ASSURANT

history-tabs

The US Air Force through SBIR initiated a request to create a prototype that would address weapon system platform Cyber Security Processes.  The USAF needed to certify that all components on board the weapon system had passed all tests for cyber reliability.  The Air Force was concerned at how Cyber Attacks happen and how to simulate their impact on the weapon platform.  They wanted KBSI to apply their expertise with simulation to craft a prototype tool.  This tool would simulate attacks on the platform based upon know vulnerabilities.

As the simulation model expanded, the USAF now needed a way to document the risk levels of the platform.  Focus was then given to augment the system to assist the various teams in documenting the operability of the systems.  The military mandated that each weapon system and component on the platform follow the Authorization To Operate (ATO) process.  This process required that vulnerabilities be identified, mitigation plans documented, and test results published for each component of the platform.  This required thousands of man hours to initially document and also maintain as changes were incorporated.

KBSI built the prototype system to capture these documents and reports.  KBSI applied its Model-Based Systems Engineering expertise to define the aircraft model along with all the attributes of the components. The Air Force then found that digital vulnerabilities existed in various data sources which needed to be accessed and then compared to the ATO models.  These vulnerabilities contained immense amounts of data.  KBSI applied its big data expertise to capture, assimilate, and overlay this information onto aircraft models.  This would automate the notification process and monitor the known vulnerabilities in order to have up-to-date vulnerability data.

The Air Force studied cyber tactics and discovered that most cyber adversaries were state-sponsored. They studied their tactics and discovered similarities used in actual battlefield tactics and maneuvers.

The system then needed to be expanded in order to create a capability to use Artificial Intelligence algorithms to conduct a Risk Analysis simulation against the platform model.  The Air Force needed to add the capability to understand the impacts throughout the system as to what an attack would have on the system vulnerabilities.  This produced a Risk Score that was used to rank the risks in order to produce mitigation plans to correct the weaknesses.

With known tactics and vulnerabilities, the USAF then wanted to incorporate battle tactics into the AI Algorithms.  This is especially valuable when simulating attacks from State-Sponsored cyber attacks.  With pattern recognition technology, these tactics can be simulated to determine anticipated attack paths.  Sophisticated attacks are now more sophisticated because they have multi-pronged approaches.  A single attack can be a diversion to what is then a secondary, more dangerous, attack.  The Attack Path Analyzer highlights the alternative paths that are not common.

ASSURANT™ was modified to address business risks in addition to technical risks.

By |2023-02-02T16:48:04-06:00|Comments Off on history-tabs

Share This Story, Choose Your Platform!

FacebookTwitterRedditLinkedInWhatsAppTelegramTumblrPinterestVkXingEmail

About the Author:

Comprehensive Cyber Security is Complex

1,000+ ASSURANT™ Users

10,000+ Systems/sub-systems analyzed

40,000+ Manhours saved

How to Get Started

1. Schedule a Call

Speak with an ASSURANT™ team member.

2. Get Organized

Assess the scope of your
cyber issues and start modeling and
analyzing your systems
immediately.

3. Review a Demo

Receive assessments and reports to plan risk reduction.

What Our Clients Say

“This system allowed me to identify missing components when the model validation engine ran. These were components which had infrequent changes and therefore were not commonly documented. The ASSURANT™ model told us that there were some elements missing. When we compared our sources against the model result, we discovered existing legacy components which had previously lacked documentation. The addition of these components to the model has given us confidence in the model’s completeness and improved our cyber readiness.”

Picture of a man silhouetted against a setting sun

Cyber Model Engineer

“Without the ASSURANT™ attack path analysis visual capability, it’s difficult to explain the complexities of a cyber battlespace to non-experts, and us good guys in the fight are often only learning from our mistakes in the wake of a cyber-attack. The different ways to visualize attack paths allows time to get ahead of the tactics and techniques of cyber actors by allowing us to simulate “black hat” scenarios for when a network artifact becomes compromised.”

Picture of a man silhouetted against a setting sun

Attack Path Analyst

Latest News Posts

Latest Blog Posts

Contact Us

1408 University Dr
College Station, TX 77840
(979) 260-1980
sales@kbsi.com

Resources
Identify and Prioritize Your Business Cyber Risks with ASSURANT™

Visit us at our parent website – KBSI.com

 

This material is based upon work supported by the United States Air Force under Contract No. FA8650-23-D-1061. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Air Force.

© 2023 KBSI – Innovative Ideas and Technologies | Privacy Policy | Legal Notices

Go to Top