Approved for 1 CompTIA CEU: A+, Network+, Security+, CSA+, Cloud+, and CASP; 1 GIAC CPE
Ensuring secure and trustworthy communications between autonomous vehicles, drones, ruggedized vehicles, aircraft, battleships and smart soldiers is of paramount importance to any mission. Beyond protecting against access denial due to RF jamming, magnetic jamming, electromagnetic generators and pulses, each device must be able to defend itself from cyber attacks. An inbound attack on a system could allow the installation of unauthorized firmware updates that allow a third party to take control of a device or send false data to a solider or central command to cause confusion and damage.
Our armed forces in the air, on the ground and on the sea have complex and unique digital environments to defend. On the ground, tanks, drones, ruggedized vehicles and soldiers with smart armor connect over a variety of near-field, wireless, cellular and satellite radios and communications devices. In the air, helicopters, fighter jets, bombers and other military aircraft must be protected. The avionics subsystems for navigation, radar, flight safety, weather and missile systems must be protected. On the sea, a variety of navigation, radar, engines, HVAC, fire and safety, surveillance, scanners, defense and missile systems must be protected.
In order to protect these systems, we must also think beyond the battlefield and ensure that we are protecting the embedded software sitting on a real-time operating system on a chip or microprocessor. We must reduce the surfaces of attack. Additionally, we must ensure that the manufacturing process is secured to prevent intentional defects or the implementation of malware in subsystems. We must be able to guarantee supply chain assurance across a multiplicity of vendors.
In order to secure the battlefield, Mocana believes that we must adopt a deep, embedded cybersecurity approach to protect the microcontrollers and microprocessors on every device. In this presentation, we will share a model to ensure device trustworthiness to defend against cyber attacks, including lateral attacks from compromised systems, inbound attacks to modify firmware and attempts to present false data or commands. We will demonstrate how devices can be secured from the inside out by implementing embedded security software that provides cryptographic controls and innovative technology to enable secure boot, secure updates, multi-factor authentication and encryption that can be integrated with hardware-based secure elements, trust chaining, devices signed by manufacturers, the DoD's PKI and the digital identity of the soldier.