THE MIL + AERO COMMENTARY – This month saw a big uptick in U.S. military attention to cyber security and trusted computing, as the U.S. Navy, Army, Air Force, and Defense Advanced Research Projects Agency (DARPA) launched projects or awarded contracts to safeguard mission-critical computer information from prying eyes.
The first week of the month saw DARPA's solicitation for the Compartmentalization and Privilege Management (CPM) project to find ways to safeguard the U.S. Department of Defense's vast collection of legacy software from today's most advanced computer hackers.
DARPA CPM seeks to develop a set of analysis tools, hardware, and software infrastructure automatically to segment large legacy software systems into performant limited-privilege fine-grained compartments that prevent initial penetrations of computer hackers from turning into successful cyber-attacks. The project involves automated compartmentalization, privilege enforcement, and evaluation support.
A successful cyber-attack typically involves a sequence that moves from initial system penetration to privilege escalation and lateral motion, to a full-scale cyber-attack, DARPA researchers explain.
Related: The essentials of trusted computing and cyber security
An initial penetration seeks to increase the attacker’s privilege level, and then and to enable lateral movement within the compromised system. Ultimately, the attacker’s goal is to use the unauthorized privileged access to locate and exfiltrate sensitive information or to disrupt normal operations.
Traditional defenses against cyber-attacks have focused on keeping an attacker out and eliminating exploitable bugs in code. The CPM program focuses instead on blocking privilege escalation and lateral movement -- even if there has been an initial penetration.
CPM technology will help military software engineers restructure a system into one that would prevent such campaigns from moving beyond their initial penetration.
Around the same time the U.S. Defense Logistics Agency Land and Maritime segment at Aberdeen Proving Ground, Md., awarded contracts to nine defense companies to help the U.S. Army solve potential problems caused by rapid modernization in command, control, computers, communications, cyber, intelligence, surveillance and reconnaissance (C5ISR) systems.
Each of the nine C5ISR Gateway to Sustainment (G2S) contractors will supply commercial and noncommercial items and services to support C5ISR projects of the U.S. Army Communications and Electronics Command (CECOM) at Aberdeen Proving Ground, Md.
This program is intended to solve and prevent potential problems during rapid modernization. Vendors will compete to sustain a system early in its life cycle, to include hardware, software, engineering, obsolescence mitigation, and depot partnering.
The G2S contractors are Amentum Services Inc. in Germantown, Md.; Science Applications International Corp. (SAIC) in Fairfield, N.J.; Centuria Corp. in Reston, Va.; STS International Inc. in Berkeley Springs, W.Va.; L3Harris Communications Systems-West in Salt Lake City; Micro USA Inc. in Poway, Calif.; Atlantic Diving Supply Inc. in Virginia Beach, Va.; Fairwinds Technologies LLC in Annapolis, Md.; and Telecommunications Systems Inc. in Annapolis, Md.
That same week the Air Force Research laboratory at Wright-Patterson Air Force Base, Ohio, issued a solicitation for the Radio Frequency (RF) Electronic Warfare (EW) Focused Laboratory Evaluations of Critical Technologies (REFLECT) program to find new ways to identify and mitigate vulnerabilities to avionics from cyber-attacks.
REFLECT also seeks to develop simulation capabilities necessary to develop advanced sensors and avionics technologies, develop agile electronics architecture, and expand emerging open-systems standards for military weapons. The goal is to explore new and emerging technologies related to fending-off cyber-attacks, cyber security, open system architectures, avionics, and sensors.REFLECT avionics involve manned, unmanned, autonomous, and remotely piloted vehicles; on-board intelligence, surveillance, and reconnaissance (ISR) systems; EW systems, and munitions. The focus in on advanced RF and digital EW simulations, threat models, sensor evaluations, and cutting-edge technology development in the RF domain.
The following week the Naval Information Warfare Center-Pacific in San Diego issued a broad agency announcement for the Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) program to outsmart computer hackers by using their psychological weaknesses against them.
ReSCIND seeks to develop cyber psychology-informed defenses that capitalize on an understanding of attacker's decision-making, human limitations, and cognitive biases to reduce attack effectiveness, and explore methods for manipulating attacker behavior during various phases of a cyber-attack.
Related: Trusted computing for national defense
Rather than just attempting to detect and stop suspicious movement on the network, the project will increase the effort and resources spent by cyber-attackers by influencing their decision-making.
The ReSCIND program seeks ways to identify cognitive vulnerabilities of cyber-attackers; induce changes in cyber-attack behavior; develop cyber psychology-informed defenses for early- and late-stage attacks; create models that predict attacker behavior; and produce adaptive psychology-informed defenses to automate psychology-informed defenses based on observed attacker behavior.
Finally this month, DARPA announced the Quantum Augmented Network (QuANET) project to develop a hybrid quantum-classical communication network to enable quantum enhancements to information security and covertness on today’s classical military networks.
The QuANET program seeks to augment existing software infrastructure and network protocols with quantum properties to mitigate some of the attack vectors that are pervasive on classical (non-quantum) networks.
The program will blend existing quantum communications into networks operating today in military and critical infrastructure. Quantum information must co-exist with classical information (quantum-classical interoperability).
