AMRDEC CYBER Capabilities - HAMA Webhamaweb.org/presentations/2016/july2016julielocker.pdf · 08 July 16 AMRDEC CYBER Capabilities Presented by: Julie Locker AMRDEC Cyber Lead U.S

08 July 16

AMRDEC CYBER

Capabilities

Presented by:

Julie Locker

AMRDEC Cyber Lead

U.S. Army Aviation and Missile Research,

Development, and Engineering Center

Presented to: HAMA

Distribution Statement A: Approved for public release: distribution

unlimited

2 AMRDEC-CyberCapabilities_Locker_FEB2016.pptx

AMRDEC Cyber Engineering Center

(CEC)

Assistant Secretary of the Army (Acquisition, Logistics

and Technology)

ASA(ALT)

Academia

Industry

Joint ServicesDefense Advanced Research Projects Agency

DARPA

Other DECs

Other Gov’t Agencies

USD(P&R), USD(I); USD(ATL);

DOT&E; USCENTCOM;

USSTRATCOM;

USTRANSCOM

30 Gov’t Experts 150+ Contractor Experts

LEVERAGING OF ASSETS ENSURES NON-DUPLICATION OF EFFORTS

Redstone Arsenal Community

Supporting Cyber Across the

Acquisition Life Cycle

PEO MS PEO AVN RTC

PEO STRI

TSMO SMDC

MDA

MSIC AMC

AMCOM NASA


AMRDEC Cyber Functional Support

Areas

• System Owner Support (SOS)

• Software Assurance (SwA)

• Supply Chain Risk Mgmt

• Risk Mgmt Framework

• Protective Technologies

• Cyber S&T

• Green Teams

• Vulnerability Assessment Eng.

• Institutional Training

• Interns

• DAU

• National Guard Training

• 842 NGB/AR military trained since CY12; 454 in CY15

• SOS: Since 2006, have helped 155 systems achieve their accreditation; personnel embedded in PEO/PM site

• SwA: Since 2009, have scanned more than 350 million Lines of source code in support of more than 700 analysis projects; 31 million scanned in FY15

• Has an SCA-V Assessor (only 11 total for Army)

• 100 SCA-V Assessments per year

• Red Team Coop for TSMO

• CND: Extension of ARL Network Defense

• Blue Team Certification Process/PEO STRI-ARL

INSTITUTIONAL

TRAINING / EDUCATIONENGINEERING

• ACA/SCA-V (Security Control Assessor/Validator)

• Virtualization/Impact-Effects– Cyber Security Testbed

• Blue Teams

• Red Teams

• Computer Network Defense

TEST AND EVALUATION


Holistic Approach

Services Applied Across Life Cycle

FRP Decision ReviewA B C

Cyber Design Team/Cyber Integrator

Software Assurance

System Owner Support

Vulnerability Assessment and Engineering

RMF

Cyber Institutional Training, Intern Development

Cyber R & D/Aviation and Missile System Focused

SCA-V

Event Driven Blue Team

Green Team

Red Team

Build 0.1

Build 1.1

Build 1.2

Build 1.3

Build 1.4

Build 1.5

RISK REDUCTION

INTEGRATION

Build 2.1*

LIMITED DEPLOYMENT

OT&E SUSTAINMENT DISPOSAL

Material Solution Analysis

Operations & Support

Technology Maturation &

Risk Reduction

Engineering & Manufacturing Development

Production & Deployment

Cyber Burned into DNA

CYBER

INTEGRATED

ACROSS

DOMAINS

Engineering

Test and Evaluation

Education and Training


Software Assurance Mission

Mission

Mission Objective:

To ensure software conforms to

the requirements established by

system owners and accrediting authorities to achieve

trustworthiness and predictable

execution.

• “Flaws” - Errors in the design or implementation of

software.

• “Vulnerabilities” - Exploitable software flaws.

• “Malicious Features” - Software designed with

malicious intent.


RMF Lifecycle


Vulnerability Assessment

• “Shift Left”

– Iterative process where assessments are conducted at the beginning of the

lifecycle and repeated throughout all phases

– Begins with system architecture review

– Baselines assessed and scanned for each update

– Easier and cheaper to correct deficiencies


Criticality

Assessment

Supply Chain

Threat and

Vulnerability

Assessment

Supply Chain Risk

Assessment

(SCRM

Effectiveness)

Supply Chain Threats

and Vulnerabilities

• Insider

• Agents

• Non-Trusted Vendors

• No traceability

• No Physical /

Personnel Security

CC Technical Threats

and Vulnerabilities

• Malw are Insertion

• Counterfeit Parts

• Lack of Software /

Hardw are assurance

• Lack of Secure

Design / SSE

Hardware

Software

Supply Chain

Mitigations

• Trusted Vendors

• CC Accountability and

Traceability• Supply Chain Controls

• Security

• Information Assurance

• Enterprise Policy

CC Mitigations

• Hardw are / Software

Assurance

• Secure Design

• Cyber Security

NIST

NISPOM

Policy

Validate / Publish

Project Office

SCRM Efforts

Program

Protection Plan

Program Protection

Implementation

plan

AMRDEC SHAREHOLDER INTEGRATIONCYBER

VULNERABILITY ASSESSMENT / ENGINEERING

RMFSOFTWARE ASSURANCE

HARDWARE / SOFTWARE / FIRMWARE TESTING (CTSB)

Supply Chain Risk Management

Across Each Program Lifecycle

SCRM• Awareness

• Familiarization

• Intense SCRM Working Group Training

• Roles

• Responsibilities

Incident

Institutional

Training /

Education

Firmware

Coordination

SCRM

Incident

Response

SCRM

Incident

Response


Missile S&T Cyber Snapshot

• Performed outreach to recognized experts in the community

• The mission areas of CERDEC and AMRDEC overlap when

considering responsibility of Cyber for US Army weapons systems

– Collaborate with CERDEC where possible and inform CERDEC of research

topics within their mission area

• Primary Research Areas tend to be:

• Potential Future Research Areas:– CEMA

• Defense Science Board recommends spending $2B/yr in EW to “catch up”

– Active Defense• Proactive, not reactive

– Understanding cyber effects within a System of Systems using M&S

‒ Software Assurance

‒ Cyber Physical Systems

‒ Risk Management Process

‒ Supply Chain Risk Management

‒ FPGA Defense

‒ Big Data Analytics

CEMA : Cyber/Electromagnetic Activities (FM 3-38)

The Purpose of this Effort is to Research and Develop Technologies

that "Weave Cyber Defense into the DNA of Army Systems"


Cyber Strategy Development

Other Instructional Documents

DoD Cyber Strategy 2014 Army Cyber Strategy

A cyber-proficient total force that operates

effectively in and through cyberspace to meet

joint and service requirements

Army formations and netw orks support Army

& Joint operations

Rapidly-Delivered Cyberspace Capabilities to

the Total Force

Adaptive facilities and installation resources

fully capable of supporting cyberspace

operations and developing a 21st century

force

Developed partnerships w ith US and

international Academia, Industry, Defense

Departments/Ministries, and other Agencies

to enhance cyberspace operations

Build and maintain ready forces and

capabilities to conduct cyberspace operations.

Defend the DoD information netw ork, secure

DoD data, and mitigate risks to DoD missions.

Be prepared to defend the U.S. homeland

and U.S. vital interests from disruptive or

destructive cyber attacks of signif icant

consequence.

Build and maintain viable cyber options and

plan to use those options to control conflict

escalation and to shape the conflict

environment at all stages.

Build and maintain robust international

alliances and partnerships to deter shared

threats and increase international security

and stability.

• DoDI 5000.02, Operation of the Defense Acquisition System• DoDI 8500.01, Cybersecurity• DoDI 8510.01, Risk Management Framework

AMRDEC Strategic Plan

Under Development and will tieTo DoD and Army Strategies


Summary

• AMRDEC’s Cyber Engineering Center is the focal point for leveraging of

knowledge and personnel resources to support PEO MS and PEO AVN systems

• Critical efforts are ongoing to support weapon system developers in Cyber

Resiliency

• Limited personnel resources within Government and Industry to address

Cyber issues

• AMRDEC is aggressively working to build the Government bench through

programs such as Scholarship for Service