DEMYSTIFYING PLATFORM CYBER RESILIENCE

2024-01-3767

11/15/2024

Features
Event
2019 Ground Vehicle Systems Engineering and Technology Symposium
Authors Abstract
Content
ABSTRACT

Today’s platform systems (satellites, aircraft, surface ships, ground vehicles, and subsurface vehicles) have large numbers of electronic components including microprocessors, microcontrollers, sensors, actuators, and internal (onboard) and external (off-board) communication networks. Hardening and securing these systems is currently performed using checklist approaches like the Risk Management Framework (RMF) that derive from decades of information technology (IT) best practices. However, these approaches do not translate well to platforms because they inadequately address security issues that are unique to cyber-physical and the embedded nature of platform systems.

In this paper, we describe key resilience concepts and two analytic models for improving platform cyber resilience. These models balance knowledge of offensive attack vectors with Resilience-in-Depth™ controls. The Platform Cyber Attack Model (PCAM) provides a multi-scale construct for identifying, describing, and understanding cyber-attacks that are relevant to platform systems in their operating environment. The corresponding Platform Cyber Defense Model (PCDM) determines resiliency controls needed to respond to and recover from high-likelihood, high-severity cyber-attacks. These analytic models provide a foundation for building on RMF and guides implementation of relevant cyber resilience capabilities for platform systems. We conclude this paper with a simplified process for developing the PCAM and PCDM models and with recommendations for next steps in implementing platform cyber resilience.

Meta TagsDetails
DOI
https://doi.org/10.4271/2024-01-3767
Pages
16
Citation
Lofy, C., and Vriesenga, M., "DEMYSTIFYING PLATFORM CYBER RESILIENCE," SAE Technical Paper 2024-01-3767, 2024, https://doi.org/10.4271/2024-01-3767.
Additional Details
Publisher
Published
Nov 15
Product Code
2024-01-3767
Content Type
Technical Paper
Language
English