Vehicle Electronics & Architecture (VEA)


by Cheri Lofy; Mark Vriesenga


Today’s platform systems (satellites, aircraft, surface ships, ground vehicles, and subsurface vehicles) have large numbers of electronic components including microprocessors, microcontrollers, sensors, actuators, and internal (onboard) and external (off-board) communication networks. Hardening and securing these systems is currently performed using checklist approaches like the Risk Management Framework (RMF) that derive from decades of information technology (IT) best practices. However, these approaches do not translate well to platforms because they inadequately address security issues that are unique to cyber-physical and the embedded nature of platform systems. In this paper, we describe key resilience concepts and two analytic models for improving platform cyber resilience. These models balance knowledge of offensive attack vectors with Resilience-in-Depth™ controls. The Platform Cyber Attack Model (PCAM) provides a multi-scale construct for identifying, describing, and understanding cyber-attacks that are relevant to platform systems in their operating environment. The corresponding Platform Cyber Defense Model (PCDM) determines resiliency controls needed to respond to and recover from high-likelihood, high-severity cyber-attacks. These analytic models provide a foundation for building on RMF and guides implementation of relevant cyber resilience capabilities for platform systems. We conclude this paper with a simplified process for developing the PCAM and PCDM models and with recommendations for next steps in implementing platform cyber resilience.