The US Air Force through SBIR initiated a request to create a prototype that would address weapon system platform Cyber Security Processes.  The USAF needed to certify that all components on board the weapon system had passed all tests for cyber reliability.  The Air Force was concerned at how Cyber Attacks happen and how to simulate their impact on the weapon platform.  They wanted KBSI to apply their expertise with simulation to craft a prototype tool.  This tool would simulate attacks on the platform based upon know vulnerabilities.

As the simulation model expanded, the USAF now needed a way to document the risk levels of the platform.  Focus was then given to augment the system to assist the various teams in documenting the operability of the systems.  The military mandated that each weapon system and component on the platform follow the Authorization To Operate (ATO) process.  This process required that vulnerabilities be identified, mitigation plans documented, and test results published for each component of the platform.  This required thousands of man hours to initially document and also maintain as changes were incorporated.

KBSI built the prototype system to capture these documents and reports.  KBSI applied its Model-Based Systems Engineering expertise to define the aircraft model along with all the attributes of the components. The Air Force then found that digital vulnerabilities existed in various data sources which needed to be accessed and then compared to the ATO models.  These vulnerabilities contained immense amounts of data.  KBSI applied its big data expertise to capture, assimilate, and overlay this information onto aircraft models.  This would automate the notification process and monitor the known vulnerabilities in order to have up-to-date vulnerability data.

The Air Force studied cyber tactics and discovered that most cyber adversaries were state-sponsored. They studied their tactics and discovered similarities used in actual battlefield tactics and maneuvers.

The system then needed to be expanded in order to create a capability to use Artificial Intelligence algorithms to conduct a Risk Analysis simulation against the platform model.  The Air Force needed to add the capability to understand the impacts throughout the system as to what an attack would have on the system vulnerabilities.  This produced a Risk Score that was used to rank the risks in order to produce mitigation plans to correct the weaknesses.

With known tactics and vulnerabilities, the USAF then wanted to incorporate battle tactics into the AI Algorithms.  This is especially valuable when simulating attacks from State-Sponsored cyber attacks.  With pattern recognition technology, these tactics can be simulated to determine anticipated attack paths.  Sophisticated attacks are now more sophisticated because they have multi-pronged approaches.  A single attack can be a diversion to what is then a secondary, more dangerous, attack.  The Attack Path Analyzer highlights the alternative paths that are not common.

ASSURANT™ was modified to address business risks in addition to technical risks.

By |2023-02-02T16:48:04-06:00February 2, 2023|Comments Off on history-tabs

About the Author:

Go to Top