The US military is changing its philosophy, approach, and technologies used for warfare. In the process of achieving
this vision for high-speed, highly mobile warfare, there are a number of issues that must be addressed and solved;
issues that are not addressed by commercial systems because Department of Defense (DoD) Information Technology
(IT) systems operate in an environment different from the commercial world. The differences arise from the differences
in the scope and skill used in attacks upon DoD systems, the interdependencies between DoD software systems used for
network centric warfare (NCW), and the need to rely upon commercial software components in virtually every DoD
system. As a result, while NCW promises more effective and efficient means for employing DoD resources, it also
increases the vulnerability and allure of DoD systems to cyber attack. A further challenge arises due to the rapid
changes in software and information assurance (IA) requirements and technologies over the course of a project.
Therefore, the four challenges that must be addressed are determining how to specify the information assurance
requirements for a DoD system, minimizing changes to commercial software, incorporation of new system and IA
requirements in a timely manner with minimal impact, and insuring that the interdependencies between systems do not
result in cyber attack vulnerabilities. In this paper, we address all four issues.
In addition to addressing the four challenges outlined above, the interdependencies and interconnections between
systems indicate that the IA requirements for a system must consider two important facets of a system's IA defensive
capabilities. The facets are the types of IA attacks that the system must repel and the ability of a system to insure that
any IA attack that penetrates the system is contained within the system and does not spread. The IA requirements
should be derived from threat assessments for the system as well as for the need to address the four requirements
challenges outlined above. To address these issues, we developed a system architecture and acquisition approach
designed to separate the system's IA capabilities requirements and development from the other system capability
requirements; thereby, allowing the IA capabilities to be developed rapidly and assessed separately from the other
system capabilities. Simulation environments and technologies allow us to test and evaluate solutions to the issues
while also insuring that the system being tested and the solution are not exposed to real-world threats.
|