I n t e g r i t y - S e r v i c e - E x c e l l e n c e
Headquarters U.S. Air Force
DISTRIBUTION A. Approved for public release: distribution unlimited.
Cyber Resiliency Office for Weapon Systems (CROWS)
Mr. Danny Holtzman, HQE Cyber Technical Director
26 April 2017
1
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
CROWS Organization Vision
Cyber resiliency ingrained in AF culture
Mission Increase cyber resiliency of Air
Force weapon systems to maintain mission effective capability under adverse conditions
Status IOC Declared: 21 Dec 2016 FOC Projected: 1 Oct 2017 Integrate & Execute Campaign
Plan (7 LOAs) Executing NDAA 1647
2 As Of: 16 March 2017
* Dedicated Staff AF Office with AFLCMC OTE
Cyber Resiliency Steering Group (CRSG)
SAF/AQR, SAF/CIO, LCMC, SMC, NWC, AFTC ,Intel, 24th AF
Cyber Technical Director*
HAFB
Program Manager* HAFB
Deputy Director
HAFB
Director HAFB
1647 Program Manager*
HAFB
LOA #1 Mission Thread
Analysis
LOA #2 Systems
Engineering
LOA #3 Cyber
Workforce Dev
LOA #4 Open System Architecture
LOA #5 Common Secure
Env.
LOA #6 Legacy Systems
Assess & Fix
LOA #7 Intel
Cyber Security
Center Liaisons
Chief Engineer* WPAFB
1647 Deputy PM* WPAFB
AFLCMC/EN Dual Hatted
Lines of Actions
SMC LAAFB
NWC KAFB
AFTC EAFB
AFOTEC KAFB
24th AF JBSA
AFRL WPAFB/Rome
Advisors: AFSC, AFRL
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
AF Cyber Campaign Plan: Weapon System Focus
7 Lines of Action (LOAs) LOA 1: Perform Cyber Mission Thread Analysis LOA 2: “Bake-In” Cyber Resiliency LOA 3: Recruit, Hire & Train Cyber Workforce LOA 4: Improve Weapon System Agility & Adaptability LOA 5: Develop Common Security Environment LOA 6: Assess & Protect Fielded Fleet LOA 7: Provide Cyber Intel Support
Cyber Squadron Initiatives
Test & Evaluation (infrastructure & capability growth)
Industrial Control Systems/SCADA cyber protection measures
People, Processes, & Products
Ensure mission success in a cyber contested environment
3
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
4
I n t e g r i t y - S e r v i c e - E x c e l l e n c e
Headquarters U.S. Air Force
DISTRIBUTION A. Approved for public release: distribution unlimited.
Questions?
I n t e g r i t y - S e r v i c e - E x c e l l e n c e
Questions &
Discussion
5
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Roadmap to Resiliency
• Develop assessment methodology framework
• Develop cyber acquisition workforce • Assess cyber
posture of fielded systems
• Enable weapon system adaptability • Institutionalized
methodology, tools, T&E infrastructure
• Skilled workforce • Integrated cyber
tools, policy, etc.
Present
Mission Assurance - Mission Thread Analysis
Institutionalize - “Baked” in resiliency
Future
Mx and Aircrew Trainers
System Assurance - Assess and Fix
Off Board Mission Support
6
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Cyber resiliency impacts all AF missions New threats require new approaches
Summary
7
Cyber Resiliency is as important as the next
weapon system Present Future
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7
Challenge to the community – Increasing the agility in decision making
• Example case: Supply Chain – Counterfeit Part • FAR/DFAR clauses on contract, flow down from Government to prime to sub • Process took maximum time at every point • 354 days after notification of event, action was taken
• Challenges: How do we work collaboratively to reduce these timelines?
354 Days
8
DISTRIBUTION A. Approved for public release: distribution unlimited.
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
BLUF
SECAF, SAF/AQ, AFMC & AFSPC teamed to establish Cyber Resiliency Steering Group (CRSG) to develop AF Cyber Campaign Plan (CCP) Stood up dedicated office to manage execution → CROWS
AF CCP’s overall mission has two goals: #1 “Bake-In” cyber resiliency into new weapon systems #2 Mitigate “Critical” vulnerabilities in fielded weapon systems
Plus coordination with:
Cyber Squadron Initiatives Test and Evaluation (infrastructure & capability growth) Industrial Control Systems/SCADA cyber protection measures
9
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Weapon System Cyber Resiliency Critical to Mission Assurance
We define the Cyber Resiliency of Military systems to be: The ability of weapon systems to maintain mission effective
capability under adversary offensive cyber operations
To manage the risk of adversary cyber intelligence exploitation
Weapon systems differ from general administrative and business IT systems in ways that matter for implementing Cyber Resiliency
Customized
Interfaces Standardized
Cyber Campaign Plan FOCUS
Software/Hardware Design Government control
Diverse
Architectures
COTS
Common
Weapon Systems IT Systems
10
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Cyber Resiliency
Definition (What does it mean?)
Cyber Resiliency = The ability to provide required capability despite adversity, that impacts the Cyber aspects of the Systems
“Cyber Aspects” = Software, Firmware and data in electronic form and the associated hardware
Cyber Resilience, like system security, is an end goal: And just like security having protection mechanisms (aka controls)
that do not necessary combine to make one “adequately secure”, Hhaving a set of resilience techniques and a framework for their
application does not necessary combine to make one “resilient”.
11
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
CROWS Stand-up FY14 NDAA called for Services to develop a plan to increase cyber
resiliency of weapon systems
Jan 15: SECAF, AFMC & AFSPC teamed to establish Cyber Resiliency Steering Group (CRSG) to develop AF Cyber Campaign Plan (CCP)
CRSG identified 7 Lines of Action (LOAs) plus coordination with: Comm Squadron Next (now called Cyber Squadron Initiatives) Test and Evaluation (infrastructure & coordination) Industrial Control Systems/SCADA cyber protection measures
AF CCP’s overall mission has two goals:
#1 “Bake-In” cyber resiliency into new weapon systems #2 Mitigate “Critical” vulnerabilities in fielded weapon systems
Jun 16: AFMC/CC approved standup of dedicated team to manage Cyber
Campaign Plan CROWS
12
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
FY17 Focus
Foster collaborative efforts across AF, Industry, Academia, FFRDC/UARC Communities
CROWS reach FOC by 1 Oct 2017 Cyber Incident Coordination Cell Standup initial Cyber Acquisition Expert Cell Establish Cyber Resiliency for Weapon Systems Technical Reference Architecture
Complete detailed LOA execution plans for FY18 start
Execute FY16 NDAA 1647 cyber evaluations for Priority 1 systems
Conduct Nuclear Strike mission CMTA - supports 1647 assessments
Prioritize cyber mitigations solutions for maximum benefit
Implement weapon system Cyber Security Classification Guide
Incorporating Resilient-EGI Government Reference Architecture into the EGI program of record – Supports Alt-Nav PNT Capabilities
Field cyber training courses for acquisition personnel, in coordination with AFIT and AETC
13
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
On Going Alignment of Efforts AF Technical Reference Architecture
Framework for Cyber Resiliency in Weapon Systems Criteria, Observables, Behaviors, Measures Design, Operate, Sustain securely to improve Mission Assurance
Technical Coordination/Reviews – Alignment to Technical Flight Plan, Staffing/Comment adjudication, Technical recommendations
FFRDC/UARC AF Security Engineering Team (AFSET)
PEO / Programs PEO Directors of Engineering (DOE) Council
Service’s, OSD, Academia, NIST
Mitigation Handbook and rubric for efficient application
Industry Engagement via NDIA SE/SSE/T&E Committee’s 18-20 April NDIA Cyber Resiliency for Weapon Systems Summit (AF/OSD Collaboration)
14
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Cyber Resiliency for Weapon Systems
Technical Reference Architecture (CRWS TRA) Challenge
How to integrate all the Cyber Security & Cyber Resiliency related energy toward a single, integrated, common view?
Path Forward Establish an AF Cyber Resiliency for Weapon Systems Technical Reference
Architecture (CRWS TRA) and set of integrated technical standards
AS IS? To BE?
15
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
AF Cyber Boundary Framework
AOC
DCGS
Link 16 UHF
FAC-A/ISR C2ISR
JTAC
OFP Loader
MDL
Mission Planning
Cyber investments need to be made in Weapons Systems & Infrastructure 16
DISTRIBUTION A. Approved for public release: distribution unlimited.
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Background – CRSG Action Item Technical Lanes in the Road
Challenge: How do we address the Integration, Overlaps, Governance, given the
maturity of efforts over the past 2 years?
Path Forward: Choose to Evolve the Technical Lanes with respect to the CCP Acquisition Line
of Effort, and its interfaces to the other LOE’s and communities of interest/Stakeholders.
17
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Technical Flight Plan v1.0
Oct Nov Dec Jan Feb Mar Apr May Jun July Aug Sep Oct Nov Dec Jan Oct Nov Dec
FY17 FY18 FY19
CROWS IOC
Industry CRWS Summit
CROWS FOC
CRWS Technical
Reference Architecture
V1.0
As Of: 7 Feb 2017
Develop Integrated Technical Flight Plan Establish Cyber Resiliency for Weapon Systems Technical Reference Architecture
(CRWS TRA) Align all efforts, products to the CRWS TRA – along the Technical Flight Plan
Integrate across the AF CCP and stakeholder communities AO, AT, TSN, etc.
Engineering Cyber Resilience in Weapons Systems
Criteria, Observables, Behaviors – What does Cyber Resiliency look like? Requirements, Cost, Measures & Metrics – How to specify and measure Cyber Resiliency? Acquisition Language, Design Standards – How to execute and implement Cyber Resiliency?
Flight Plan v1.5
CRR Update
Flight Plan v2.0
18
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Establishing Cyber Technical Governance
Planning for On Going Technical Coordination, Adjudication, Recommendations:
Establishing Governance mechanism (e.g. CRWS CCB) Holistic Cyber Security Engineering & Resiliency for Weapon Systems
Integration of AO’s, TSN, ATEA… Etc. Provides for a Single interface for Internal and External interfaces Technical Recommendation Memo’s (TRM) – Implementation mechanism
Establishing Cadence
Monthly Technical Tag up’s & as needed Summits
Providing a Flight Plan for Success CRWS TRA Technical Flight Plan Measurable progress & impact Alignment of products, mitigation applications and success stories Tactical and Strategic planning Identify What will be done; Measure How we are doing; Document impact
Design, Operate & Sustain AF Systems and Capabilities Securely and with Resiliency
19
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7
Technical Advisory Group (CRWS-TAG) • Chair – Cyber Technical Director • CO Chair – AFCISO
Advisory Communities PEO DOE’s AFSET Industry / NDIA AO’s / ATEA / TSN Others
Objective: Holistic Integration of Cyber security and Resiliency efforts
Cadence: Scheduled Monthly Agenda
Technical Recommendation Memo: • Staff Summary Sheet • Documents
• Coordination • Views of others • Decision Risk Space • Alignment to Flight
Plan
Monthly TAG
TRM
Project/Product Review • LOA’s • NDAA 1647 • Others
Adjudication • AO, ATEA,
TSN • PEO/DOE • Others
Institutionalization • Policy • Standards • Best Practice
How Does it Work? • Capture views of others • Coordination across
stakeholder communities • Adjudication of items • Produce Technical
Recommendation Memo • Document findings with
recommended Courses of Action
Examples A. LOA Products
• Products • Process Recommendations • Etc.
B. Institutionalization • Policy • Standards • Best Practices
C.Adjudication Requests
TOPIC A, B, C ….
CR-TAG
TRM
CRWS-TAG
PEO – Program Executive Officers DOE – Directors of Engineering AFSET – Air Force Security Engineering Team (FFRDC/UARC collaboration)
AO – Authorizing Official ATEA – Anti Tamper Executive Agent TSN – Trusted Systems & Networks LOA – Lines of Action
20
DISTRIBUTION A. Approved for public release: distribution unlimited.
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
See AF News Article (4 Jan 17)
“AF looks to ensure cyber resiliency in weapons systems through new office”
http://www.af.mil/News/ArticleDisplay/tabid/223/Article/1041426/af-looks-to-ensure-cyber-resiliency-in-weapons-systems-through-new-office.aspx
21
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Public Release Notice
22
Subject: Cyber Resiliency Office for Weapon Systems (CROWS) (Briefing Charts) Case Reviewer: Deborah Powers Case Number: 66ABG-2017-0019 The material was assigned a clearance of CLEARED AS AMENDED on 07 Mar 2017. This email serves as the official notice of the disposition of this case. If you have additional questions, contact the Review Manager for your case, Deborah Powers, [email protected]. ADDITIONAL COMMENTS: Cleared as Amended
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
FY16 Accomplishments AFMC/AFSPC #1 FY18 Planning Choice
Drafted/coordinated numerous guides to help Air Force system program offices incorporate cyber into the standard systems engineering processes, including: Critical Program Information (CPI)/Critical Component (CC)
Identification Process Guide; Systems Security Engineering (SSE) Acquisition Language Guidebook; Acquisition milestone entry and exit technical review criteria
Developed/fielded two cyber courses: cyber test/evaluation course and a cyber hygiene for weapon system maintainers
Stood up Open Architecture Management Office in AFLCMC
Conducted numerous cyber assessments Developed enterprise solutions for Secure Memory Loader Verifiers
and Digital Signatures for critical OFP software
23
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
FY16 Accomplishments
Developed a draft Weapon System Cyber Security Classification Guide; now in SAF staffing
Developed prototype Cyber Mission Thread Analysis Framework to prioritize cyber vulnerabilities, risks, and mitigations in a mission context
Improved integration of intelligence support for weapon system cyber security with NASIC, 7 Intelligence Wings, Defense Cyber Crime Center, NSA, CIA, DIA
Developed AF process for weapon system cyber incident reporting, responding, and tracking
Leading FY16 NDAA 1647 activities for Air Force Requires cyber vulnerability evaluations & mitigation strategies for
50 AF major weapon systems
24
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Key Considerations (1/4)
Design and build systems to operate securely Protecting important information about the system (e.g. Critical Program
Information) Ensuring Supply Chain is trusted (e.g. Critical Components) Protecting the Integrity of information (e.g. Information Assurance) Resiliency to operate in face of faults (e.g. Regardless of type)
Operate in a secure manner
Follow prescribed protection measures/procedures (e.g. NO Thumb drives!) Understanding of Risk Tolerance and Acceptance (e.g. Who is accepting what
Risk? When? Why?)
Sustain ability of system to be operated securely Understand dependencies on critical infrastructure (e.g. Power, HVAC, etc.) Maintain systems view (e.g. DMS, P3I, “Form, Fit, Function)
Resiliency, in any dimension, requires a full life cycle view
25
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Key Considerations (2/4)
Mission Assurance ← System Assurance ← Systems Engineering Systems engineering spans a spectrum of related, interacting,
conflicting, complimentary, system properties Adaptability, agility, resilience, safety, security, survivability
These properties are achieved through application of a common set of
foundational systems, control systems, and specialty principles and concepts
The composition of a specific property is embodied in the viewpoint of the system Singularly: Safety viewpoint, security viewpoint, resilience viewpoint, etc. Composed: safe, secure, and resilient, etc.
26
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Key Considerations (3/4)
Cyber resilience assumes presence and intent of an intelligent adversary Modified hardware, software, or firmware system element
Counterfeit component, malicious insertion Trusted individual misuse or abuse of system
Unauthorized use of system function/service Unauthorized use of data/information
Cyber resilience assumes the adversary presence may not be detectable
May be masked completely, or be interpreted as non-persistent or byzantine fault or failure
27
B r e a k i n g B a r r i e r s … S i n c e 1 9 4 7 DISTRIBUTION A. Approved for public release: distribution unlimited.
Key Considerations (4/4)
Cyber resilience has the objective to limit the extent of damage due to intelligent adversary actions Data/information loss and loss consequences Function/service loss and loss consequences
Cyber resilience focuses on specific cases of system correctness in
system ability to deliver specified function Correctness is system integrity Deliver specified function is availability and continuity
Objectives of cyber resilience overlap with other emergent property
objectives with focus on intelligent adversary presence Achieving only the specified
Behaviors Interactions Outcomes
28
I n t e g r i t y - S e r v i c e - E x c e l l e n c e
Headquarters U.S. Air Force
DISTRIBUTION A. Approved for public release: distribution unlimited.
Cyber Resiliency Office for Weapon Systems (CROWS) Technical Integration & Governance
Mr. Danny Holtzman, HQE Cyber Technical Director
29
Top Related