Want to know more about weapons systems cyber protection? There’s a webinar for that | #firefox | #chrome | #microsoftedge

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

More and more, the Defense Department’s weapons systems must be cyber resilient. Now there’s a publicly available webinar for science and engineering people that outlines what DoD calls its Cyber Resilient Weapon Systems Body of Knowledge. The webinar takes an hour to get through. Melinda Reed is director for resilient systems, in the office of the Undersecretary…

READ MORE

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

More and more, the Defense Department’s weapons systems must be cyber resilient. Now there’s a publicly available webinar for science and engineering people that outlines what DoD calls its Cyber Resilient Weapon Systems Body of Knowledge. The webinar takes an hour to get through. Melinda Reed is director for resilient systems, in the office of the Undersecretary of Defense for Research and Engineering. She talked with the Federal Drive with Tom Temin.

Interview transcript:

Melinda Reed: The engineering cyber resilient weapon systems body of knowledge was initiated in 2019 as a two year Defense Acquisition Workforce Development Account prototype project. And its purpose is to provide a resource of authoritative engineering best practices, methods, design patterns and standards to assist our science and technology managers and engineers across the department, industry and academia on approaches associated with implementing cybersecurity requirements in our DoD systems.

Tom Temin: Right. So is there a difference fundamentally between engineering in the cybersecurity for normal information technology systems, and for weapons systems, which maybe use different languages and have different requirements?

Melinda Reed: So I would say it a little differently, it’s more on how we talk about it. And it’s along the lines of those operational constraining environments, and where that technology is implemented, where those requirements are implemented, and making those thoughtful design trades so that we can appropriately implement and integrate those cybersecurity requirements to safeguard and protect our systems and the technology and the information that resides in them.

Tom Temin: Just to make an example, say a gun that’s aboard a naval ship is more than just a mechanical and chemical structure. There’s a lot of electronics that goes with it, there’s a lot of logistics that goes with it, that’s all embodied in the systems below the deck, so to speak, that you can’t see. That’s the type of system you’re talking about?

Melinda Reed: Yes, that’s right. That is a good example. And the ship itself or the aircraft, our partners are the military services, as well as they try to satisfy those cyber requirements. I would even say that we are already doing a lot of them. It’s understanding where those pieces fit in. And then what are those design patterns so that the engineering and science and technology community can have some very constructive conversations with our information, cyber community so that they can understand what are the right technology solutions for those cyber requirements that would fit in those systems. And where would be the best place to put them?

Tom Temin: Right. So in some sense, this is similar to the NIST publications, National Institute of Standards and Technology, but for a very specific class of system that exists only in the military?

Melinda Reed: Yes, that’s right. And I think one could almost equate it to some cyber physical systems, because we do have those same types of challenges and translation opportunities for our systems that we use even within our own homes. So leveraging and being able to talk about those maybe industrial control type systems, with our weapons system community, we have these added constraints and these additional environmental environments that the systems need to operate in and where those decisions to make those risks make the most sense.

Tom Temin: Sure, we’re speaking with Melinda Reed, she’s director for resilient systems in the Office of the Undersecretary of Defense for Research and Engineering. And let’s talk about the webinar now have created out of this body of knowledge, what was the purpose there? Or how does it get created and who should view it?

Melinda Reed: So the webinar’s a fantastic opportunity with the DAU because DAU has been our partner throughout this whole journey of the means by which we can educate and train our science and technology managers, and our engineers who have to critically think about implementing these requirements. The webinar provides that opportunity to share, to get that message out, to solicit input feedback on the materials within that CRWS-BoK of knowledge. And our partners also include industry. So industry has been a very, very good partner throughout all of this, and well as academia. So as part of that webinar, it helps us move that forward on that journey with our engineering community and many others who are interested in looking at the resources and the materials and thinking about implementing those requirements, which can be a challenge in these constraining environments that these systems again have to operate in.

Tom Temin: This would then be something useful not just to operators within DoD but also to kind tractors and subs, it sounds like.

Melinda Reed: Yes, absolutely, absolutely. That is our intent, when I know that or dauhave seen and industry has been very much a partner it through the National Defense Industry Association, helping us better understand where they are seeing some opportunities for us as a whole, to better inform where their challenges are. So we can strike the right balance in educating our own workforce. So they are seeing areas where we can strike a balance that helps better standardize the approaches that we’re using. So while we don’t have all of the solutions in there today, that is the goal that we’re working towards, is just increasing that standardization. And also, perhaps, if not being able to get a straight standardization, it’s more understanding where those differences might reside.

Tom Temin: Now, is there any danger in this being publicly available that some people that wish us ill could also view the same webinar?

Melinda Reed: So the CRWS-BoK of knowledge is purposely developed to be unclassified and public. And so there is no intention of putting anything in there that speaks directly to any of our weapons systems, but more to talk about the practices and the standards that are available publicly, we are not trying to recreate anything new, we are trying to ensure that our workforce, our industry has an understanding of what is the latest guidance, because I know that there is a lot of guidance out there. And some of it, even because we’re in this digital age, some of it is very old guidance. And so one of the other purposes of this CRWS-BoK of knowledge is to make sure that we’re using the current and latest authoritative sources. But the intent is to keep it at that policy guidance and standards. And not to go into any of the controlled unclassified information aspects of it.

Tom Temin: Right. No Stinger schematics in there available, I suppose.

Melinda Reed: No, no, absolutely not.

Tom Temin: And what’s the uptake been so far have a lot of people looked at it?

Melinda Reed: Yes, we have gotten huge user traffic. And each time that we go and do an outreach event, the traffic increases. And so with that traffic and with the individuals coming in, and using that CRWS-BoK, it also gives us opportunities to better understand what they are seeking. So we can build in and add in additional resources that they might be looking for. So it helps us to target where we should be focusing on resources that should be going in there. So it is a great opportunity for us to facilitate and educate and train our technical community and be able to translate and understand from the cyber side, how they can implement or what they can use to implement to meet those requirements.




Original Source by [author_name]

Leave a Reply

Your email address will not be published.

+ 51 = sixty