Friday, June 21, 2013
Panel Finds AF Cyber Situation Awareness Capability Inadequate, Recommends Six-Point Plan
Posted on InsideDefense.com: June 20, 2013
An influential Air Force advisory panel has concluded the service’s plans to develop cyber situational awareness capabilities are not up to snuff and has recommended a six-point plan to shore up vulnerabilities and develop news means to exploit its cyber advantages.
The Air Force Scientific Advisory Board study on Cyber Situation Awareness — a 2012 assessment commissioned to assess how well the service understands exactly which information systems are critical to a given operation, how that system is monitored and its information utilized — contends the service must take steps to develop cyber bearings akin to situational awareness in air and space.
“Awareness of the readiness of these systems is essential for an operational commander to ensure successful execution of the mission just as it is for aircraft, space systems, and munitions,” states an abstract of the classified study released this month in response to a request from InsideDefense.com.
The study was led by Werner Dahm, former Air Force chief scientist, and Douglas Schmidt, Vanderbilt University professor of electrical engineering and computer science.
“The [Scientific Advisory Board] found that the USAF is not on a path to reaching the level of CSA [cyber situational awareness] needed to meet the threats and opportunities presented by synchronized air-space-cyber operations,” according to the abstract.
The science board panel conducted a “comprehensive assessment” of cyber situational awareness, focusing on the needs of the Joint Force Air Component Commander — the office in charge of air forces in a joint environment, according to the summary. To conduct the study, the panel solicited private sector experts — from both commercial and defense companies — and military operational users “to assess the state of practice in cyber situational awareness,” according to the abstract.
“The end result was a recommended path to meeting the threats and opportunities of synchronized warfighting across the air-space-cyber domains,” according to the abstract. “Strong linkages and dependencies exist between the air and space domains and the cyber domain . . . this creates substantial opportunities and threats from coordination of operational effects in the cyber domain with effects in the air and space domains.”
Specifically, the Air Force needs to link three categories of activities, the panel found: mission assurance in the air, space, and cyber domains; supporting offensive cyber operations; and coordinated defensive cyber operations.
In addition to the Air Force not having a sufficient plan to achieve cyber situational awareness, the panel found “the assessed current state of CSA is that the JFACC today has extremely limited access to real cyber situational awareness,” according to the abstract.
The panel recommends the Air Force take six actions to develop cyber situational awareness. The service, according to the abstract, should develop technologies “to allow real-time assessment of confidentiality and integrity of cyber and mission systems beyond emphasis on availability.”
Second, the Air Force should ensure U.S. Cyber Command, along with the broader intelligence community, “provide actionable and timely threat intelligence and vulnerabilities to all JFACCs and other commanders to support improved CSA,” the panel recommends. Third, the service needs to develop technologies — and processes — that, according to the abstract, “enable near-, mid- and far-term capabilities for dynamic mission mapping to support mission-aware cyber asset allocation.” This “is needed to achieve broad CSA,” according to the panel.
Fourth, the Air Force should build and test a prototype architecture that enables cyber situational awareness for air operations centers “based on mission-critical functional partitions and out-of-band monitoring with deep data-analytic capabilities,” the panel recommends. “A robust CSA-enabling architecture can be implemented for numerous missions.”
Fifth, the Air Force needs to avail itself of automation that augments human decisions across the CSA hierarchy, “allowing better use of limited manpower and enabling analyses of increasingly complex cyber activity,” according to the panel. “Appropriate uses of automation will lead to substantially improved CSA.”
Lastly, the scientific advisory panel calls for the Air Force to “address the human component of human-systems integration to provide an effective operational solution that meets the most urgent CSA needs of the Air Force.” — Jason Sherman