Cyber Defense
Pentagon, industry pursue increased data bus security
The Pentagon and industry are seeking to better protect and modernize MilSTD 1553 data bus cybersecurity and more quickly detect and defend against malicious intrusions.
Decision Zone, a private company, has engineered a new data bus security technology, which the company claims solves this problem. They are now in the process of offering the technology to the U.S. military services.
The thrust of the technology, called dzAudit, is a real-time message bus monitoring of business logic, known as established sequences and data exchanges that pass information to issue commands and perform various functions.
The Pentagon has been working with various vendors for quite some time to address data bus vulnerability, as evidenced by a memorandum last year from the Michael Gilmore, then Director, Operational Test and Evaluation at DOD.
The memo states: “Aircraft using military standard (MilSTD) 1553 data buses or commercial equivalents (such as Aeronautical Radio INC 429 as well as 700 and 800 series high speed avionics data buses), and vehicles using both MilSTD 1553 and commercial Controller Area Network bus protocols are potentially vulnerable to cyberattacks via code and data inserted across these communications protocols.”
Many networks, weapons systems and sensors increasingly rely upon data bus technology, which both massively improves functionality and simultaneously increases the need to fortify cyber defenses as attacks run the risk of having a larger impact.
In the case of a sensitive and crucial weapons system such as an ICBM database, business logic would establish procedures and functions moving the weapon’s platform from one stage of a launch to another. For instance, an initial command might be turning on a booster, activating command and control and then ultimately directing a launch.
“An ICBM has a lot of coding and databases,” said Rajeev Bhargava, CEO, Decision Zone.
Data analytics gathers information and monitors data bus activity for a period of time before cyber defenders can access the information. Faster detection, naturally, could expedite cyber defenses and needed reaction time.
“Data bus integration allows all the different modules to talk to each other. Someone could hack into that message bus and change direction, create specific dangerous actions or change course. Currently there is no technology to monitor business logic on message bus,” Bhargava said.
This technique allowed the Iranians to hack a GPS signal and take over control of a drone, experts and analysts maintain. That event generated worldwide attention several months ago, Bhargava explained.
from All Articles and Blogs http://ift.tt/2u7PGfA
via Defens News
No comments: