Download
slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber Vision 2025: Air Force Cyber ST Vision PowerPoint Presentation
Download Presentation
Cyber Vision 2025: Air Force Cyber ST Vision

Cyber Vision 2025: Air Force Cyber ST Vision

1269 Vues Download Presentation
Télécharger la présentation

Cyber Vision 2025: Air Force Cyber ST Vision

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

    1. 1 Perhaps the most fundamental center of gravity for our nation and military, cyber and the missions it supports are under constant attack. We need S&T to enhance our readiness, resiliency, and robustness. This requires clarity in our S&T to enable cyber superiority. Vision: The Assured Cyber Advantage in air, space, cyber, and C2ISR enabled by superior mission support. Objective: This study will articulate the near, mid, and far-term S&T vision for Air Force cyber indicating where the AF will lead, follow, and watch, in partnership with others. The dogmas of the quiet past are inadequate to the stormy present. The occasion is piled high with difficulty, and we must rise with the occasion. As our case is new, so must we think anew and act anew. -- Abraham Lincoln, 1862 Perhaps the most fundamental center of gravity for our nation and military, cyber and the missions it supports are under constant attack. We need S&T to enhance our readiness, resiliency, and robustness. This requires clarity in our S&T to enable cyber superiority. Vision: The Assured Cyber Advantage in air, space, cyber, and C2ISR enabled by superior mission support. Objective: This study will articulate the near, mid, and far-term S&T vision for Air Force cyber indicating where the AF will lead, follow, and watch, in partnership with others. The dogmas of the quiet past are inadequate to the stormy present. The occasion is piled high with difficulty, and we must rise with the occasion. As our case is new, so must we think anew and act anew. -- Abraham Lincoln, 1862

    2. National Cyber Security We count on computer networks to deliver our oil and gas, our power and our water. We rely on them for public transportation and air traffic control But we've failed to invest in the security of our digital infrastructure President Barack Obama, 29 May 2009 The most menacing foreign intelligence threats in the next two to three years will involve cyber-enabled espionage insider threats and espionage by China, Russia, and Iran. Lt. Gen James Clapper, Jr. USAF (Ret), DNI, 31 Jan 2012 On the global technology front, rapid advancement in communication has spread knowledge around the world, leveling competition and causing us to work harder to maintain U.S. advantages, making us more interdependent with international partners. Michael Donley, Secretary of the Air Force, Nov 19, 2009 We have certain industrial, design and engineering advantages, and if they are surreptitiously obtained by others, it reduces those advantages. Gen Norton A. Schwartz, Chief of Staff, USAF 27 Feb 2012 Cyberspace superiority describes our mission to gain advantage in, from, and through cyberspace at the times and places of our choosing, even when faced with opposition. Gen William Shelton, AFSPC/CC, AFCEA Cyber Symposium, 7 Feb 2012 2 The national security of the United States, our economic prosperity, and the daily functioning of our govern16 ment are dependent on a dynamic public and private information infrastructure, which includes tele-com18 munications, computer networks and systems, and the information residing within. This critical infra20 structure is severely threatened. . . . We cannot protect cyberspace without a coordinated and collaborative effort that incorporates both the US private sector and our international partners. - February 2, 2010, DNI Admiral Dennis C. Blair, testimony before the Select Committee on Intelligence of the Senate regarding the Annual Threat Assessment of the U.S. Intelligence Community Those who disrupt the free flow of information in our society, or any other, pose a threat to our econ3 omy, our government, and our civil society. Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an Internet-connected world, an attack on one nations networks can be an attack on all. And by reinforcing that message, we can create norms of behavior among states and encourage respect for the global networked commons. - January 2010, speech on Internet freedom, Secretary of State Hillary Clinton November 2011 is 10th anniversary of the Convention on Cybercrime, the only multilateral agreement on cybercrime, to which the Senate provided advice and consent on August 3, 2006, and is currently ratified by over 30 countries. Gen. Martin Dempsey , The Pentagon, Washington, D.C. Tuesday, October 18, 2011 "So, let me make this point up front: improving our energy security directly translates to improving our national security" "But to enhance our energy security, we must look beyond vulnerabilities and instead, focus on and view energy as an opportunity" "Because fundamentally we know that saving energy saves lives" "Today Americans are more energy conscious in our homes and at work and so too are we in our military. But, we can and must do even better particularly in pushing progress out to the field, to the flightline and into the fleet." "Todays warfighters require more energy than at any time in the past and that requirement is not likely to decline." "During World War II, supporting one soldier on the battlefield took one gallon of fuel per day. Today, we use over 22 gallons per day, per soldier. Were also more expeditionary than ever. These energy needs require a vast yet vulnerable supply chain that our enemies target." The national security of the United States, our economic prosperity, and the daily functioning of our govern16 ment are dependent on a dynamic public and private information infrastructure, which includes tele-com18 munications, computer networks and systems, and the information residing within. This critical infra20 structure is severely threatened. . . . We cannot protect cyberspace without a coordinated and collaborative effort that incorporates both the US private sector and our international partners. - February 2, 2010, DNI Admiral Dennis C. Blair, testimony before the Select Committee on Intelligence of the Senate regarding the Annual Threat Assessment of the U.S. Intelligence Community Those who disrupt the free flow of information in our society, or any other, pose a threat to our econ3 omy, our government, and our civil society. Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an Internet-connected world, an attack on one nations networks can be an attack on all. And by reinforcing that message, we can create norms of behavior among states and encourage respect for the global networked commons. - January 2010, speech on Internet freedom, Secretary of State Hillary Clinton November 2011 is 10th anniversary of the Convention on Cybercrime, the only multilateral agreement on cybercrime, to which the Senate provided advice and consent on August 3, 2006, and is currently ratified by over 30 countries. Gen. Martin Dempsey , The Pentagon, Washington, D.C. Tuesday, October 18, 2011 "So, let me make this point up front: improving our energy security directly translates to improving our national security" "But to enhance our energy security, we must look beyond vulnerabilities and instead, focus on and view energy as an opportunity" "Because fundamentally we know that saving energy saves lives" "Today Americans are more energy conscious in our homes and at work and so too are we in our military. But, we can and must do even better particularly in pushing progress out to the field, to the flightline and into the fleet." "Todays warfighters require more energy than at any time in the past and that requirement is not likely to decline." "During World War II, supporting one soldier on the battlefield took one gallon of fuel per day. Today, we use over 22 gallons per day, per soldier. Were also more expeditionary than ever. These energy needs require a vast yet vulnerable supply chain that our enemies target."

    3. Cyber Vision 2025 Terms of Reference Background: Need to forecast future threats, mitigate vulnerabilities, enhance the industrial base, and develop the operational capabilities and cyber workforce necessary to assure cyber advantage across all Air Force mission areas An integrated, Air Force-wide, near-, medium- and far-term S&T vision to meet or exceed AF cyber goals and, where possible, create revolutionary cyber capabilities to support core Air Force missions Key Stakeholders: Air Staff, MAJCOMS, AFRL, 24th AF, ESC, ASC, SMC Approach Identify state of the art and best practices in government and private sector Analyze current and forecasted capabilities, threats, vulnerabilities, and consequences across core AF missions to identify critical S&T gaps Articulate AF near (FY11-16), mid (FY16-20) and long (FY21-25) term S&T to fill gaps, indicating where AF should lead, follow, or watch Address cyber S&T across all Air Force core missions and functions (air, space, C4ISR) comprehensively including policy as well as DOTMLPF considerations Engage and partner (industry, academia, national labs, FFRDC, government) Product: Cyber S&T Vision to top 4 by 7/15/12 (Report 1/1/13) 3

    4. A Wicked Problem 4

    5. A Perfect Storm Explanation of Curves For some variables (e.g., technology, connectivity) ideally we would include defense vs. industry curves, however, we include only one to enhance the clarity of the graph. Terms: By IT we include both computing hardware and software (and telecom?) We have increasing: Technology Change: IT Patent Growth Rate (www.uspto.gov) % of patents awarded to foreigners from 44% in 1998 to 49% in 2008, and 51% in 2010. http://www.uspto.gov/web/offices/ac/ido/oeip/taf/us_stat.htm 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 Connectivity: Growth in telecom, internet and cross domain growth. (http://en.wikipedia.org/wiki/Internet_traffic) Internet traffic increased from 0.001 PB/Month in 1990 to 14,984 PB/Month in 2010. Complexity: For example commercial operating systems have grown to 50M LOC (See Figure 5 in http://www.nap.edu/catalog.php?record_id=11587). F22 > 2M LOC. Boeing 777 has 4M LOC. Aegis 5M LOC with 1.8M (36%) growth for DDG 1000. FA18 10M LOC going to 20M in JSF. System Complexity: Barry Boehm statistics about the size and complexity of has on software intensive systems of systems (SISOS) (http://www.stsc.hill.af.mil/crosstalk/2006/05/0605boehmlane.html) 10-100M LOC; 30-300 external interfaces; 2-200 suppliers; 6-12 hierarchical levels of suppliers (primes and subs); 20-200 coordination groups (IPTs). See also Measuring Architectural Complexity by Grady Booch, IEEE Software 2008 which recommends SLOC. Vulnerabilities: 12 new vulnerabilities per day reported in cve.mitre.org. Trends are all increasing: 2005 2004 2003 2002 2001 CERT/CC 5,990 3,780 3,784 4,129 2,437 NVD 4,584 2,340 1,248 1,943 1,672 OSVDB 7,187 4,629 2,632 2,184 1,656 Symantec 3,766 2,691 2,676 2,604 1,472 Sources: Computer Emergency Response Team Coordination Center (CERT/CC), National Vulnerability Database, Open-Source Vulnerability Database, and the Symantec Vulnerability Database Year 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998 # of NVD Vulns 3533 6691 6621 4933 2457 1537 2163 1677 1020 894 246 From http://cve.mitre.org/: CVE 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 1573 1236 1566 2425 1592 2770 4887 7246 6744 7303 5103 5075 4768 As of January 2011, NVD contains 44993 CVE vulnerabilities, 11 pr day. Team evaluates over 6k vulnerabilities/year. 211 US-CERT Alerts, 2448 US-CERT Vulnerability notes. As of 12 Dec 2011, NVD contains 48790 CVE Vulnerabilities (7 per day), 220 Checklists, 221 US-CERT Alerts, 2556 US-CERT Vuln Notes, 6908 OVAL Queries, 36862 CPE Names Foreign Supply: Primary sources of IT offshoring are India, Russia, and China; http://www.marketresearch.com/Technology-Media-c1599/ http://www.iima.org/CIIMA/CIIMA%2520V3%2520N1%25203%2520Crow.pdf&sa=U&ei=ZzHmTqXYN8fq0gGi88z0BQ&ved=0CBIQFjAB&usg=AFQjCNGZyNI2y-Whe0bbhDxcWKVRYLO1tQ http://www.dni.gov/nic/NIC_globaltrend2015.html#contents Cost growth: Software cost can comprise as much as 90 percent of some programs, Maintenance 70% of life cycle costs. https://acc.dau.mil/CommunityBrowser.aspx?id=24374&lang=en-US GAO reports increases in cost overruns Threat: Increasing volume (50->5,000 per week) and sophistication (e.g., spearphishing) adversary attacks . In 1998 the number of viruses was approximately 20K, in 2000 it was about 50K. Now it is over 1million in 2008. http://www.symantec.com/business/threatreport/ Time to market: Systems used to take a years to build and now because of complexity and bureaucracy acquisitions can take decades (e.g., satellite constellation). Internet Adoption: http://kpcb.com/insights/internet-trends-2011 growing mobile internet usage (Smartphones) [Is this a good source?] Pandasecurity.com - Malware viruses variants expanded from 14 to 16 million from 2008 to 2010 While at the same time we have decreasing: US Computing Graduates: Data from Computing Research Association (www.cra.org/wp/index.php?p=139) annual report which shows US Computing Graduates dropped from 14 to 8 thousand per year between 2004 and 2007. Jumped to 8k enrolled CS in 2010 (see www.cra.org/uploads/documents/resources/taulbee/CRA-Taulbee-PR-2010-Final.pdf) http://www.cra.org/resources/taulbee/ Expert Staff: Between 2002-2005, decreases in program managers (-5%), production engineers (-12%) and financial managers (-20%) whereas the test and evaluation workforce grew by 40% (Defense Acquisition Performance Assessment Report, Jan 2006) System Response Times cyberattacks on IT systems used to be lengthy planned out attacks but automated scanning, analysis, and global sharing of attack vectors makes attack cycles in the minutes and seconds Explanation of Curves For some variables (e.g., technology, connectivity) ideally we would include defense vs. industry curves, however, we include only one to enhance the clarity of the graph. Terms: By IT we include both computing hardware and software (and telecom?) We have increasing: Technology Change: IT Patent Growth Rate (www.uspto.gov) % of patents awarded to foreigners from 44% in 1998 to 49% in 2008, and 51% in 2010. http://www.uspto.gov/web/offices/ac/ido/oeip/taf/us_stat.htm 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 Connectivity: Growth in telecom, internet and cross domain growth. (http://en.wikipedia.org/wiki/Internet_traffic) Internet traffic increased from 0.001 PB/Month in 1990 to 14,984 PB/Month in 2010. Complexity: For example commercial operating systems have grown to 50M LOC (See Figure 5 in http://www.nap.edu/catalog.php?record_id=11587). F22 > 2M LOC. Boeing 777 has 4M LOC. Aegis 5M LOC with 1.8M (36%) growth for DDG 1000. FA18 10M LOC going to 20M in JSF. System Complexity: Barry Boehm statistics about the size and complexity of has on software intensive systems of systems (SISOS) (http://www.stsc.hill.af.mil/crosstalk/2006/05/0605boehmlane.html) 10-100M LOC; 30-300 external interfaces; 2-200 suppliers; 6-12 hierarchical levels of suppliers (primes and subs); 20-200 coordination groups (IPTs). See also Measuring Architectural Complexity by Grady Booch, IEEE Software 2008 which recommends SLOC. Vulnerabilities: 12 new vulnerabilities per day reported in cve.mitre.org. Trends are all increasing: 2005 2004 2003 2002 2001 CERT/CC 5,990 3,780 3,784 4,129 2,437 NVD 4,584 2,340 1,248 1,943 1,672 OSVDB 7,187 4,629 2,632 2,184 1,656 Symantec 3,766 2,691 2,676 2,604 1,472 Sources: Computer Emergency Response Team Coordination Center (CERT/CC), National Vulnerability Database, Open-Source Vulnerability Database, and the Symantec Vulnerability DatabaseYear 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998 # of NVD Vulns 3533 6691 6621 4933 2457 1537 2163 1677 1020 894 246 From http://cve.mitre.org/: CVE 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 1573 1236 1566 2425 1592 2770 4887 7246 6744 7303 5103 5075 4768 As of January 2011, NVD contains 44993 CVE vulnerabilities, 11 pr day. Team evaluates over 6k vulnerabilities/year. 211 US-CERT Alerts, 2448 US-CERT Vulnerability notes. As of 12 Dec 2011, NVD contains 48790 CVE Vulnerabilities (7 per day), 220 Checklists, 221 US-CERT Alerts, 2556 US-CERT Vuln Notes, 6908 OVAL Queries, 36862 CPE Names Foreign Supply: Primary sources of IT offshoring are India, Russia, and China; http://www.marketresearch.com/Technology-Media-c1599/ http://www.iima.org/CIIMA/CIIMA%2520V3%2520N1%25203%2520Crow.pdf&sa=U&ei=ZzHmTqXYN8fq0gGi88z0BQ&ved=0CBIQFjAB&usg=AFQjCNGZyNI2y-Whe0bbhDxcWKVRYLO1tQ http://www.dni.gov/nic/NIC_globaltrend2015.html#contents Cost growth: Software cost can comprise as much as 90 percent of some programs, Maintenance 70% of life cycle costs. https://acc.dau.mil/CommunityBrowser.aspx?id=24374&lang=en-US GAO reports increases in cost overruns Threat: Increasing volume (50->5,000 per week) and sophistication (e.g., spearphishing) adversary attacks . In 1998 the number of viruses was approximately 20K, in 2000 it was about 50K. Now it is over 1million in 2008. http://www.symantec.com/business/threatreport/ Time to market: Systems used to take a years to build and now because of complexity and bureaucracy acquisitions can take decades (e.g., satellite constellation). Internet Adoption: http://kpcb.com/insights/internet-trends-2011 growing mobile internet usage (Smartphones) [Is this a good source?] Pandasecurity.com - Malware viruses variants expanded from 14 to 16 million from 2008 to 2010 While at the same time we have decreasing: US Computing Graduates: Data from Computing Research Association (www.cra.org/wp/index.php?p=139) annual report which shows US Computing Graduates dropped from 14 to 8 thousand per year between 2004 and 2007. Jumped to 8k enrolled CS in 2010 (see www.cra.org/uploads/documents/resources/taulbee/CRA-Taulbee-PR-2010-Final.pdf) http://www.cra.org/resources/taulbee/ Expert Staff: Between 2002-2005, decreases in program managers (-5%), production engineers (-12%) and financial managers (-20%) whereas the test and evaluation workforce grew by 40% (Defense Acquisition Performance Assessment Report, Jan 2006) System Response Times cyberattacks on IT systems used to be lengthy planned out attacks but automated scanning, analysis, and global sharing of attack vectors makes attack cycles in the minutes and seconds

    6. Bold Responses 6

    7. 7 (2008) United States Air Force Scientific Advisory Board (AF-SAB) report on Defending and Operating in a Contested Cyber Domain Develop Mission Essential Cyber Competencies Leverage existing technologies to develop cyber training and exercises. Fight through (2010) Air Force Doctrine Document 3-12 RISE OF THE CYBERSPACE OPERATOR (pg38) Requires a well-educated and trained professional cadre ready to provide the required capability and capacity for mission accomplishment. with technical and tactical expertise are mission essential individuals. possess high levels of technical competence, robust analytical skills, and a critical understanding of cyberspace warfare application. (2011) Department of Defense Strategy for Operating in Cyberspace focus on communication, personnel training, and new technologies and processes The development and retention of an exceptional cyber workforce is central to DoDs strategic success in cyberspace. The development of the cyber workforce is of paramount importance to DoD. Continued education and training will be hallmarks of the cyber workforce DoD will invest in future personnel AFSPC Science and Technology (S&T) Guidance, Realistic Distributed Network Training Environment for Network Operations, Tech need 030-2009-01, Tech need date 2014 Increase Supply Change the Culture (2008) United States Air Force Scientific Advisory Board (AF-SAB) report on Defending and Operating in a Contested Cyber Domain Develop Mission Essential Cyber Competencies Leverage existing technologies to develop cyber training and exercises. Fight through (2010) Air Force Doctrine Document 3-12 RISE OF THE CYBERSPACE OPERATOR (pg38) Requires a well-educated and trained professional cadre ready to provide the required capability and capacity for mission accomplishment. with technical and tactical expertise are mission essential individuals. possess high levels of technical competence, robust analytical skills, and a critical understanding of cyberspace warfare application. (2011) Department of Defense Strategy for Operating in Cyberspace focus on communication, personnel training, and new technologies and processes The development and retention of an exceptional cyber workforce is central to DoDs strategic success in cyberspace. The development of the cyber workforce is of paramount importance to DoD. Continued education and training will be hallmarks of the cyber workforce DoD will invest in future personnel AFSPC Science and Technology (S&T) Guidance, Realistic Distributed Network Training Environment for Network Operations, Tech need 030-2009-01, Tech need date 2014 Increase Supply Change the Culture

    8. Cyber Vision Team Senior Governance Team (3*) Dr. Mark Maybury (chair), Lt Gen Mike Basla (AFSPC/CV > SAF/CIO A6), Lt Gen Janet Wolfenbarger (SAF/AQ), Lt Gen William Lord (SAF/CIO A6), Lt Gen Larry James (AF/A2), Lt Gen Chris Miller (AF/A8) Key Senior Stakeholders Lt Gen Charles Davis (ESC/CC, AFPEO C3I and Networks), Lt Gen Ellen Pawlikowski (SMC), Maj Gen Ken Merchant (AAC), Lt Gen Thomas Owen (ASC), Lt Gen Hawk Carlisle (A3/5), Maj Gen Neil McCasland (AFRL), Maj Gen Suzanne Vautrinot (24th AF), Maj Gen Mike Holmes (A3/5), Dr. Steve Walker (AQR), Dr. Jackie Henningsen (A9), Lt Gen(Sel) John Hyten (AQS > AFSPC/CV), Maj Gen Robert Otto (AFISRA/CC), Maj Gen(Sel) Samuel Greaves (AFSPC/A8/9) Cyber S&T Mission Area Study Leads Air: Dr. Kamal Jabbour (AFRL/RI), Dr. Don Erbschloe (AMC), Mr. Bill Marion (ACC) Space: Dr. Doug Beason (AFSPC), Col Brad Buxton (SMC) & Dr. Jim Riker (AFRL/RV) Cyber: Dr. Rich Linderman (AFRL/RI), Dr. Doug Beason (AFSPC) & Mr. Arthur Wachdorf (24th) C2ISR: Dr. Steven K. Rogers (AFRL/RY), Mr. Ron Mason (ESC), Mr. Stan Newberry (AFC2IC), Dr. Chris Yeaw (AFGSC), B Gen Scott Bethel (AFISRA/CV), B Gen (S) John Bansemer (AFISRA/CVA), DISL Keith Hoffman (NASIC), Dr. Rick Raines (CCR, AFCyTCoE) Mission Support (Talent, Training, Acquisition, Infrastructure): Dr. Steve Walker (AQR), Maj Gen Tom Andersen (LeMay Center), Mr. Mike Kretzer (688th), Dr. Nathaniel Davis (AFIT), BG Dwyer Dennis (AFMC/A2/5) Enabling Technology: Dr. Jennifer Ricklin (AFRL), Dr. Robert Bonneau (AFOSR) Threat: Mr. Gary OConnell (NASIC), Col Matthew Hurley (AF/A2DD) 8

    9. DRAFT Senior Independent Expert Review Group (SIERG) 9 NSA Reccs from Larry James: Chris Inglis, the Deputy DIRNSA too high? Our other recommendations, in priority order, would be Mr Greg Smithberger, Director, NSA/CSS Tailored Access Office (TAO) Mr Paul Laugesen Deputy TAO emmill6@nsa.gov NASIC recommended contacting Glenn Gafney, Director of S&T, and Andy Makridis, new Director of WINPAC Ms Mo Baginsky at Maureen.Baginski@sparta.com Gil Vega, Chief Information Security Officer and Associate CIO for Cybersecurity, U.S. Department of Energy, gil.vega@hq.doe.gov Four former AF chief scientists Former DNIs Former Director of NRO, Keith Hall Former AFRL Commanders Dr. Yul Williams, NSA/CSS Threat Operations Center Technical Director RADM Will Metts, Deputy Chief, TAO http://www.navy.mil/navydata/bios/navybio.asp?bioID=572 Lt Gen George Muellner (Ret) USAF, former SAF/AQ Lt Gen Ken Minihan (Ret) USAF, Former Director NSA Gen Mike Hayden (ret), USAF, former DNI, NSA and CIA director VADM Mike McConnell, (Ret) USN, former DNI, DRNSA Lt Gen (Ret) David Deptula, USAF, Former AF/A2 Dr Ernest McDuffie, CMU National Initiative on Cyber Education David Honey, PhD- ADDNI for S&T, Director, S&T Herb Lin, National Academy, Chair Computer Science Panel Giorgio Bertoli, Army CERDEC I2WD Lt Gen (Ret) Trey Obering, USAF, former Director of Missile Defense Agency now SVP at Booze Allen Hamilton Prof. Werner Dahm, SDSI & ASU Lt. Gen. Robert J. Elder former Commander, 8th Air Force, Air Combat Command and Joint Functional Component Commander for Space and Global Strike, U.S. Strategic Command, Offutt AFB, Nebraska. Now Research Faculty at George Mason University. Giorgio Bertoli (Giorgio.Bertoli@us.army.mil), Army CERDEC I2WD (Intelligence & Information Warfare Directorate ) works for Henry Muller (SES) (CERDEC) henry.j.muller4.civ@mail.mil, Army Mr. John Gilligan, Air Force Chief Information Officer (CIO) and former SVP and Director at SRA International Recommended: Dr Rick Boivie (IBM), Dr Don Robinson (NG), Dr IT) NSA Reccs from Larry James: Chris Inglis, the Deputy DIRNSA too high? Our other recommendations, in priority order, would be Mr Greg Smithberger, Director, NSA/CSS Tailored Access Office (TAO) Mr Paul Laugesen Deputy TAO emmill6@nsa.gov NASIC recommended contacting Glenn Gafney, Director of S&T, and Andy Makridis, new Director of WINPAC Ms Mo Baginsky at Maureen.Baginski@sparta.com Gil Vega, Chief Information Security Officer and Associate CIO for Cybersecurity, U.S. Department of Energy, gil.vega@hq.doe.gov Four former AF chief scientists Former DNIs Former Director of NRO, Keith Hall Former AFRL Commanders Dr. Yul Williams, NSA/CSS Threat Operations Center Technical Director RADM Will Metts, Deputy Chief, TAO http://www.navy.mil/navydata/bios/navybio.asp?bioID=572 Lt Gen George Muellner (Ret) USAF, former SAF/AQ Lt Gen Ken Minihan (Ret) USAF, Former Director NSA Gen Mike Hayden (ret), USAF, former DNI, NSA and CIA director VADM Mike McConnell, (Ret) USN, former DNI, DRNSA Lt Gen (Ret) David Deptula, USAF, Former AF/A2 Dr Ernest McDuffie, CMU National Initiative on Cyber Education David Honey, PhD- ADDNI for S&T, Director, S&T Herb Lin, National Academy, Chair Computer Science Panel Giorgio Bertoli, Army CERDEC I2WD Lt Gen (Ret) Trey Obering, USAF, former Director of Missile Defense Agency now SVP at Booze Allen Hamilton Prof. Werner Dahm, SDSI & ASU Lt. Gen. Robert J. Elder former Commander, 8th Air Force, Air Combat Command and Joint Functional Component Commander for Space and Global Strike, U.S. Strategic Command, Offutt AFB, Nebraska. Now Research Faculty at George Mason University. Giorgio Bertoli (Giorgio.Bertoli@us.army.mil), Army CERDEC I2WD (Intelligence & Information Warfare Directorate ) works for Henry Muller (SES) (CERDEC) henry.j.muller4.civ@mail.mil, Army Mr. John Gilligan, Air Force Chief Information Officer (CIO) and former SVP and Director at SRA International Recommended: Dr Rick Boivie (IBM), Dr Don Robinson (NG), Dr IT)

    10. Key Events 18-20 Jan Preliminary Air-Cyber Mission Meeting Edwards AFB 23 January Threat Workshop (SCI), Washington, DC (7-9 Feb, AFCEA Cyber Conf, Colorado Springs) Air-cyber: 8 Feb (Scott AFB), 9 Feb (Langley) 8-9 Feb 24th AF/US Navy Cyber Tech Summit, Colorado Springs, CO 24 Feb RFI Input Due (See www.tinyurl.com/cybervision) 29 Feb 2 Mar West Coast Industry Visit for team leads 5-9 March AFOSR Computational Sciences Review, DC 12-13 March Air Workshop, Langley 14-15 March C2ISR Workshop, Langley 19-21 March Space-Cyber, Cyber, S&T Workshops, AFSPC, Peterson AFB 22-23 March AFA Cyber Futures Conference, Gaylord, DC 27 March - Mission Support Summit, DC 28 March - AF-DoE Cyber Summit, ORNL 29 March - DARPA Cyber PM Briefs to CV25 Mission Leads TBD April NSA/CYBERCOM Day, Ft Meade 10 April @SAFTAS- Senior Independent Expert Review Group Slide Review 9 May @SAFTAS - Senior Independent Expert Review Group Doc Review 10 POCs - 12-13 March Air-Cyber Workshop, Langley AFB (Kamal.Jabbour@rl.af.mil) - 14-15 March C2ISR-Cyber Workshop, Langley AFB (steven.rogers@wpafb.af.mil) - 19-21 March Space-Cyber (james.beason@peterson.af.mil), Cyber (Richard.Linderman@rl.af.mil), and Cross cutting Cyber S&T (Jennifer.Ricklin@wpafb.af.mil) Workshops @ AFSPC, Peterson AFB - (22-23 March AFA Cyber Futures Conference, Gaylord, DC) - 27 March - Mission Support Summit, DC (Steven.Walker@pentagon.af.mil) 28 March - AF-DoE Cyber Summit, ORNL (aimonem@battelle.org) 29 March - DARPA Cyber PM Briefs to CV25 Mission Leads, DARPA I2O SCIF (Rodney.Miller@pentagon.af.mil) - TBD - 3, 4, 9, or 30 April NSA/CYBERCOM Day, Ft Meade (gary.oconnell@wpafb.af.mil)POCs - 12-13 March Air-Cyber Workshop, Langley AFB (Kamal.Jabbour@rl.af.mil) - 14-15 March C2ISR-Cyber Workshop, Langley AFB (steven.rogers@wpafb.af.mil) - 19-21 March Space-Cyber (james.beason@peterson.af.mil), Cyber (Richard.Linderman@rl.af.mil), and Cross cutting Cyber S&T (Jennifer.Ricklin@wpafb.af.mil) Workshops @ AFSPC, Peterson AFB - (22-23 March AFA Cyber Futures Conference, Gaylord, DC) - 27 March - Mission Support Summit, DC (Steven.Walker@pentagon.af.mil) 28 March - AF-DoE Cyber Summit, ORNL (aimonem@battelle.org) 29 March - DARPA Cyber PM Briefs to CV25 Mission Leads, DARPA I2O SCIF (Rodney.Miller@pentagon.af.mil) - TBD - 3, 4, 9, or 30 April NSA/CYBERCOM Day, Ft Meade (gary.oconnell@wpafb.af.mil)

    11. Elements of Contested Cyber

    12. Partnership and Focus 12

    13. Principles & Practices Principles Least Privilege (e.g., white listing, discretionary access control) Balance of power (e.g., distribution of authority, peer review, two person rule) Minimization limit attack surface, limit dependencies, reduce capability to essentials Simplification Pursue only necessary complexity Resiliency (flexibility, rapid reconstitution, active defense), Robustness (e.g., redundancy), and Readiness (e.g., intel/situational awareness, training) Diversity Speed (responsiveness) , Agility, and Evolvability Balance (Offense/defense, human creativity and machine intelligence, confidence/control) Cost and efficiency Practices Systems, e.g., redundancy, diversity, roots of trust (hardware and software, supply chain) Architectures, e.g., loose couplers (avoid brittleness) Acquisition, e.g., clear/focused requirements, early/continual user/test involvement, early prototyping and rapid cycles for evolution, modular/open standards, model driven archs Information, e.g., chain of custody, encryption at rest/in motion Operations, e.g., fractionated authority, cyber hygiene People, e.g., accessions, education and training, deep experience 13

    14. AF Cyber S&T Vision Assured cyber advantage across air, space, cyber, C2ISR, and mission support Assured Ensured operations in congested, competitive, contested, and denied environments in spite of increased dependencies, vulnerabilities, and threats Cyber its defense, exploitation, operation Advantage we seek a speed, agility, and effectiveness edge over our adversaries to ensure operational dominance Across we require superiority within and across Air, space, cyber, C2ISR, mission support we require full spectrum cyber solutions 14

    15. AF Core Mission Prioritized S&T Roles Technology Leader Creates or invents novel technologies through research, development and demonstration. Key S&T for core Air Force Title 10 missions and associated platforms with few or no other investors outside of the Air Force, e.g., IADS Fast Follower Rapidly adopts, adapts or accelerates technologies originating from external leading organizations, e.g., hardening DoEs microgrids Technology Watcher Uses and leverages others S&T investments for non core missions, e.g., generic IT 15

    16. BACKUP Slides 16

    17. What is Out of Scope? In: Cyber exploitation, defense, operations Cyber security of communications, data links, power OSD (R&E) Priority Steering Committees Cyber, Data to Decisions, Autonomy and cyber aspects of Human Systems and Resilient Systems Engineering (but not Countering WMD, EW/EP) Out: Commodity commercial IT infrastructure and communications Spectrum allocation and/or management except for application to use of cyber methods for spectrum protection Electronic warfare Directed energy - lasers or high power microwave for sensing or communication 17

    18. Software Challenges Increasing % of mission systems software (air, space, cyber, C2ISR) Large (10s of millions SLOC) and complex - (dependencies) Acquisition difficult - 46% over budget (by 47%) or late (by 72%); Successful projects have 68% specifications Scarce Talent 18

    19. Cyber Trends Bigger: HPC: Petascale to exascale Programmable, performance (peta to exa), green Smaller: Nanoelectronics (e.g., nanowires, memristers) Diverse: Clusters, clouds, GPUs, FPGAs Embedded: 4.5M LOC in F-35, 90% of functionality More contested and dangerous: Advanced threat, insider threat, supply chain More competitive: global hardware, software, talent More complex: Interconnected Greener: infrastructure and algorithms Less US talent: STEM Challenge Over the past 30 years, minimum feature sizes for advanced integrated circuits have been reduced by over 100X, from several microns in the early 1980s to just 32 nm today, with plans for sub-20 nm production firmly in place at most major manufacturers. While predictions abound that the relentless pace of geometry shrinks will have to end at some point, it seems clear the industry is well on target to continue shrinking geometries to less than 10 nm before the end of the decade. What is less clear is which lithographic technology will be used in producing these leading-edge devices Moshe Preil, GLOBALFOUNDRIES INTERNATIONAL TECHNOLOGY ROADMAP FOR SEMICONDUCTORS (ITRS)has identified energy as one of the top three overall challenges for the last seven years - computational energy/operation (per logic and per memory-bit state changes energy efficiency of basic components (i.e., switches, wires, and memory bits) and end-equipment (e.g., microcontrollers, signal processors, and power/battery management circuits) are key to the efficiency of communications systems, household appliances, transportation (e.g., cars), industrial machines, etc. --- On December 1, 2010, the U.S. Air Force unveiled the Condor Cluster, a supercomputer made of more than 1,716 processors taken from PlayStation 3 video game consoles, and designed by military scientists at the Air Force Research Laboratory (AFRL) in Rome, New York. the Condor Cluster calculates an impressive 500 trillion operations per second. This is the fastest interactive computer currently in use at the Department of Defense (DoD). 168 General Purpose Graphical Processing Units According to Air Force officials, the Condor Cluster is 10 to 20 times less expensive than similar supercomputers used by the U.S. government. Officials also said it consumes less than one-tenth the amount of energy, making it a "green" supercomputer. The new system will be freely available to all DoD users on a shared basis Over the past 30 years, minimum feature sizes for advanced integrated circuits have been reduced by over 100X, from several microns in the early 1980s to just 32 nm today, with plans for sub-20 nm production firmly in place at most major manufacturers. While predictions abound that the relentless pace of geometry shrinks will have to end at some point, it seems clear the industry is well on target to continue shrinking geometries to less than 10 nm before the end of the decade. What is less clear is which lithographic technology will be used in producing these leading-edge devices Moshe Preil, GLOBALFOUNDRIES INTERNATIONAL TECHNOLOGY ROADMAP FOR SEMICONDUCTORS (ITRS)has identified energy as one of the top three overall challenges for the last seven years - computational energy/operation (per logic and per memory-bit state changes energy efficiency of basic components (i.e., switches, wires, and memory bits) and end-equipment (e.g., microcontrollers, signal processors, and power/battery management circuits) are key to the efficiency of communications systems, household appliances, transportation (e.g., cars), industrial machines, etc. --- On December 1, 2010, the U.S. Air Force unveiled the Condor Cluster, a supercomputer made of more than 1,716 processors taken from PlayStation 3 video game consoles, and designed by military scientists at the Air Force Research Laboratory (AFRL) in Rome, New York. the Condor Cluster calculates an impressive 500 trillion operations per second. This is the fastest interactive computer currently in use at the Department of Defense (DoD). 168 General Purpose Graphical Processing Units According to Air Force officials, the Condor Cluster is 10 to 20 times less expensive than similar supercomputers used by the U.S. government. Officials also said it consumes less than one-tenth the amount of energy, making it a "green" supercomputer. The new system will be freely available to all DoD users on a shared basis

    20. DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspaces potential Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity Strategic Initiative 5: Leverage the nations ingenuity through an exceptional cyber workforce and rapid technological innovation DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspaces potential Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity Strategic Initiative 5: Leverage the nations ingenuity through an exceptional cyber workforce and rapid technological innovation

    21. Cyber JCTDs Non Persistent Desktop Browser (NPDB) Protection and Operation of IP Secure Network Terrain (POINT) DISA Mission Assurance Decision Support System (MADSS) Computer Adaptive network Defense in Depth (CANDID) Smart Power Infrastructure Demo for Energy Security and Reliability (SPIDERS) Cross Domain Collaboration Information (CDCIE) 21

    22. Executable Lines of Code in Mission Systems 22 ESLOC is a valuable and intuitive measure that is correlated with the number of people required to build, use, and maintain software systems.11 However, dimensions beyond size can significantly increase the complexity of IT systems. For example, Boehm and Lane (2006)12 describe how software intensive systems of systems (SISOS) integrate multiple, independently developed systems and are very large, dynamically evolving, and unprecedented with emergent requirements and behaviors, and complex socio-technical issues to address. SISOS are characterized by 10100 million LOC; 30300 external interfaces; 2 200 suppliers; 612 hierarchical levels of suppliers (primes and subs) and 20200 coordination groups (or integrated product teams).ESLOC is a valuable and intuitive measure that is correlated with the number of people required to build, use, and maintain software systems.11 However, dimensions beyond size can significantly increase the complexity of IT systems. For example, Boehm and Lane (2006)12 describe how software intensive systems of systems (SISOS) integrate multiple, independently developed systems and are very large, dynamically evolving, and unprecedented with emergent requirements and behaviors, and complex socio-technical issues to address. SISOS are characterized by 10100 million LOC; 30300 external interfaces; 2 200 suppliers; 612 hierarchical levels of suppliers (primes and subs) and 20200 coordination groups (or integrated product teams).

    23. Adoption Acceleration 23