AI, MOSA, and the future of secure uncrewed warfare
StoryMarch 13, 2024
Tim Reed
Lynx Software Technologies
Artificial intelligence (AI)-enabled autonomous systems have revolutionized military operations and modern warfare. These uncrewed systems are well-suited for dangerous and repetitive tasks, enhancing situational awareness and logistical capabilities while reducing risks to human personnel. However, their growing role raises significant security concerns: Uncrewed vehicles rely heavily on machine learning (ML) and can be vulnerable to cyberattacks that could jeopardize missions, troops, and critical technologies. While no system is unhackable, system architecture becomes critical in ensuring a device is as resilient as possible to cyberattack not just on the day of initial deployment but several years into its product life cycle. Because of this, robust safeguards are necessary throughout their development and deployment life cycles. Secure design principles, encryption, access controls, and secure communications can harden these systems against unauthorized access.
The aerospace and defense (A&D) ecosystem – including the military, private sector, academia, and government – must consider a huge number of factors as autonomous systems become more common in the sea, on the land, and above the battlefield.
From the spear to the cannon to the tank, technological advances have long given militaries a tactical edge. Today, artificial intelligence (AI) is the next frontier promising to revolutionize warfare. Fulfilling that promise hinges on our ability to prevent these “thinking” machines from being turned against us.
The new spear: unmanned aerial vehicles (UAVs) and autonomous sentries
Autonomous technologies such as unmanned or uncrewed aerial vehicles (UAVs) and robotic sentry “dogs” are redefining the battlespace. These devices excel at surveying terrain, identifying targets, and detecting and disarming threats without endangering service members. Their potential is vast, yet so are their vulnerabilities. Without rigorous cybersecurity measures baked into their designs, these self-guided systems could end up serving our adversaries rather than our troops.
Military UAVs and devices leverage cutting-edge AI technologies to operate with minimal human guidance. Computer-vision algorithms enable UAVs to navigate and detect objects, while natural-language processing analyzes speech and text data to extract insights. Reinforcement learning optimizes decision-making for complex missions with many variables, while deep neural networks identify patterns and make predictions from massive datasets.
However, the very technologies enhancing unmanned systems also introduce new cybersecurity risks. AI-enabled autonomous platforms rely heavily on data and machine-learning (ML) algorithms, which potentially exposes them to data poisoning, model theft, and adversarial attacks aimed at manipulating their behaviors.
A rising tide of cyber threats on U.S. defense systems
Between 2015 and 2021, the U.S. Department of Defense (DoD) experienced more than 12,000 cyber incidents on unmanned systems such as drones and UAVs – a number that will most certainly rise. Attackers have jeopardized national security by interfering with communications, seizing control of vehicles, and stealing proprietary technologies and sensitive datasets used to train AI models. These recent examples underscore the growing cyber threat landscape.
The U.S. additionally faces mounting cyber threats from strategic competitors like China, Russia, Iran, and North Korea, who are exploiting the gray zone just short of outright conflict in an attempt to undermine national security interests. The consequences of these breaches can extend beyond immediate safety risks: Hackers could cherry-pick data to degrade the performance of AI models over time or steal intellectual property, such as proprietary algorithms, to erode a country’s competitive advantage. (Figure 1.)
[Figure 1 ǀ The U.S. and its military interests face mounting cyber threats from strategic competitors like China, Russia, Iran, and North Korea, who attempt to exploit the gray zone just short of outright conflict in an attempt to undermine national security.]
Yet the global military AI market is projected to reach more than $13 billion by 2028, reflecting the growing adoption of these systems that are well-suited for dangerous tasks and improving situational awareness. In this rapidly evolving and exposed environment, the delicate balance between technological advancement and cybersecurity resilience becomes imperative in safeguarding national interests and protecting everyone.
Strengthening defenses with MOSA
To strengthen defenses, developers of unmanned systems should leverage modular open systems architecture (MOSA) principles. MOSA provides robust and flexible cybersecurity safeguards through open standards and interfaces.
Developers can also integrate sensors, processors, and capabilities from various vendors as modular components of an AI-operated system. This plug-and-play approach makes it easier to swap out vulnerable parts quickly and tailor defenses against rapidly evolving threats. It is also a critical strategy in sandboxing or separating functions such that any corrupted application will not cause problems with other applications.
With MOSA, the Principle of Least Privilege (PoLP) – also known as the least privilege access model – is also leveraged to protect the system architecture from corruption or attacks. With PoLP, system resources such as memory can be immutably allocated to certain functions and developers can ensure applications are only provided access to the minimum set of system functionality needed to accomplish their task.
Using common open architecture standards like Future Airborne Capability Environment (FACE) and Sensor Open Systems Architecture (SOSA), components can be securely integrated and become interchangeable across different platforms and generations of technology. For example, a modular computing board from one supplier can be replaced with an upgraded module from another supplier without having to overhaul the entire system design.
MOSA also reduces vendor lock-in, resulting in more affordable long-term maintenance and upgrades. Considering that sustainment and maintenance costs typically comprise as much as 70% of the lifetime costs of a DoD system, taking a modular approach in which components can be swapped out practically interchangeably is expected to significantly reduce the need to rewrite code to accommodate new systems.
Developers can create libraries of reusable, accredited software and encryption IP that simplify and accelerate the integration of new capabilities to match the pace of evolving threats. Open architecture approaches like MOSA make it easier to continuously verify, validate, and certify compliance with security standards through iterative development and testing.
Security must be baked into every level of unmanned systems, from the design phase of hardware to the development phase of software. To prevent unauthorized access, developers should leverage strategies such as encrypting critical data and communications, instituting role-based access controls, and designing hardware with built-in antitamper mechanisms. Proactive monitoring, frequent patching, and periodic retraining of ML models will bolster resilience over their lifespans.
The imperative balance between military AI growth and cyber resilience
AI and autonomous technologies are transforming modern warfare: Uncrewed systems enhance military capabilities while reducing risks to human personnel while ensuring that cybersecurity remains a top priority. Failure to build robust defenses into these systems could hand our adversaries an advantage.
As unmanned vehicles proliferate, the A&D ecosystem must work collectively to address the unique security challenges introduced by AI. To this end, the public and private sectors should increase investments in research and development of secure AI. Academic institutions can strengthen training in areas such as cybersecurity, ML, and robotics.
Policymakers must also modernize regulations to promote safety and accountability as systems become more autonomous. Procurement guidelines should require modular designs and open standards to future-proof unmanned platforms. Through enterprise-wide collaboration and vigilance, unpiloted systems can in fact be deployed in a responsible manner that inspires trust.
The promise of AI is profound, but so are the perils if its power is left unchecked. With rigorous cybersecurity protections woven into their very architecture, AI-operated systems can strengthen national security and give warfighters an enduring edge against evolving threats. The A&D industry has an obligation to develop and wield these technologies judiciously and ethically. By putting security first, the industry and the government can responsibly reap the benefits of AI while safeguarding lives and liberty.
Tim Reed is the CEO of Lynx Software Technologies, a mission-critical edge software company that serves the aerospace, military, and federal markets. Tim joined Lynx in June 2022, after a long tenure with Green Hills Software. During his time at Green Hills, Reed held a variety of roles including senior vice president of the Advanced Products division and a member of the executive leadership team. Tim’s experience spans automotive, industrial, aerospace, and defense end markets. He holds a bachelor’s degree in engineering and applied science from the California Institute of Technology.
Lynx Software Technologies https://www.lynx.com/
