Developing Protection Strategies for Complex DoD Systems

Complex mission systems like swarms of UAVs are charged with important missions that keep our nation and warfighters safe from harm. Protecting these mission systems from cyber-attack is critically important.

Across the globe, complex mission systems like swarms of UAVs are charged with important missions that keep our nation and warfighters safe from harm. For example, swarms of UAVs are often used during search-and-rescue missions to extend the reach of ground-based search crews.

Because of the important roles they play, protecting mission systems from cyber-attack is critically important. However, this is not a simple task: the complex relationships between individual components of the system and the system itself can make defending them challenging. Moreover, current protection techniques are often reactionary, creating a “cat and mouse” paradigm that misses the bigger picture: system-wide protections.

Our Trusted and Resilient Systems experts collaborated with researchers from Brigham Young and Washington State Universities to show how a modeling framework can lead to protection strategies that make entire systems less vulnerable to attack.

The framework allows system engineers to model cyber-physical dynamics during the design phase. Understanding how a system is vulnerable at the beginning of the design process allows them to protect the system proactively, ultimately making it more secure and resilient.

By applying the framework to UAV swarm system, the researchers revealed critical vulnerabilities. When attackers compromise even a single member of a UAV swarm, they can learn the entire swarm’s position and velocity, track the system, and even locate each swarm member’s home base. This component’s compromise ripples through each member of the UAV swarm, often resulting in an incomplete or a failed mission.

Using the information gained from the framework, the researchers identified and applied a specific cryptographically secure computation technique to control information sharing without degrading operations. Since the compromised member of the swarm shared a limited amount of information with other members of the UAV swarm, the attacker could not significantly affect the remaining UAVs. The result was a successful mission.

Riverside Research presented this research at the SPIE Defense + Commercial Sensing Conference in April 2018.

Learn more about Riverside Research’s research in defense system cybersecurity at www.riversideresearch.org/what-we-do/research/trusted-resilient-systems