Dr Maybury - Mar 2012

Report
Headquarters U.S. Air Force
Cyber Vision 2025:
Air Force Cyber S&T Vision
tinyurl.com/cybervision
Dr. Mark T. Maybury
Chief Scientist
United States Air Force
14 March 2012
Distribution A. Approved for public release; distribution is unlimited. Public Release Case No 2012-XXX
I n t e g Distribution
r i t yA. Approved
- S eforrpublic
v irelease;
c edistribution
- E isxunlimited.
cellence
1
National Cyber Security
“We count on computer networks to deliver our oil and gas, our power and our
water. We rely on them for public transportation and air traffic control… But …
we've failed to invest in the security of our digital infrastructure “
President Barack Obama, 29 May 2009
“The most menacing foreign intelligence threats in the next two to three years
will involve cyber-enabled espionage … insider threats … and espionage by
China, Russia, and Iran.” Lt. Gen James Clapper, Jr. USAF (Ret), DNI, 31 Jan 2012
“On the global technology front, rapid advancement in communication has
spread knowledge around the world, leveling competition and causing us to
work harder to maintain U.S. advantages, making us more interdependent with
international partners.”
Michael Donley, Secretary of the Air Force, Nov 19, 2009
“We have certain industrial, design and engineering advantages, and if they are
surreptitiously obtained by others, it reduces those advantages.
Gen Norton A. Schwartz, Chief of Staff, USAF 27 Feb 2012
“Cyberspace superiority describes our mission to gain advantage in, from, and
through cyberspace at the times and places of our choosing, even when faced
with opposition.”
2
Gen William Shelton, AFSPC/CC, AFCEA Cyber Symposium, 7 Feb 2012
Distribution A. Approved for public release; distribution is unlimited.
Cyber Vision 2025
Terms of Reference

Background:
•
•


Need to forecast future threats, mitigate vulnerabilities, enhance the industrial base, and
develop the operational capabilities and cyber workforce necessary to assure cyber
advantage across all Air Force mission areas
An integrated, Air Force-wide, near-, medium- and far-term S&T vision to meet or exceed
AF cyber goals and, where possible, create revolutionary cyber capabilities to support
core Air Force missions
Key Stakeholders:
Approach
•
•
•
•
•

ideachampions.com
Air Staff, MAJCOMS, AFRL, 24th AF, ESC, ASC, SMC
Identify state of the art and best practices in government and private sector
Analyze current and forecasted capabilities, threats, vulnerabilities, and consequences
across core AF missions to identify critical S&T gaps
Articulate AF near (FY11-16), mid (FY16-20) and long (FY21-25) term S&T to fill gaps,
indicating where AF should lead, follow, or watch
Address cyber S&T across all Air Force core missions and functions (air, space, C4ISR)
comprehensively including policy as well as DOTMLPF considerations
Engage and partner (industry, academia, national labs, FFRDC, government)
Product:
Cyber S&T Vision to top 4 by 7/15/12 (Report 1/1/13)
DOTMLPF - Doctrine, Organization, Training, Materiel, Leadership and education, Personnel, and Facilities
Distribution A. Approved for public release; distribution is unlimited.
3
Rapidly changing and
ambiguous phenomena
and human behavior,
potentially competing
objectives
Stable systems and
environment; shared cyber
goals across organizations
Dynamic,
Real Time
Conflicting
Static
Uniform
Decision Making Environment
A Wicked Problem
Fluid, Evolving,
Contested,
Congested,
Competitive
Static,
Uncontested
System Behavior
Behavior is regular, well understood
and, to a large extent, predictable
Linear
Information
Systems
Relatively closed to the environment
Components not purposeful; exist only
as part of larger system
Complex
Cognitive
Systems
Social
Systems
Multiple actors
Can’t observe/understand all behavior
Do not necessarily follow predictable
rules of behavior; unintended
consequences
Interact with environment and evolve
Multiple stakeholders, increasing threat, increasing
complexity, greater uncertainty, rapid evolution
4
Distribution A. Approved for public release; distribution is unlimited. (SAF PA Case # 2011-0033)
A Perfect Storm
Internet Adoption >80% in 2010
Technology
Change
20k in 2004
Years
Threat
Complexity
286M+Threats in 2010
6 million probes/day in 2011
Connectivity
Foreign
Mobile Internet
Supply
Adoption
(>60% in 2010)
5.1k in 2010
Vulnerabilities
nvd.nist.gov
Cost Overruns
BS Production
(CS and CE)
11k in 2011
9k in 2009
-5% program managers
-12% production engineers Expert
-20% financial managers
<10%
Overruns in 1950s
Seconds
50K viruses in 2000
1998
2000
2002
2004
2006
2008
Distribution A. Approved for public release; distribution is unlimited.
2010
Staff
Response
Timelines
2012
DRAFT
Bold Responses
Autobahn
Eisenhower
Sputnik
Kennedy
1969
Bush/Obama
DRAFT
National
Cyber
security
Initiative
Distribution A. Approved for public release; distribution is unlimited.
6
DRAFT
Cyber S&T Vision
STRATEGY
REQUIREMENTS AND PLANS
MISSION FOCUS
MAJCOM
Requirements
Air Cyber
Space Cyber
Cyber Vision
United States Air Force
CyberS&T Vision
2011-2026
AF/ST TR 12-01
31 December 2012
Cyber
(C2, IT, Comms)
Independent
Senior
Expert
Review
C2ISR Cyber
Mission Support
(A1, AQ, A6,
M&S, Critical
Infrastructure)
Cross Cutting
Enabling S&T
RFIs, EXPERT SUMMITS
DRAFT
Distribution A. Approved for public release; distribution is unlimited.
7
Cyber Vision Team

Senior Governance Team (3*)
•

Key Senior Stakeholders
•

Dr. Mark Maybury (chair), Lt Gen Mike Basla (AFSPC/CV –> SAF/CIO A6), Lt Gen Janet
Wolfenbarger (SAF/AQ), Lt Gen William Lord (SAF/CIO A6), Lt Gen Larry James (AF/A2), Lt Gen
Chris Miller (AF/A8)
Lt Gen Charles Davis (ESC/CC, AFPEO C3I and Networks), Lt Gen Ellen Pawlikowski (SMC),
Maj Gen Ken Merchant (AAC), Lt Gen Thomas Owen (ASC), Lt Gen “Hawk” Carlisle (A3/5), Maj
Gen Neil McCasland (AFRL), Maj Gen Suzanne Vautrinot (24th AF), Maj Gen Mike Holmes (A3/5),
Dr. Steve Walker (AQR), Dr. Jackie Henningsen (A9), Lt Gen(Sel) John Hyten (AQS –>
AFSPC/CV), Maj Gen Robert Otto (AFISRA/CC), Maj Gen(Sel) Samuel Greaves (AFSPC/A8/9)
Cyber S&T Mission Area Study Leads
•
•
•
•
•
•
•
Air: Dr. Kamal Jabbour (AFRL/RI), Dr. Don Erbschloe (AMC), Mr. Bill Marion (ACC)
Space: Dr. Doug Beason (AFSPC), Col Brad Buxton (SMC) & Dr. Jim Riker (AFRL/RV)
Cyber: Dr. Rich Linderman (AFRL/RI), Dr. Doug Beason (AFSPC) & Mr. Arthur Wachdorf (24th)
C2ISR: Dr. Steven K. Rogers (AFRL/RY), Mr. Ron Mason (ESC), Mr. Stan Newberry (AFC2IC),
Dr. Chris Yeaw (AFGSC), B Gen Scott Bethel (AFISRA/CV), B Gen (S) John
Bansemer (AFISRA/CVA), DISL Keith Hoffman (NASIC), Dr. Rick Raines (CCR, AFCyTCoE)
Mission Support (Talent, Training, Acquisition, Infrastructure): Dr. Steve Walker (AQR), Maj
Gen Tom Andersen (LeMay Center), Mr. Mike Kretzer (688th), Dr. Nathaniel Davis (AFIT), BG
Dwyer Dennis (AFMC/A2/5)
Enabling Technology: Dr. Jennifer Ricklin (AFRL), Dr. Robert Bonneau (AFOSR)
8
Threat: Mr. Gary O’Connell
(NASIC),
Col
Hurley
(AF/A2DD)
Distribution
A. Approved
forMatthew
public release;
distribution
is unlimited.
DRAFT
Senior Independent Expert Review Group
(SIERG)
DRAFT
Air
Space
Cyber
C2ISR
Mission S&T, Threat,
Support and Overall
Prof Mark
Lewis, U.
Maryland
Dr. Mike
Yarymovych,
Sarasota Space
Prof Ed Feigenbaum,
Stanford
Gil Vega, DoE
Prof. Gene Spaffford, Purdue
Herb Lin, National Academy
Prof. Werner Dahm, ASU
Prof. Alex Levis, GMU
John Gilligan
Natalie
Crawford,
RAND
Dr. Rami
Razouk,
Aerospace
Dr. Paul Nielsen, CMU/SEI
Dr. Mark Zissman MIT LL
Harriet Goldman, MITRE
John Woodward, MITRE
Lee Short, JH-APL
Giorgio Bertoli,
Army
Konrad Vesey, IARPA
Stan Chincheck, NRL
Dr. Wen C. Masters,
ONR
Lt Gen George
Muellner (Ret)
USAF
Keith Hall, BAH
Gen Mike Hayden (Ret),
USAF
Lt Gen Ken Minihan (Ret)
USAF
RADM Will Metts, NSA/TAO
Paul Laugesen NSA/TAO
Dr Starnes Walker, Fltcyber,
Navy
VADM Mike McConnell,
(Ret) USN
Dr Ernest
McDuffie, CMU
Gen (Ret) Jim McCarthy,
USAFA
Dr. Peter Friedland
Prof Pat Winston, MIT
Lt Gen (Ret) Trey
Obering, USAF
David Honey, DNI
Dr. Steven King,
OSD(R&E) PSC
Jim Gosler,
Sandia
Lt Gen David Deptula,
(Ret) USAF
Robert Osborne,
NNSA
Matt Linton,
NASA ARC-IS
David Mountain, NSA
Dr. Yul Williams, NSA/CSS
TOC
Dr. Charles Romine, NIST
Lt Gen Ted Bowlds, (Ret)
USAF
Lt Gen Robert Elder,
(Ret) USAF
Former DNI
Former USAF
Chief Scientist
Former Director of NRO
Former Director NSA, DIA
DRAFT
Distribution A. Approved for public release; distribution is unlimited.
Evi Goldfield, NSF
Charles Bouldin, NSF
TBD OSTP
9
Key Events


















18-20 Jan – Preliminary Air-Cyber Mission Meeting – Edwards AFB
23 January – Threat Workshop (SCI), Washington, DC
(7-9 Feb, AFCEA Cyber Conf, Colorado Springs)
Air-cyber: 8 Feb (Scott AFB), 9 Feb (Langley)
8-9 Feb 24th AF/US Navy Cyber Tech Summit, Colorado Springs, CO
24 Feb – RFI Input Due (See www.tinyurl.com/cybervision)
29 Feb – 2 Mar – West Coast Industry Visit for team leads
5-9 March – AFOSR Computational Sciences Review, DC
12-13 March – Air Workshop, Langley
14-15 March – C2ISR Workshop, Langley
19-21 March – Space-Cyber, Cyber, S&T Workshops, AFSPC, Peterson AFB
22-23 March – AFA Cyber Futures Conference, Gaylord, DC
27 March - Mission Support Summit, DC
28 March - AF-DoE Cyber Summit, ORNL
29 March - DARPA Cyber PM Briefs to CV25 Mission Leads
TBD April – NSA/CYBERCOM Day, Ft Meade
10 April @SAFTAS- Senior Independent Expert Review Group – Slide Review
9 May @SAFTAS - Senior Independent Expert Review Group – Doc Review
Distribution A. Approved for public release; distribution is unlimited.
10
Elements of Contested Cyber
TARGETS
ATTACKS
Command and
Control
Insider attack,
unwitting behavior
Formation
EFFECTS
Sensor
Processing
Human Organization
Mission Layer
Data and policy
corruption
Code manipulation,
malware
Application Layer
OS/Network Layer
Worms, viruses,
flooding
Disinformation,
distraction, confusion
Disruption of C2,
behavior manipulation
Induced inaccuracies
and failures
Denial of service,
exfiltration
Life-cycle implants
of backdoors
HW/Systems Layer
Triggered malfunction,
performance loss
Physical destruction,
eavesdropping
Materials, Devices &
Comm. Links
Loss of
communication
Distribution A. Approved for public release; distribution is unlimited.
11
Partnership and Focus
COCOMs
Intelligence
Community
CYBERCOM
Army, Navy,
Marines
NSA, CIA, NRO,
FBI, IARPA
Land and
Maritime cyber
National
Labs
Federal
Research
DARPA, NSF,
FAA, OSTP, NASA
FFRDCs
Air, Space, C4ISR
Industry &
Consortia
(e.g., DIB Pilot)
Academia
Critical
Infrastructure
DHS, EPRI,
Utilities
Air Force will leverage cyber capabilities and investments of our
partners and focus S&T investment on Air Force missions
Distribution A. Approved for public release; distribution is unlimited.
12
DRAFT
Principles & Practices


Principles
• Least Privilege (e.g., white listing, discretionary access control)
• Balance of power (e.g., distribution of authority, peer review, two person rule)
• Minimization – limit attack surface, limit dependencies, reduce capability to essentials
• Simplification – Pursue only necessary complexity
• Resiliency (flexibility, rapid reconstitution, active defense), Robustness (e.g.,
redundancy), and Readiness (e.g., intel/situational awareness, training)
• Diversity
• Speed (responsiveness) , Agility, and Evolvability
• Balance (Offense/defense, human creativity and machine intelligence, confidence/control)
• Cost and efficiency
Practices
• Systems, e.g., redundancy, diversity, roots of trust (hardware and software, supply chain)
• Architectures, e.g., loose couplers (avoid brittleness)
• Acquisition, e.g., clear/focused requirements, early/continual user/test involvement, early
prototyping and rapid cycles for evolution, modular/open standards, model driven archs
• Information, e.g., chain of custody, encryption at rest/in motion
• Operations, e.g., fractionated authority, cyber hygiene
• People, e.g., accessions, education and training, deep experience
DRAFT
Distribution A. Approved for public release; distribution is unlimited.
13
DRAFT
AF Cyber S&T Vision
“Assured cyber advantage
across air, space, cyber, C2ISR, and mission support”





Assured – Ensured operations in congested, competitive,
contested, and denied environments in spite of increased
dependencies, vulnerabilities, and threats
Cyber – its defense, exploitation, operation
Advantage – we seek a speed, agility, and effectiveness
edge over our adversaries to ensure operational
dominance
Across – we require superiority within and across
Air, space, cyber, C2ISR, mission support – we require
full spectrum cyber solutions
DRAFT
Distribution A. Approved for public release; distribution is unlimited.
14
AF Core Mission
Prioritized S&T Roles



DRAFT
Technology Leader – Creates or invents novel
technologies through research, development and
demonstration. Key S&T for core Air Force Title 10
missions and associated platforms with few or no
other investors outside of the Air Force, e.g., IADS
Fast Follower – Rapidly adopts, adapts or accelerates
technologies originating from external leading
organizations, e.g., hardening DoE’s microgrids
Technology Watcher – Uses and leverages others S&T
investments for non core missions, e.g., generic IT
DRAFT
Distribution A. Approved for public release; distribution is unlimited.
15
BACKUP Slides
Distribution A. Approved for public release; distribution is unlimited.
16
What is Out of Scope?

In:
•
•
•

Cyber exploitation, defense, operations
Cyber security of communications, data links, power
OSD (R&E) Priority Steering Committees – Cyber, Data to
Decisions, Autonomy and cyber aspects of Human Systems
and Resilient Systems Engineering (but not Countering WMD,
EW/EP)
Out:
• Commodity commercial IT infrastructure and communications
• Spectrum allocation and/or management – except for
application to use of cyber methods for spectrum protection
• Electronic warfare
• Directed energy - lasers or high power microwave for sensing
or communication
Distribution A. Approved for public release; distribution is unlimited.
17




Increasing % of mission
systems software (air,
space, cyber, C2ISR)
Large (10s of millions
SLOC) and complex (dependencies)
Acquisition difficult 46% over budget (by
47%) or late (by 72%);
Successful projects
have 68%
specifications
Scarce Talent
% Functionality in
Software
Software Challenges
100
80
60
40
20
0
Distribution A. Approved for public release; distribution is unlimited.
Source: SEI, LM
18
Cyber Trends
(top500.org)

Bigger: HPC: Petascale to exascale
•








Programmable, performance (peta to exa), green
Smaller: Nanoelectronics (e.g., nanowires, memristers)
Diverse: Clusters, clouds, GPUs, FPGAs
Embedded: 4.5M LOC in F-35, 90% of functionality
More contested and dangerous: Advanced threat,
insider threat, supply chain
More competitive: global hardware, software, talent
More complex: Interconnected
Greener: infrastructure and algorithms
Less US talent: STEM Challenge
Distribution A. Approved for public release; distribution is unlimited.
Source: www.dodlive.mil
DoD Cyberspace Strategy
DEPARTMENT OF DEFENSE STRATEGY
FOR OPERATING IN CYBERSPACE
Treat as an Operational Domain
Employ New Defense Operating Concepts
Partner with Public and Private Sectors
Build International Partnerships
Leverage Talent and Innovation
Source: DoD Strategy for Operating in Cyberspace, May 2011
Distribution A. Approved for public release; distribution is unlimited.
Cyber JCTDs






Non Persistent Desktop Browser (NPDB)
Protection and Operation of IP Secure Network Terrain (POINT)
DISA Mission Assurance Decision Support System (MADSS)
Computer Adaptive network Defense in Depth (CANDID)
Smart Power Infrastructure Demo for Energy Security and
Reliability (SPIDERS)
Cross Domain Collaboration Information (CDCIE)
Distribution A. Approved for public release; distribution is unlimited.
21
Executable Lines of Code in
Mission Systems
Sources: CARD Data, SEI, CSIS Analysis. Fig 7 from 2009 DSB TF on IT Acquisition
Distribution A. Approved for public release; distribution is unlimited.
22
Adoption Acceleration
Source: http://visualecon.wpengine.netdna-cdn.com/wp-content/uploads/2008/02/history-of-products.gif
See also: http://www.karlhartig.com/chart/techhouse.pdf
Distribution A. Approved for public release; distribution is unlimited.
23

similar documents