abuse of system  Unauthorized use of system function/service  Unauthorized use of data/information

 Cyber resilience assumes the adversary presence may not be detectable

 May be masked completely, or be interpreted as non-persistent or byzantine

fault or failure

20

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Key Cyber Resiliency Considerations (4/4)

 Cyber resilience has the objective to limit the extent of damage due to

intelligent adversary actions

 Data/information loss and loss consequences  Function/service loss and loss consequences

 Cyber resilience focuses on specific cases of system correctness in

system ability to deliver specified function

 Correctness is system integrity  Deliver specified function is availability and continuity

 Objectives of cyber resilience overlap with other emergent property

• bjectives with focus on intelligent adversary presence

 Need to expand thinking to system resiliency and all the elements that going

into it

21

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

• Cyber resiliency impacts all AF missions
• New threats require new approaches

Summary

22

Cyber Resiliency is as important as the next weapon system

Present Future

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

See AF News Article (4 Jan 17)

 “AF looks to ensure cyber resiliency in

weapons systems through new office”

http://www.af.mil/News/ArticleDisplay/tabid/223/Article/1041426/af- looks-to-ensure-cyber-resiliency-in-weapons-systems-through-new-

• ffice.aspx

23

I n t e g r i t y - S e r v i c e - E x c e l l e n c e

Headquarters U.S. Air Force

DISTRIBUTION A. Approved for public release: distribution unlimited. Case Number: 66ABG-2017-0050

Questions?

I n t e g r i t y - S e r v i c e - E x c e l l e n c e

Questions & Discussion

24

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Public Release Notice

25

Case Reviewer: Deborah Powers Case Number: 66ABG-2017-0050 The material was assigned a clearance of CLEARED AS AMENDED on 15 May 2017. This email serves as the official notice of the disposition of this case. If you have additional questions, contact the Review Manager for your case, Deborah Powers, deborah.powers@us.af.mil. ADDITIONAL COMMENTS: Cleared as Amended.

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

CROWS Stand-up

 FY14 NDAA called for Services to develop a plan to increase cyber

resiliency of weapon systems

 Jan 15: SECAF, AFMC & AFSPC teamed to establish Cyber Resiliency

Steering Group (CRSG) to develop AF Cyber Campaign Plan (CCP)

 CRSG identified 7 Lines of Action (LOAs) plus coordination with:



Cyber Squadron Initiatives



Test and Evaluation (infrastructure & capability growth)



Industrial Control Systems/SCADA cyber protection measures  AF CCP’s overall mission has two goals:



#1 “Bake-In” cyber resiliency into new weapon systems



#2 Mitigate “Critical” vulnerabilities in fielded weapon systems  Jun 16: AFMC/CC approved standup of dedicated team to manage Cyber

Campaign Plan  CROWS

26

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Communication & Collaborations

On Going Alignment of Efforts

 Develop AF Technical Reference Architecture



Framework for Cyber Resiliency in Weapon Systems



Criteria, Observables, Behaviors, Measures



Design, Operate, Sustain securely to improve Mission Assurance

 Conduct Technical Coordination/Reviews –



Alignment to Technical Flight Plan, Staffing/Comment adjudication, Technical recommendations

 Coordinate activities across multiple FFRDCs & UARCs  Coordination across PEOs and their Directors of Engineering  Work with Service’s, OSD, Academia, NIST



Mitigation Handbook and rubric for efficient application

 Coordinate with Defense Industry



Primarily via National Defense Industry Association (NDIA) SE/SSE/T&E Committee’s



Participate in Industry forums

27

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited. 28

CROWS Responsibilities for NDAA 1647

 Manage funding, schedule and resources  Quarterly reporting to SAF/AQR  Engage and coordinate with Program Offices  Coordinate/monitor T&E assessments  Align efforts to JROCM priority  Ensure consistent evaluation methodologies  Integrate system security engineering support across activities  Develop mitigation strategies and prioritize work to start closing

gaps

B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7

DISTRIBUTION A. Approved for public release: distribution unlimited.

Technical Flight Plan v1.0

Oct Nov Dec Jan Feb Mar Apr May Jun July Aug Sep Oct Nov Dec Jan Oct Nov Dec

FY17 FY18 FY19 CROWS IOC NDIA Industry CRWS Summit CROWS FOC CRWS Technical Reference Architecture V1.0 As Of: 7 Feb 2017



Develop Integrated Technical Flight Plan



Establish Cyber Resiliency for Weapon Systems Technical Reference Architecture (CRWS TRA)



Align all efforts, products to the CRWS TRA – along the Technical Flight Plan



Integrate across the AF CCP and stakeholder communities



Engineering Cyber Resilience in Weapons Systems



Criteria, Observables, Behaviors – What does Cyber Resiliency look like?



Requirements, Cost, Measures & Metrics – How to specify and measure Cyber Resiliency?



Acquisition Language, Design Standards – How to execute and implement Cyber Resiliency?

Flight Plan v1.5 CRR Update Flight Plan v2.0 29 Ohio Industry Dialog