MIL-1553 Cybersecurity Training | Cybersecurity Test and Evaluation
There has been growing concerns about how to apply cybersecurity to the MIL-1553 bus, especially in light of the need to satisfy the Risk Management Framework (RMF).
MIL-1553 is a military standard that defines mechanical, electrical, and operating characteristics of a serial data communication bus for the U.S. Department of Defense. The RMF sets standards developed by the National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland, for the assessment and authorization of mission systems.
The U.S. military often relies on RMF to ensure that U.S. military systems go through sufficient cybersecurity scrutiny to operate securely on U.S. military networks. Because the RMF process applies to many different types of systems — from enterprise to small embedded systems — there are many possible controls that systems designers must analyze and document that may not apply to embedded systems.
MIL-1553 was released by the U.S. Department of Defense before the advent of modern cyber warfare, and lacks many of the tools that secure modern networks. More recently it was identified as a potential danger that adversaries could leverage to compromise equipment and spread malicious software across a system.
The bus was designed with a great focus on reliability, responsiveness, and fault tolerance. However, its security aspects were an afterthought. The MIL-1553 bus was found to be vulnerable to many attacks that could seriously damage the entire system.
The problem was that rebuilding the security of the MIL-STD-1553 from scratch was cost-prohibitive and a very complex, not scalable, and inflexible approach.
Adding cybersecurity to MIL-1553 has been challenging. Fortunately, technology is coming through again. Now a plug-and-play device exists that detects and alleviates cybersecurity threats through continual monitoring and protection of equipment.
Also, new components were introduced to support artificial intelligence/machine learning (AI/ML) algorithms. These algorithms provide anomaly and intrusion detection, logging, warning, and possible mitigation.
Another approach introduces new hardware modules running cyber software applications, either in a distributed or centralized manner, to act as traffic cops for each subsystem.
MIL-1553 Cybersecurity Training | Cybersecurity Test and Evaluation
MIL-1553 Cybersecurity Training, Cybersecurity Test and Evaluation, is a 2-day training course address MIL-1553 cybersecurity issues.
MIL-1553 Cybersecurity Test and Evaluation (T&E) training will introduce a set of workshops and group activities of real world case studies in order to prepare you to tackle the entire related RMF challenges applied to MIL-1553 capable platforms and systems..
Audience
MIL-1553 Cybersecurity training is a 2-day course designed for:
- Program and product managers
- Requirements and DoD personnel
- System Engineers
- DoD IT personnel
- IT professionals in the DoD organizations
- Airforce and Military Personnel in charge of cybersecurity
- DoD employees and contractors or service providers
- All DoD personnel in charge of information assurance
- Authorizing official representatives, chief information officers, senior information assurance officers, information system owners or certifying authorities
- Employees of federal agencies and the intelligence community
- Assessors, assessment team members, auditors, inspectors or program managers of information technology area
- Any individual looking for information assurance implementation for a company based on recent DoD and NIST policies
- Information system owners, information owners, business owners, and information system security managers
Learning Objectives
Upon completion of the Cybersecurity Test and Evaluation (T&E) training course, the attendees are able to:
- Learn the cybersecurity issues related to MIL-1553 system vulnerabilities, importance of data protection and approaches for cyber management
- Learn about the concept of MIL-1553 Test and Evaluation (T&E) for cybersecurity systems
- Explain T&E processes and be able to implement MIL-1553 T&E
- Explain testing considerations and challenges for MIL-1553 systems and platforms
- Apply Risk Management Framework (RMF) to MIL-1553 systems
- Exploit the MIL-STD-1553 avionic data bus with an active cyber device
Course Outline
Executive Overview of MIL-STD-1553
- Introduction to MIL-1553
- MIL-1553 Data bus Overview
- MIL-1553 Platforms
- MIL-1553 Protocol
- Connecting the Bus
- MIL-1553 System, Software and Firmware Design
- MIL-1553 Cybersecurity Testing and Evaluation (T&E) Procedures
MIL-1553 Security
- MIL-1553 Network and System Security
- Security Definitions
- Equipment originating or terminating classified plain text language
- Wirelines, equipment, and the interconnecting lines
- Wirelines, components, equipment, and systems
- Encrypted or unclassified signals
- Electrical circuits components, equipment, systems
- Classified plain language data in electrical form
- Investigations and studies of compromising emanations
- TEMPEST
- System Security Policy
- MIL-STD-1553 design (system, hardware, and software)
- Operational, maintenance, and logistic
- Security policy of the aircraft, ship, or system
MIL-1553 Advanced Network System Security
- Cyber security and cyber war analysis of multiplex data bus networks to military aircraft systems, aircraft carriers and smart weapons
- Classification of data across MIL-STD-1553
- Maintenance of data security within this integrated MIL-1553-STD avionics system for both flight and ground operations
- RED, BLACK, and RED/BLACK designation of MIL-STD-1553
- TEMPEST tests, TEMPEST inspections and TEMPEST control plan
- MIL-STD-1553 System Security Policy
- MIL-STD-1553 System Security Architecture
- Compromising emanations (i.e., TEMPEST)
- Encryption and Ciphering
- Trusted message routing and control across MIL-STD-1553 bus
- All BLACK bus – No RED data or RED data processor
- ALL RED bus
- RED/BLACK Gateway
- RED/BLACK Composite
- TEMPEST Design
- Hybrid MIL-STD-1553 and Link 16 Cyber Security Analysis
- MIL-STD-1760 Interconnect Standard for Aircraft Stores
- MIL-1553-B/C Signals in MIL-1760A/B/C/D/E
- MIL-1553 and MIL-1760 Analysis
- Application of NACSIM-5100 and NACSIM-5112 for U.S. Military Systems
- Encryption Designs
- Cryptographic key management, coordination, distribution, and zeroize techniques, circuitry and software
- Synchronization and timing protocols
- Encryption alarm and alarm check techniques
- Trusted Message Routing and Control Design
- Store Station Utilizing Primary Signal Set
MIL-1553 Test and Evaluation
- Introduction to Test and Evaluation (T&E)
- Defense Systems Acquisition Process
- T&E and SE Processes
- Scientific Test and Analysis Techniques (STAT)
- Evaluation Process
- Distinction between Issues and Criteria
- MOEs
- Evaluation Planning
- Evaluating Developmental and Operational Tests
Cybersecurity Risk Management Framework (RMF) Applied to MIL-1553
- Cybersecurity Procedures Overview
- RMF Phases
- RMF Artifacts
- RMF Phase 1: Categorizing the Information and Information Systems
- RMF Phase 2: Selecting Security Control
- RMF Phase 3: Implementing Security Control
- RMF Phase 4: Assessing Security Control
- RMF Phase 5: Authorizing the Information System
- RMF Phase 6: Monitoring Security Controls
Hands On, Workshops, and Group Activities
- Workshops
- Group Activities
Sample Workshops and Labs for Cybersecurity Test and Evaluation Training
- MIL-1553 Vulnerability Identification Case Study
- MIL-1553 Developmental Test and Evaluation (DT&E) Case Study
- RMF Procedures Hands On based on NIST SP
- Vulnerability Analysis for MIL-1553 Systems
- OT&E Case Study
- MIL-1553 Attack Surface Analysis
- Incident Response Experiment
MIL-1553 Cybersecurity Training | Cybersecurity Test and Evaluation