Enterprise cyberdefenses needed to defend embedded networksStory
August 09, 2021
By Charlie Kawasaki, PacStar, a Curtiss-Wright company
In order to achieve and maintain warfighting overmatch, coordinate deployed forces, and enable new warfighting capabilities, the U.S. Army, Air Force, Navy, Marine Corps, and Space Force are actively looking to new programs such as Joint All Domain Command and Control (JADC2) to ensure warfighters have maximum situational awareness. This push to upgrade is driving the development of end-to-end networks linking the cloud, command posts, combat platforms, and dismounted warfighters. It also anticipates the addition of vast numbers of sensors and video feeds – backed by big data processing, artificial intelligence, and machine learning – to speed decision-making across all warfighting domains.
This vision of a networked battlespace includes standardized and interoperable data formats and application programming interfaces (APIs), which would break down barriers and stovepipes between information sources, applications, and platforms – enabling commanders and data analysis systems to develop common operating pictures. While the benefits of this vision are compelling and easy to understand, it raises a concern that should not be ignored: As the size and complexity of these networks grows, so does their cybersecurity attack surface. That is, the network will have more places where it can be attacked and will have more vulnerabilities that must be managed. This type of network proliferation also has a side effect of introducing cybersecurity threats into locations that traditionally were less vulnerable to outside attackers, such as embedded systems. This situation is only exacerbated by widely acknowledged, increased warfighting activities in the cyber domain by our near-peer adversaries.
This vulnerability is not a theoretical risk, and the U.S. Department of Defense (DoD) will be wise to learn from lessons in the industrial sector, which has experienced attacks on embedded systems typically used for so-called operational technologies (OT), those systems used for applications such as process control over manufacturing equipment. Historically, the industrial sector has used “air gap” techniques to isolate OT, using barriers to keep certain operations safe from highly connected networks. However, the benefits of interconnecting these devices and automating IT management of OT has opened up the threat landscape. A recent incident involving a ransomware attack on gas-pipeline operations (as reported by CISA [Cybersecurity and Infrastructure Security Agency] at https://us-cert.cisa.gov/ncas/alerts/aa20-049a) provides an excellent example.
A cyber vulnerability example
CISA responded to a cyberattack affecting control and communication assets on the operational technology OT network of a natural-gas compression facility. A threat actor used a spearphishing-type link to obtain initial access to the organization’s information technology (IT) network before pivoting to its OT network. The threat actor then deployed commodity ransomware to encrypt data for impact on both networks. Specific assets experiencing a loss of availability on the OT network included human-machine interfaces (HMIs), data historians, and polling servers. Impacted assets were no longer able to read and aggregate real-time operational data reported from low-level OT devices, thereby resulting in a partial loss of view for human operators.
The DoD equivalent of this situation arises if and when visions such as JADC2 interconnect the C5ISR [command, control, computers, communications, cyber, intelligence, surveillance, and reconnaissance] networks across vast arrays of tactical platforms, including the vehicle/platform networks, the soldiers’ dismounted networks, and wireless networks. This situation may be particularly true as the C5ISR networks increasingly use embedded form factors in an effort to reduce size, weight, and power (SWaP) in equipment. When everything is connected, the C5ISR networks (roughly equivalent to IT networks in the enterprise world) will expose tactical platform and far-edge networks and computers to new cybersecurity threats.
What do these new networks need?
The implementation of new interconnections necessitates a thorough review of the cybersecurity architecture, technical controls and processes, vulnerabilities, and attack surface of the systems newly exposed to threats. In the past, system architects, cybersecurity engineers, and approving authorities were likely to have assessed tactical and far edge systems with the understanding that they were isolated from the C5ISR networks – concluding they did not need (nor could they afford) the cybersecurity protections common in IT networks. In particular, adding additional technology on platforms can drive up SWaP in an already constrained platform.
Further complicating matters, the addition of typical IT equipment can drive up costs and training for tactical and far edge programs and can slow program development time. System designers, able to rely on an air gap on the tactical and far-edge platforms that protects the systems from C5ISR networks, have thus far been able to design “out” cybersecurity protections and meet their program requirements. With network interconnections, however, this is no longer a viable design strategy.
The good news is that recent technology breakthroughs now make it possible to deploy rugged, embedded, networking technologies that use the best of enterprise-class cybersecurity technologies, in small factor solutions that deliver the increased network speeds and data security required by next generation C5ISR solutions. Thanks to a number of trends – including increased CPU performance and memory capacities allowing for virtualization of cybersecurity functions plus new embedded board offerings from major enterprise networking vendors – these technologies are becoming more available in embedded form factors – in discrete module solutions and even C5ISR/EW Modular Open Suite of Standards (CMOSS)-compliant solutions based on VPX form factors.
In the not-too-distant past, the only option for deploying enterprise-class cyber-security functions was to field enterprise equipment – 19-inch rackmounted data center-style equipment – which is large, power-hungry, and fragile, not at all suitable for embedded or platform integrated applications. Today, many key cybersecurity functions are virtualized and software-defined, able to run on single-board computers – enabling deployment on embedded solutions such as CMOSS/VPX and also on discrete modules that dramatically reduce SWaP and meet stringent MIL-STD qualifications.
One such example is the new Cisco Catalyst ESS 9300, the new 10-port 10 Gigabit Ethernet switch designed for onboard mission-critical tactical mobile communications. This hardened switch module, based on Cisco’s latest 9300 technology, has a -40 to 85 °C operating temperature that delivers optimal performance in extreme harsh environments. Measuring only 110 mm x 85 mm, the compact module requires only 35 watts of power. (Figure 1.)
[Figure 1 | PacStar 448 with Cisco Catalyst ESS 9300 10 GbE switch, designed for onboard mission-critical mobile communications.]
The switch’s intro is part of Cisco’s track record delivering commercial off-the-shelf (COTS) solutions that also satisfy stringent enterprise and DoD IT cybersecurity requirements. Security features include Cisco’s TrustSec; adherence to the “secure boot” standard; and authentication, authorization, and accounting features to identify and restrict users. These latter features measure usage while accessing resources – and Cisco plans to fully certify the solution’s cryptographic implementations and capabilities conforming to standards such as FIPS-140 and Common Criteria. This technology brings the company’s secure IOS-XE switching software, deployed across many commercial enterprises, into the DoD embedded markets. Because its switching technology is already widely deployed throughout military organizations and by their supporting integrators – and because Cisco invests heavily in providing training to military – the availability of Cisco-based technology reduces training and implementation time while improving the maintainability of the networks.
An example of a DoD-ready solution based on the new Cisco 10 GbE switch is Curtiss-Wright’s PacStar 448 module. Housed in a fully rugged casing, it adds the military interconnects and features, such as support for running on military-standard batteries, that make it useful for deployment in mobile data centers. Curtiss-Wright was closely involved with Cisco in the development of the solution from the early stages of its design, and collaborated on early engineering samples to ensure that military performance requirements were successfully met.
The PacStar 448 can provide high-speed switching for any type of tactical networking application. It also plugs directly into the deployed PacStar Modular Data Center (MDC), a tactical and expeditionary rugged data center capable of hosting mission command, cloud/storage, sensor fusion, AI, and analytics applications.
The advent of rugged SWAP-optimized enterprise-class networking hardware aimed at deployment in harsh environments will deliver the secure networking needed in advance of the merging of C5ISR and platform networking equipment, ensuring that warfighters will maintain their access to the critical new situational-awareness technologies and capabilities that provide them with force-multiplier superiority – even in the face of increasing cybersecurity threats.
Charlie Kawasaki – CTO of PacStar (a Curtiss-Wright Defense Solutions Division Company) – is a Certified Information Systems Security Professional (CISSP). He joined PacStar in early 2005 and leads multiple innovation initiatives including development of cutting-edge tactical computing systems. Charlie also serves as a Commercial Solutions for Classified (CSfC) subject-matter expert. Charlie has over 40 years’ experience in network engineering, machine learning/AI, systems integration, software engineering, and cybersecurity. Prior to joining PacStar, Charlie provided his expertise to early-stage technology companies, where he created dozens of software and networking-based products. Charlie served as CEO of RuleSpace, Inc., which created AI-based technology for Internet parental controls used by companies such as AOL, Yahoo, SBC, BellSouth, and Microsoft.
PacStar, a Curtiss-Wright Company • https://pacstar.com/