Cybersecurity Analytics and Visualization for Warfighting Advantage
Virginia Beach, VA (March 27, 2024) –
The power balance in modern warfare increasingly hinges on which side has the greater information advantage, which makes cybersecurity an essential priority. Information advantage is best realized when warfighting systems can instantly communicate to orchestrate systems involving personnel and manned and unmanned weapon systems deployed across land, air, sea, and space. For simplicity, we call such Rubik’s Cubes “multi-domain systems.”
Managing and orchestrating fighting forces across multiple domains can inadvertently create cybersecurity weaknesses, exposing and weakening the effectiveness of our warfighters and their missions. The complexity of such systems is only moving in one direction: towards more complexity and intercedence of systems.
Increasingly, these multi-domain systems are operating through, or in concert with, cloud computing. It’s possible to bring enormous computing power all the way to the front lines of battle, in part, due to the increased worldwide data bandwidth available through communications systems in Low Earth Orbit satellites like Starlink. With the increased processing power and inter-connectedness come more cybersecurity risks that are nearly impossible to contain through traditional barriers, detection, and mitigation systems.
Fortunately, there are new tools emerging to help systematically anticipate and contain these multi-domain cybersecurity risks. These tools combine the power of Model-Based Systems Engineering (MBSE), sometimes known as digital twin technology, with automated threat intelligence and continuous vulnerability monitoring. These are enabling previously impossible levels of analytic and visualization capabilities that ease the burden of cybersecurity engineering, enabling mission owners to focus on what is most important – mission execution.
The U.S. Navy is an early adopter in focusing on cybersecurity across multi-domain environments since ships and strike groups face constant cyber threats across many interrelated and interdependent systems. The Navy has recently created an analytics and visualization approach to enhance cybersecurity at each of the steps of developing, testing, and deploying naval warfare systems. By integrating up-to-date threat intelligence and vulnerability data with model-based system engineering, this new approach is providing analytics and cyber visualization that enable commands to:
- Optimize System Design for Adaptive Warfare: By representing systems design at a detailed granular level, MBSE models can be used to evaluate threat and vulnerability data in near real-time. The MBSE models are initially created to represent the system’s “baseline” design and can be easily updated to reflect the “as is” state of every ship of every configuration, including patches and field upgrades installed to deal with obsolescence replacement or capability upgrades. This enables designers to apply secure-by-design principles and ensure system resiliency continuously in dynamic warfighting conditions.
- Automate RMF for Rapid Deployment: The U.S. Department of Defense has a rigorous set of standards for maintaining the cybersecurity of new and deployed systems enforced by requiring every system and subsystem be certified to comply with Risk Management Framework (RMF). While this keeps systems cyber-safe, the process of evaluating against RMF standards, and documenting compliance, can be very labor intensive and time consuming. That can cause dangerous delays in the rollout of new protections or capabilities. A major benefit of the new cybersecurity modelling approach is that RMF compliance assurance can be expedited for systems’ certification and faster upgrades. This helps cybersecurity teams spend more time on threat analysis and designing for security resilience by reducing administrative compliance tasks.
- Manage Multi-Domain Operations: The Navy’s new security and cyber resiliency models are helping build confidence in real-time multi-domain operations that span destroyer, carrier, and submarine systems. Integrating threat intelligence, vulnerability data, attack patterns, and system design is improving and accelerating decision-making in complex combat scenarios. There are even more possibilities to increase our nation’s fighting strength by expanding integration of warfighting systems from the sea to also include personnel and drones operating across land, air, and space.
- Rapid Response for Deployed Assets: While the first generation of these new tools are being used for system planning, RMF compliance and system assurance, the next wave will be using the same tools for deployed operations. Prototyping is underway for applying this approach across an entire carrier strike group to identify and deploy mitigations to emerging threats (e.g., within 24 hours of threat detection), enabling commanders to enhance force generation and warfighting operations.
The Navy’s new digital engineering tool is starting to transform naval operations. This powerful methodology can also be applied across other commands and branches to provide:
- Enhanced Situational Awareness: MBSE can be used to develop comprehensive models of the cyber environment, including potential attack vectors and vulnerabilities. Linking the models to real-time threat databases can provide commanders with up-to-date views of potential and emerging threats, with a unified operational picture encompassing both the physical and cyber domains.
- Scenario Simulation: MBSE tools can simulate various cyber threat scenarios using current data from threat databases, allowing decision-makers across the branches of the military to evaluate the potential impacts of different threats and the effectiveness of response strategies.
- Adaptive Defense: Connecting MBSE with treat databases can help commands quickly identify and mitigate emerging threats, facilitating adaptive defense strategies to outpace adversaries in the cyber domain.
- Force Multiplier: MBSE provides a common language and framework that can facilitate communication and collaboration among cyber defense teams, and with other units. Rapid response capabilities can amplify effectiveness in complex warfighting, bolstering both offensive and defensive operations. When our branches and allied forces share MBSE models and threat data, they can coordinate defenses more effectively, increasing collective resilience.
New tools, such as these developed by the Navy, are ingesting data from digital twin models to fortify cybersecurity and ensure information superiority. It’s time to expand this approach to span the evolving modern warfighting landscape across land, air, and space systems.
Corren McCoy, Ph.D. is Sr. Vice President & Chief Data Strategist at G2 Ops, Inc. Dr. McCoy leads data strategies for G2 Ops, an engineering and cybersecurity firm supporting U.S. Department of Defense clients. She earned a bachelor’s degree in computer science from Penn State University, and master’s degrees from Old Dominion and Regent University. She earned her Ph.D. through research focused on data-driven approaches for assessing cyber vulnerability. Ms. McCoy is an adjunct professor teaching courses on Information Systems, Computer Science, and Cybersecurity.
Source:
RealClear Defense Article: Cybersecurity Analytics and Visualization for Warfighting Advantage
For more information about G2 Ops, contact:
info@G2-ops.com
G2 Ops, Inc.
2829 Guardian Lane
Virginia Beach, VA 23452
*****
Learn about Model-Based Systems Engineering and Cybersecurity at G2-Ops.com.