250 likes | 1.58k Views
National Cyber Security. We count on computer networks to deliver our oil and gas, our power and our water. We rely on them for public transportation and air traffic control But we've failed to invest in the security of our digital infrastructure
E N D
1. 1 Perhaps the most fundamental center of gravity for our nation and military, cyber and the missions it supports are under constant attack.
We need S&T to enhance our readiness, resiliency, and robustness. This requires clarity in our S&T to enable cyber superiority.
Vision: The Assured Cyber Advantage in air, space, cyber, and C2ISR enabled by superior mission support.
Objective: This study will articulate the near, mid, and far-term S&T vision for Air Force cyber indicating where the AF will lead, follow, and watch, in partnership with others.
“The dogmas of the quiet past are inadequate to the stormy present. The occasion is piled high with difficulty, and we must rise with the occasion. As our case is new, so must we think anew and act anew.” -- Abraham Lincoln, 1862
Perhaps the most fundamental center of gravity for our nation and military, cyber and the missions it supports are under constant attack.
We need S&T to enhance our readiness, resiliency, and robustness. This requires clarity in our S&T to enable cyber superiority.
Vision: The Assured Cyber Advantage in air, space, cyber, and C2ISR enabled by superior mission support.
Objective: This study will articulate the near, mid, and far-term S&T vision for Air Force cyber indicating where the AF will lead, follow, and watch, in partnership with others.
“The dogmas of the quiet past are inadequate to the stormy present. The occasion is piled high with difficulty, and we must rise with the occasion. As our case is new, so must we think anew and act anew.” -- Abraham Lincoln, 1862
2. National Cyber Security “We count on computer networks to deliver our oil and gas, our power and our water. We rely on them for public transportation and air traffic control… But … we've failed to invest in the security of our digital infrastructure “
President Barack Obama, 29 May 2009
“The most menacing foreign intelligence threats in the next two to three years will involve cyber-enabled espionage … insider threats … and espionage by China, Russia, and Iran.” Lt. Gen James Clapper, Jr. USAF (Ret), DNI, 31 Jan 2012
“On the global technology front, rapid advancement in communication has spread knowledge around the world, leveling competition and causing us to work harder to maintain U.S. advantages, making us more interdependent with international partners.” Michael Donley, Secretary of the Air Force, Nov 19, 2009
“We have certain industrial, design and engineering advantages, and if they are surreptitiously obtained by others, it reduces those advantages. Gen Norton A. Schwartz, Chief of Staff, USAF 27 Feb 2012“Cyberspace superiority describes our mission to gain advantage in, from, and through cyberspace at the times and places of our choosing, even when faced with opposition.”
Gen William Shelton, AFSPC/CC, AFCEA Cyber Symposium, 7 Feb 2012
2
‘‘The national security of the United States, our economic prosperity, and the daily functioning of our govern16
ment are dependent on a dynamic public and private information infrastructure, which includes tele-com18
munications, computer networks and systems, and the information residing within. This critical infra20
structure is severely threatened. . . . We cannot protect cyberspace without a coordinated and collaborative effort that incorporates both the US private sector and our international partners.’’
- February 2, 2010, DNI Admiral Dennis C. Blair, testimony before the Select Committee on Intelligence of the Senate regarding the Annual Threat Assessment of the U.S. Intelligence Community
‘‘Those who disrupt the free flow of information in our society, or any other, pose a threat to our econ3
omy, our government, and our civil society. Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an Internet-connected world, an attack on one nation’s networks can be an attack on all. And by reinforcing that message, we can create norms of behavior among states and encourage respect for the global networked commons.’’
- January 2010, speech on Internet freedom, Secretary of State Hillary Clinton
November 2011 is 10th anniversary of the Convention on Cybercrime, the only multilateral agreement on cybercrime, to which the Senate provided advice and consent on August 3, 2006, and is currently ratified by over 30 countries.
Gen. Martin Dempsey , The Pentagon, Washington, D.C. Tuesday, October 18, 2011
"So, let me make this point up front: improving our energy security directly translates to improving our national security"
"But to enhance our energy security, we must look beyond vulnerabilities and instead, focus on and view energy as an opportunity"
"Because fundamentally we know that saving energy saves lives"
"Today Americans are more energy conscious in our homes and at work and so too are we in our military. But, we can and must do even better – particularly in pushing progress out to the field, to the flightline and into the fleet."
"Today’s warfighters require more energy than at any time in the past and that requirement is not likely to decline."
"During World War II, supporting one soldier on the battlefield took one gallon of fuel per day. Today, we use over 22 gallons per day, per soldier. We’re also more expeditionary than ever. These energy needs require a vast yet vulnerable supply chain that our enemies target."
‘‘The national security of the United States, our economic prosperity, and the daily functioning of our govern16
ment are dependent on a dynamic public and private information infrastructure, which includes tele-com18
munications, computer networks and systems, and the information residing within. This critical infra20
structure is severely threatened. . . . We cannot protect cyberspace without a coordinated and collaborative effort that incorporates both the US private sector and our international partners.’’
- February 2, 2010, DNI Admiral Dennis C. Blair, testimony before the Select Committee on Intelligence of the Senate regarding the Annual Threat Assessment of the U.S. Intelligence Community
‘‘Those who disrupt the free flow of information in our society, or any other, pose a threat to our econ3
omy, our government, and our civil society. Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an Internet-connected world, an attack on one nation’s networks can be an attack on all. And by reinforcing that message, we can create norms of behavior among states and encourage respect for the global networked commons.’’
- January 2010, speech on Internet freedom, Secretary of State Hillary Clinton
November 2011 is 10th anniversary of the Convention on Cybercrime, the only multilateral agreement on cybercrime, to which the Senate provided advice and consent on August 3, 2006, and is currently ratified by over 30 countries.
Gen. Martin Dempsey , The Pentagon, Washington, D.C. Tuesday, October 18, 2011
"So, let me make this point up front: improving our energy security directly translates to improving our national security"
"But to enhance our energy security, we must look beyond vulnerabilities and instead, focus on and view energy as an opportunity"
"Because fundamentally we know that saving energy saves lives"
"Today Americans are more energy conscious in our homes and at work and so too are we in our military. But, we can and must do even better – particularly in pushing progress out to the field, to the flightline and into the fleet."
"Today’s warfighters require more energy than at any time in the past and that requirement is not likely to decline."
"During World War II, supporting one soldier on the battlefield took one gallon of fuel per day. Today, we use over 22 gallons per day, per soldier. We’re also more expeditionary than ever. These energy needs require a vast yet vulnerable supply chain that our enemies target."
3. Cyber Vision 2025Terms of Reference Background:
Need to forecast future threats, mitigate vulnerabilities, enhance the industrial base, and develop the operational capabilities and cyber workforce necessary to assure cyber advantage across all Air Force mission areas
An integrated, Air Force-wide, near-, medium- and far-term S&T vision to meet or exceed AF cyber goals and, where possible, create revolutionary cyber capabilities to support core Air Force missions
Key Stakeholders: Air Staff, MAJCOMS, AFRL, 24th AF, ESC, ASC, SMC
Approach
Identify state of the art and best practices in government and private sector
Analyze current and forecasted capabilities, threats, vulnerabilities, and consequences across core AF missions to identify critical S&T gaps
Articulate AF near (FY11-16), mid (FY16-20) and long (FY21-25) term S&T to fill gaps, indicating where AF should lead, follow, or watch
Address cyber S&T across all Air Force core missions and functions (air, space, C4ISR) comprehensively including policy as well as DOTMLPF considerations
Engage and partner (industry, academia, national labs, FFRDC, government)
Product: Cyber S&T Vision to top 4 by 7/15/12 (Report 1/1/13) 3
4. A Wicked Problem 4
5. A Perfect Storm Explanation of Curves
For some variables (e.g., technology, connectivity) ideally we would include defense vs. industry curves, however, we include only one to enhance the clarity of the graph.
Terms: By IT we include both computing hardware and software (and telecom?)
We have increasing:
Technology Change: IT Patent Growth Rate (www.uspto.gov) % of patents awarded to foreigners from 44% in 1998 to 49% in 2008, and 51% in 2010. http://www.uspto.gov/web/offices/ac/ido/oeip/taf/us_stat.htm
1998 1999 2000 2001 2002 2003 2004 2005 2006 2007
Connectivity: Growth in telecom, internet and cross domain growth. (http://en.wikipedia.org/wiki/Internet_traffic) Internet traffic increased from 0.001 PB/Month in 1990 to 14,984 PB/Month in 2010.
Complexity: For example commercial operating systems have grown to 50M LOC (See Figure 5 in http://www.nap.edu/catalog.php?record_id=11587). F22 > 2M LOC. Boeing 777 has 4M LOC. Aegis 5M LOC with 1.8M (36%) growth for DDG 1000. FA18 10M LOC going to 20M in JSF.
System Complexity: Barry Boehm statistics about the size and complexity of has on software intensive systems of systems (SISOS) (http://www.stsc.hill.af.mil/crosstalk/2006/05/0605boehmlane.html)
10-100M LOC; 30-300 external interfaces; 2-200 suppliers; 6-12 hierarchical levels of suppliers (primes and subs); 20-200 coordination groups (IPTs). See also Measuring Architectural Complexity by Grady Booch, IEEE Software 2008 which recommends SLOC.
Vulnerabilities: 12 new vulnerabilities per day reported in cve.mitre.org. Trends are all increasing:
2005 2004 2003 2002 2001
CERT/CC 5,990 3,780 3,784 4,129 2,437
NVD 4,584 2,340 1,248 1,943 1,672
OSVDB 7,187 4,629 2,632 2,184 1,656
Symantec 3,766 2,691 2,676 2,604 1,472
Sources: Computer Emergency Response Team Coordination Center (CERT/CC), National Vulnerability Database, Open-Source Vulnerability Database, and the Symantec Vulnerability DatabaseYear 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998
# of NVD Vulns 3533 6691 6621 4933 2457 1537 2163 1677 1020 894 246
From http://cve.mitre.org/: CVE
1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
1573 1236 1566 2425 1592 2770 4887 7246 6744 7303 5103 5075 4768
As of January 2011, NVD contains 44993 CVE vulnerabilities, 11 pr day. Team evaluates over 6k vulnerabilities/year.
211 US-CERT Alerts, 2448 US-CERT Vulnerability notes.
As of 12 Dec 2011, NVD contains 48790 CVE Vulnerabilities (7 per day), 220 Checklists, 221 US-CERT Alerts, 2556 US-CERT Vuln Notes, 6908 OVAL Queries, 36862 CPE Names
Foreign Supply: Primary sources of IT offshoring are India, Russia, and China; http://www.marketresearch.com/Technology-Media-c1599/
http://www.iima.org/CIIMA/CIIMA%2520V3%2520N1%25203%2520Crow.pdf&sa=U&ei=ZzHmTqXYN8fq0gGi88z0BQ&ved=0CBIQFjAB&usg=AFQjCNGZyNI2y-Whe0bbhDxcWKVRYLO1tQ
http://www.dni.gov/nic/NIC_globaltrend2015.html#contents
Cost growth: Software cost can comprise as much as 90 percent of some programs, Maintenance 70% of life cycle costs. https://acc.dau.mil/CommunityBrowser.aspx?id=24374&lang=en-US GAO reports increases in cost overruns
Threat: Increasing volume (50->5,000 per week) and sophistication (e.g., spearphishing) adversary attacks . In 1998 the number of viruses was approximately 20K, in 2000 it was about 50K. Now it is over 1million in 2008.
http://www.symantec.com/business/threatreport/
Time to market: Systems used to take a years to build and now because of complexity and bureaucracy acquisitions can take decades (e.g., satellite constellation).
Internet Adoption: http://kpcb.com/insights/internet-trends-2011 – growing mobile internet usage (Smartphones)
[Is this a good source?] Pandasecurity.com - Malware viruses variants expanded from 14 to 16 million from 2008 to 2010
While at the same time we have decreasing:
US Computing Graduates: Data from Computing Research Association (www.cra.org/wp/index.php?p=139) annual report which shows US Computing Graduates dropped from 14 to 8 thousand per year between 2004 and 2007. Jumped to 8k enrolled CS in 2010 (see www.cra.org/uploads/documents/resources/taulbee/CRA-Taulbee-PR-2010-Final.pdf)
http://www.cra.org/resources/taulbee/
Expert Staff: Between 2002-2005, decreases in program managers (-5%), production engineers (-12%) and financial managers (-20%) whereas the test and evaluation workforce grew by 40% (Defense Acquisition Performance Assessment Report, Jan 2006)
System Response Times – cyberattacks on IT systems used to be lengthy planned out attacks but automated scanning, analysis, and global sharing of attack vectors makes attack cycles in the minutes and seconds
Explanation of Curves
For some variables (e.g., technology, connectivity) ideally we would include defense vs. industry curves, however, we include only one to enhance the clarity of the graph.
Terms: By IT we include both computing hardware and software (and telecom?)
We have increasing:
Technology Change: IT Patent Growth Rate (www.uspto.gov) % of patents awarded to foreigners from 44% in 1998 to 49% in 2008, and 51% in 2010. http://www.uspto.gov/web/offices/ac/ido/oeip/taf/us_stat.htm
1998 1999 2000 2001 2002 2003 2004 2005 2006 2007
Connectivity: Growth in telecom, internet and cross domain growth. (http://en.wikipedia.org/wiki/Internet_traffic) Internet traffic increased from 0.001 PB/Month in 1990 to 14,984 PB/Month in 2010.
Complexity: For example commercial operating systems have grown to 50M LOC (See Figure 5 in http://www.nap.edu/catalog.php?record_id=11587). F22 > 2M LOC. Boeing 777 has 4M LOC. Aegis 5M LOC with 1.8M (36%) growth for DDG 1000. FA18 10M LOC going to 20M in JSF.
System Complexity: Barry Boehm statistics about the size and complexity of has on software intensive systems of systems (SISOS) (http://www.stsc.hill.af.mil/crosstalk/2006/05/0605boehmlane.html)
10-100M LOC; 30-300 external interfaces; 2-200 suppliers; 6-12 hierarchical levels of suppliers (primes and subs); 20-200 coordination groups (IPTs). See also Measuring Architectural Complexity by Grady Booch, IEEE Software 2008 which recommends SLOC.
Vulnerabilities: 12 new vulnerabilities per day reported in cve.mitre.org. Trends are all increasing:
2005 2004 2003 2002 2001
CERT/CC 5,990 3,780 3,784 4,129 2,437
NVD 4,584 2,340 1,248 1,943 1,672
OSVDB 7,187 4,629 2,632 2,184 1,656
Symantec 3,766 2,691 2,676 2,604 1,472
Sources: Computer Emergency Response Team Coordination Center (CERT/CC), National Vulnerability Database, Open-Source Vulnerability Database, and the Symantec Vulnerability DatabaseYear 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998
# of NVD Vulns 3533 6691 6621 4933 2457 1537 2163 1677 1020 894 246
From http://cve.mitre.org/: CVE
1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
1573 1236 1566 2425 1592 2770 4887 7246 6744 7303 5103 5075 4768
As of January 2011, NVD contains 44993 CVE vulnerabilities, 11 pr day. Team evaluates over 6k vulnerabilities/year.
211 US-CERT Alerts, 2448 US-CERT Vulnerability notes.
As of 12 Dec 2011, NVD contains 48790 CVE Vulnerabilities (7 per day), 220 Checklists, 221 US-CERT Alerts, 2556 US-CERT Vuln Notes, 6908 OVAL Queries, 36862 CPE Names
Foreign Supply: Primary sources of IT offshoring are India, Russia, and China; http://www.marketresearch.com/Technology-Media-c1599/
http://www.iima.org/CIIMA/CIIMA%2520V3%2520N1%25203%2520Crow.pdf&sa=U&ei=ZzHmTqXYN8fq0gGi88z0BQ&ved=0CBIQFjAB&usg=AFQjCNGZyNI2y-Whe0bbhDxcWKVRYLO1tQ
http://www.dni.gov/nic/NIC_globaltrend2015.html#contents
Cost growth: Software cost can comprise as much as 90 percent of some programs, Maintenance 70% of life cycle costs. https://acc.dau.mil/CommunityBrowser.aspx?id=24374&lang=en-US GAO reports increases in cost overruns
Threat: Increasing volume (50->5,000 per week) and sophistication (e.g., spearphishing) adversary attacks . In 1998 the number of viruses was approximately 20K, in 2000 it was about 50K. Now it is over 1million in 2008.
http://www.symantec.com/business/threatreport/
Time to market: Systems used to take a years to build and now because of complexity and bureaucracy acquisitions can take decades (e.g., satellite constellation).
Internet Adoption: http://kpcb.com/insights/internet-trends-2011 – growing mobile internet usage (Smartphones)
[Is this a good source?] Pandasecurity.com - Malware viruses variants expanded from 14 to 16 million from 2008 to 2010
While at the same time we have decreasing:
US Computing Graduates: Data from Computing Research Association (www.cra.org/wp/index.php?p=139) annual report which shows US Computing Graduates dropped from 14 to 8 thousand per year between 2004 and 2007. Jumped to 8k enrolled CS in 2010 (see www.cra.org/uploads/documents/resources/taulbee/CRA-Taulbee-PR-2010-Final.pdf)
http://www.cra.org/resources/taulbee/
Expert Staff: Between 2002-2005, decreases in program managers (-5%), production engineers (-12%) and financial managers (-20%) whereas the test and evaluation workforce grew by 40% (Defense Acquisition Performance Assessment Report, Jan 2006)
System Response Times – cyberattacks on IT systems used to be lengthy planned out attacks but automated scanning, analysis, and global sharing of attack vectors makes attack cycles in the minutes and seconds
6. Bold Responses 6
7. 7 (2008) United States Air Force Scientific Advisory Board (AF-SAB) report on Defending and Operating in a Contested Cyber Domain
“Develop Mission Essential Cyber Competencies”
“Leverage existing technologies to develop cyber training and exercises.”
Fight through
(2010) Air Force Doctrine Document 3-12 RISE OF THE CYBERSPACE OPERATOR (pg38)
“Requires a well-educated and trained professional cadre”
“ready to provide the required capability and capacity for mission accomplishment”.
“…with technical and tactical expertise are mission essential individuals.”
“possess high levels of technical competence, robust analytical skills, and a critical understanding of cyberspace warfare application.”
(2011) Department of Defense Strategy for Operating in Cyberspace
“focus on communication, personnel training, and new technologies and processes”
“The development and retention of an exceptional cyber workforce is central to DoD’s strategic success in cyberspace.”
“The development of the cyber workforce is of paramount importance to DoD.”
“Continued education and training will be hallmarks of the cyber workforce…”
“DoD will invest in future personnel…”
AFSPC Science and Technology (S&T) Guidance, “Realistic Distributed Network Training Environment for Network Operations”, Tech need 030-2009-01, Tech need date 2014
Increase Supply
Change the Culture
(2008) United States Air Force Scientific Advisory Board (AF-SAB) report on Defending and Operating in a Contested Cyber Domain
“Develop Mission Essential Cyber Competencies”
“Leverage existing technologies to develop cyber training and exercises.”
Fight through
(2010) Air Force Doctrine Document 3-12 RISE OF THE CYBERSPACE OPERATOR (pg38)
“Requires a well-educated and trained professional cadre”
“ready to provide the required capability and capacity for mission accomplishment”.
“…with technical and tactical expertise are mission essential individuals.”
“possess high levels of technical competence, robust analytical skills, and a critical understanding of cyberspace warfare application.”
(2011) Department of Defense Strategy for Operating in Cyberspace
“focus on communication, personnel training, and new technologies and processes”
“The development and retention of an exceptional cyber workforce is central to DoD’s strategic success in cyberspace.”
“The development of the cyber workforce is of paramount importance to DoD.”
“Continued education and training will be hallmarks of the cyber workforce…”
“DoD will invest in future personnel…”
AFSPC Science and Technology (S&T) Guidance, “Realistic Distributed Network Training Environment for Network Operations”, Tech need 030-2009-01, Tech need date 2014
Increase Supply
Change the Culture
8. Cyber Vision Team Senior Governance Team (3*)
Dr. Mark Maybury (chair), Lt Gen Mike Basla (AFSPC/CV –> SAF/CIO A6), Lt Gen Janet Wolfenbarger (SAF/AQ), Lt Gen William Lord (SAF/CIO A6), Lt Gen Larry James (AF/A2), Lt Gen Chris Miller (AF/A8)
Key Senior Stakeholders
Lt Gen Charles Davis (ESC/CC, AFPEO C3I and Networks), Lt Gen Ellen Pawlikowski (SMC), Maj Gen Ken Merchant (AAC), Lt Gen Thomas Owen (ASC), Lt Gen “Hawk” Carlisle (A3/5), Maj Gen Neil McCasland (AFRL), Maj Gen Suzanne Vautrinot (24th AF), Maj Gen Mike Holmes (A3/5), Dr. Steve Walker (AQR), Dr. Jackie Henningsen (A9), Lt Gen(Sel) John Hyten (AQS –> AFSPC/CV), Maj Gen Robert Otto (AFISRA/CC), Maj Gen(Sel) Samuel Greaves (AFSPC/A8/9)
Cyber S&T Mission Area Study Leads
Air: Dr. Kamal Jabbour (AFRL/RI), Dr. Don Erbschloe (AMC), Mr. Bill Marion (ACC)
Space: Dr. Doug Beason (AFSPC), Col Brad Buxton (SMC) & Dr. Jim Riker (AFRL/RV)
Cyber: Dr. Rich Linderman (AFRL/RI), Dr. Doug Beason (AFSPC) & Mr. Arthur Wachdorf (24th)
C2ISR: Dr. Steven K. Rogers (AFRL/RY), Mr. Ron Mason (ESC), Mr. Stan Newberry (AFC2IC), Dr. Chris Yeaw (AFGSC), B Gen Scott Bethel (AFISRA/CV), B Gen (S) John Bansemer (AFISRA/CVA), DISL Keith Hoffman (NASIC), Dr. Rick Raines (CCR, AFCyTCoE)
Mission Support (Talent, Training, Acquisition, Infrastructure): Dr. Steve Walker (AQR), Maj Gen Tom Andersen (LeMay Center), Mr. Mike Kretzer (688th), Dr. Nathaniel Davis (AFIT), BG Dwyer Dennis (AFMC/A2/5)
Enabling Technology: Dr. Jennifer Ricklin (AFRL), Dr. Robert Bonneau (AFOSR)
Threat: Mr. Gary O’Connell (NASIC), Col Matthew Hurley (AF/A2DD) 8
9. DRAFTSenior Independent Expert Review Group (SIERG) 9 NSA Reccs from Larry James:
Chris Inglis, the Deputy DIRNSA too high?
Our other recommendations, in priority order, would be
Mr Greg Smithberger, Director, NSA/CSS Tailored Access Office (TAO)
Mr Paul Laugesen Deputy TAO emmill6@nsa.gov
NASIC recommended contacting Glenn Gafney, Director of S&T, and Andy Makridis, new Director of WINPAC
Ms Mo Baginsky at Maureen.Baginski@sparta.com
Gil Vega, Chief Information Security Officer and Associate CIO for Cybersecurity, U.S. Department of Energy, gil.vega@hq.doe.gov
Four former AF chief scientists
Former DNIs
Former Director of NRO, Keith Hall
Former AFRL Commanders
Dr. Yul Williams, NSA/CSS Threat Operations Center Technical Director
RADM Will Metts, Deputy Chief, TAO http://www.navy.mil/navydata/bios/navybio.asp?bioID=572
Lt Gen George Muellner (Ret) USAF, former SAF/AQ
Lt Gen Ken Minihan (Ret) USAF, Former Director NSA
Gen Mike Hayden (ret), USAF, former DNI, NSA and CIA director
VADM Mike McConnell, (Ret) USN, former DNI, DRNSA
Lt Gen (Ret) David Deptula, USAF, Former AF/A2
Dr Ernest McDuffie, CMU National Initiative on Cyber Education
David Honey, PhD - ADDNI for S&T, Director, S&T
Herb Lin, National Academy, Chair Computer Science Panel
Giorgio Bertoli, Army CERDEC I2WD
Lt Gen (Ret) Trey Obering, USAF, former Director of Missile Defense Agency now SVP at Booze Allen Hamilton
Prof. Werner Dahm, SDSI & ASU
Lt. Gen. Robert J. Elder former Commander, 8th Air Force, Air Combat Command and Joint Functional Component Commander for Space and Global Strike, U.S. Strategic Command, Offutt AFB, Nebraska. Now Research Faculty at George Mason University.
Giorgio Bertoli (Giorgio.Bertoli@us.army.mil), Army CERDEC I2WD (Intelligence & Information Warfare Directorate ) works for Henry Muller (SES) (CERDEC) henry.j.muller4.civ@mail.mil, Army
Mr. John Gilligan, Air Force Chief Information Officer (CIO) and former SVP and Director at SRA International
Recommended: Dr Rick Boivie (IBM), Dr Don Robinson (NG), Dr IT)
NSA Reccs from Larry James:
Chris Inglis, the Deputy DIRNSA too high?
Our other recommendations, in priority order, would be
Mr Greg Smithberger, Director, NSA/CSS Tailored Access Office (TAO)
Mr Paul Laugesen Deputy TAO emmill6@nsa.gov
NASIC recommended contacting Glenn Gafney, Director of S&T, and Andy Makridis, new Director of WINPAC
Ms Mo Baginsky at Maureen.Baginski@sparta.com
Gil Vega, Chief Information Security Officer and Associate CIO for Cybersecurity, U.S. Department of Energy, gil.vega@hq.doe.gov
Four former AF chief scientists
Former DNIs
Former Director of NRO, Keith Hall
Former AFRL Commanders
Dr. Yul Williams, NSA/CSS Threat Operations Center Technical Director
RADM Will Metts, Deputy Chief, TAO http://www.navy.mil/navydata/bios/navybio.asp?bioID=572
Lt Gen George Muellner (Ret) USAF, former SAF/AQ
Lt Gen Ken Minihan (Ret) USAF, Former Director NSA
Gen Mike Hayden (ret), USAF, former DNI, NSA and CIA director
VADM Mike McConnell, (Ret) USN, former DNI, DRNSA
Lt Gen (Ret) David Deptula, USAF, Former AF/A2
Dr Ernest McDuffie, CMU National Initiative on Cyber Education
David Honey, PhD - ADDNI for S&T, Director, S&T
Herb Lin, National Academy, Chair Computer Science Panel
Giorgio Bertoli, Army CERDEC I2WD
Lt Gen (Ret) Trey Obering, USAF, former Director of Missile Defense Agency now SVP at Booze Allen Hamilton
Prof. Werner Dahm, SDSI & ASU
Lt. Gen. Robert J. Elder former Commander, 8th Air Force, Air Combat Command and Joint Functional Component Commander for Space and Global Strike, U.S. Strategic Command, Offutt AFB, Nebraska. Now Research Faculty at George Mason University.
Giorgio Bertoli (Giorgio.Bertoli@us.army.mil), Army CERDEC I2WD (Intelligence & Information Warfare Directorate ) works for Henry Muller (SES) (CERDEC) henry.j.muller4.civ@mail.mil, Army
Mr. John Gilligan, Air Force Chief Information Officer (CIO) and former SVP and Director at SRA International
Recommended: Dr Rick Boivie (IBM), Dr Don Robinson (NG), Dr IT)
10. Key Events 18-20 Jan – Preliminary Air-Cyber Mission Meeting – Edwards AFB
23 January – Threat Workshop (SCI), Washington, DC
(7-9 Feb, AFCEA Cyber Conf, Colorado Springs)
Air-cyber: 8 Feb (Scott AFB), 9 Feb (Langley)
8-9 Feb 24th AF/US Navy Cyber Tech Summit, Colorado Springs, CO
24 Feb – RFI Input Due (See www.tinyurl.com/cybervision)
29 Feb – 2 Mar – West Coast Industry Visit for team leads
5-9 March – AFOSR Computational Sciences Review, DC
12-13 March – Air Workshop, Langley
14-15 March – C2ISR Workshop, Langley
19-21 March – Space-Cyber, Cyber, S&T Workshops, AFSPC, Peterson AFB
22-23 March – AFA Cyber Futures Conference, Gaylord, DC
27 March - Mission Support Summit, DC
28 March - AF-DoE Cyber Summit, ORNL
29 March - DARPA Cyber PM Briefs to CV25 Mission Leads
TBD April – NSA/CYBERCOM Day, Ft Meade
10 April @SAFTAS- Senior Independent Expert Review Group – Slide Review
9 May @SAFTAS - Senior Independent Expert Review Group – Doc Review
10 POCs
- 12-13 March – Air-Cyber Workshop, Langley AFB (Kamal.Jabbour@rl.af.mil)
- 14-15 March – C2ISR-Cyber Workshop, Langley AFB (steven.rogers@wpafb.af.mil)
- 19-21 March – Space-Cyber (james.beason@peterson.af.mil), Cyber (Richard.Linderman@rl.af.mil), and Cross cutting Cyber S&T (Jennifer.Ricklin@wpafb.af.mil) Workshops @ AFSPC, Peterson AFB
- (22-23 March – AFA Cyber Futures Conference, Gaylord, DC)
- 27 March - Mission Support Summit, DC (Steven.Walker@pentagon.af.mil)
28 March - AF-DoE Cyber Summit, ORNL (aimonem@battelle.org)
29 March - DARPA Cyber PM Briefs to CV25 Mission Leads, DARPA I2O SCIF (Rodney.Miller@pentagon.af.mil)
- TBD - 3, 4, 9, or 30 April – NSA/CYBERCOM Day, Ft Meade (gary.oconnell@wpafb.af.mil)POCs
- 12-13 March – Air-Cyber Workshop, Langley AFB (Kamal.Jabbour@rl.af.mil)
- 14-15 March – C2ISR-Cyber Workshop, Langley AFB (steven.rogers@wpafb.af.mil)
- 19-21 March – Space-Cyber (james.beason@peterson.af.mil), Cyber (Richard.Linderman@rl.af.mil), and Cross cutting Cyber S&T (Jennifer.Ricklin@wpafb.af.mil) Workshops @ AFSPC, Peterson AFB
- (22-23 March – AFA Cyber Futures Conference, Gaylord, DC)
- 27 March - Mission Support Summit, DC (Steven.Walker@pentagon.af.mil)
28 March - AF-DoE Cyber Summit, ORNL (aimonem@battelle.org)
29 March - DARPA Cyber PM Briefs to CV25 Mission Leads, DARPA I2O SCIF (Rodney.Miller@pentagon.af.mil)
- TBD - 3, 4, 9, or 30 April – NSA/CYBERCOM Day, Ft Meade (gary.oconnell@wpafb.af.mil)
11. Elements of Contested Cyber
12. Partnership and Focus 12
13. Principles & Practices Principles
Least Privilege (e.g., white listing, discretionary access control)
Balance of power (e.g., distribution of authority, peer review, two person rule)
Minimization – limit attack surface, limit dependencies, reduce capability to essentials
Simplification – Pursue only necessary complexity
Resiliency (flexibility, rapid reconstitution, active defense), Robustness (e.g., redundancy), and Readiness (e.g., intel/situational awareness, training)
Diversity
Speed (responsiveness) , Agility, and Evolvability
Balance (Offense/defense, human creativity and machine intelligence, confidence/control)
Cost and efficiency
Practices
Systems, e.g., redundancy, diversity, roots of trust (hardware and software, supply chain)
Architectures, e.g., loose couplers (avoid brittleness)
Acquisition, e.g., clear/focused requirements, early/continual user/test involvement, early prototyping and rapid cycles for evolution, modular/open standards, model driven archs
Information, e.g., chain of custody, encryption at rest/in motion
Operations, e.g., fractionated authority, cyber hygiene
People, e.g., accessions, education and training, deep experience 13
14. AF Cyber S&T Vision “Assured cyber advantage across air, space, cyber, C2ISR, and mission support”
Assured – Ensured operations in congested, competitive, contested, and denied environments in spite of increased dependencies, vulnerabilities, and threats
Cyber – its defense, exploitation, operation
Advantage – we seek a speed, agility, and effectiveness edge over our adversaries to ensure operational dominance
Across – we require superiority within and across
Air, space, cyber, C2ISR, mission support – we require full spectrum cyber solutions
14
15. AF Core Mission Prioritized S&T Roles Technology Leader – Creates or invents novel technologies through research, development and demonstration. Key S&T for core Air Force Title 10 missions and associated platforms with few or no other investors outside of the Air Force, e.g., IADS
Fast Follower – Rapidly adopts, adapts or accelerates technologies originating from external leading organizations, e.g., hardening DoE’s microgrids
Technology Watcher – Uses and leverages others S&T investments for non core missions, e.g., generic IT 15
16. BACKUP Slides 16
17. What is Out of Scope? In:
Cyber exploitation, defense, operations
Cyber security of communications, data links, power
OSD (R&E) Priority Steering Committees – Cyber, Data to Decisions, Autonomy and cyber aspects of Human Systems and Resilient Systems Engineering (but not Countering WMD, EW/EP)
Out:
Commodity commercial IT infrastructure and communications
Spectrum allocation and/or management – except for application to use of cyber methods for spectrum protection
Electronic warfare
Directed energy - lasers or high power microwave for sensing or communication 17
18. Software Challenges Increasing % of mission systems software (air, space, cyber, C2ISR)
Large (10s of millions SLOC) and complex - (dependencies)
Acquisition difficult - 46% over budget (by 47%) or late (by 72%); Successful projects have 68% specifications
Scarce Talent
18
19. Cyber Trends Bigger: HPC: Petascale to exascale
Programmable, performance (peta to exa), green
Smaller: Nanoelectronics (e.g., nanowires, memristers)
Diverse: Clusters, clouds, GPUs, FPGAs
Embedded: 4.5M LOC in F-35, 90% of functionality
More contested and dangerous: Advanced threat, insider threat, supply chain
More competitive: global hardware, software, talent
More complex: Interconnected
Greener: infrastructure and algorithms
Less US talent: STEM Challenge “Over the past 30 years, minimum feature sizes for advanced integrated circuits have been reduced by over 100X, from several microns in the early 1980s to just 32 nm today, with plans for sub-20 nm production firmly in place at most major manufacturers. While predictions abound that the relentless pace of geometry shrinks will have to end at some point, it seems clear the industry is well on target to continue shrinking geometries to less than 10 nm before the end of the decade. What is less clear is which lithographic technology will be used in producing these leading-edge devices…” Moshe Preil, GLOBALFOUNDRIES
INTERNATIONAL TECHNOLOGY ROADMAP FOR SEMICONDUCTORS (ITRS)has identified energy as one of the top three overall challenges for the last seven years
- computational energy/operation (per logic and per memory-bit state changes
energy efficiency of basic components (i.e., switches, wires, and memory bits) and end-equipment (e.g., microcontrollers, signal processors, and power/battery management circuits) are key to the efficiency of communications systems, household appliances, transportation (e.g., cars), industrial machines, etc.
---
On December 1, 2010, the U.S. Air Force unveiled the “Condor Cluster,” a supercomputer made of more than 1,716 processors taken from PlayStation 3 video game consoles, and designed by military scientists at the Air Force Research Laboratory (AFRL) in Rome, New York. the Condor Cluster calculates an impressive 500 trillion operations per second. This is the fastest interactive computer currently in use at the Department of Defense (DoD). 168 General Purpose Graphical Processing Units
According to Air Force officials, the Condor Cluster is 10 to 20 times less expensive than similar supercomputers used by the U.S. government. Officials also said it consumes less than one-tenth the amount of energy, making it a "green" supercomputer. The new system will be freely available to all DoD users on a shared basis
“Over the past 30 years, minimum feature sizes for advanced integrated circuits have been reduced by over 100X, from several microns in the early 1980s to just 32 nm today, with plans for sub-20 nm production firmly in place at most major manufacturers. While predictions abound that the relentless pace of geometry shrinks will have to end at some point, it seems clear the industry is well on target to continue shrinking geometries to less than 10 nm before the end of the decade. What is less clear is which lithographic technology will be used in producing these leading-edge devices…” Moshe Preil, GLOBALFOUNDRIES
INTERNATIONAL TECHNOLOGY ROADMAP FOR SEMICONDUCTORS (ITRS)has identified energy as one of the top three overall challenges for the last seven years
- computational energy/operation (per logic and per memory-bit state changes
energy efficiency of basic components (i.e., switches, wires, and memory bits) and end-equipment (e.g., microcontrollers, signal processors, and power/battery management circuits) are key to the efficiency of communications systems, household appliances, transportation (e.g., cars), industrial machines, etc.
---
On December 1, 2010, the U.S. Air Force unveiled the “Condor Cluster,” a supercomputer made of more than 1,716 processors taken from PlayStation 3 video game consoles, and designed by military scientists at the Air Force Research Laboratory (AFRL) in Rome, New York. the Condor Cluster calculates an impressive 500 trillion operations per second. This is the fastest interactive computer currently in use at the Department of Defense (DoD). 168 General Purpose Graphical Processing Units
According to Air Force officials, the Condor Cluster is 10 to 20 times less expensive than similar supercomputers used by the U.S. government. Officials also said it consumes less than one-tenth the amount of energy, making it a "green" supercomputer. The new system will be freely available to all DoD users on a shared basis
20.
DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE
Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s
potential
Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems
Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy
Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity
Strategic Initiative 5: Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation
DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE
Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s
potential
Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems
Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy
Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity
Strategic Initiative 5: Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation
21. Cyber JCTDs Non Persistent Desktop Browser (NPDB)
Protection and Operation of IP Secure Network Terrain (POINT)
DISA Mission Assurance Decision Support System (MADSS)
Computer Adaptive network Defense in Depth (CANDID)
Smart Power Infrastructure Demo for Energy Security and Reliability (SPIDERS)
Cross Domain Collaboration Information (CDCIE) 21
22. Executable Lines of Code in Mission Systems 22 ESLOC is a valuable and intuitive measure that is correlated with the number
of people required to build, use, and maintain software systems.11 However,
dimensions beyond size can significantly increase the complexity of IT systems.
For example, Boehm and Lane (2006)12 describe how software intensive systems
of systems (SISOS) “integrate multiple, independently developed systems” and
“are very large, dynamically evolving, and unprecedented with emergent
requirements and behaviors, and complex socio-technical issues to address.”
SISOS are characterized by 10–100 million LOC; 30–300 external interfaces; 2–
200 suppliers; 6–12 hierarchical levels of suppliers (primes and subs) and 20–200
coordination groups (or integrated product teams).ESLOC is a valuable and intuitive measure that is correlated with the number
of people required to build, use, and maintain software systems.11 However,
dimensions beyond size can significantly increase the complexity of IT systems.
For example, Boehm and Lane (2006)12 describe how software intensive systems
of systems (SISOS) “integrate multiple, independently developed systems” and
“are very large, dynamically evolving, and unprecedented with emergent
requirements and behaviors, and complex socio-technical issues to address.”
SISOS are characterized by 10–100 million LOC; 30–300 external interfaces; 2–
200 suppliers; 6–12 hierarchical levels of suppliers (primes and subs) and 20–200
coordination groups (or integrated product teams).
23. Adoption Acceleration 23