Cyber Vision 2025 - DTIC

Cyber Vision 2025

United States Air Force

Cyberspace

Science and Technology

Vision

2012-2025

AF/ST TR 12-01

15 July 2012

Distribution A. Approved for public release; distribution is unlimited.

SAF/PA Public Release Case No. 2012-0439/460

Cyber Vision 2025

ii

Cyber Vision 2025

iii

Executive Summary

Cyberspace is essential to all Air Force (AF) missions. It is a domain in which, from which, and

through which AF missions are performed. Actions in cyberspace can have digital, kinetic, and

human effects. Increasingly, the cyberspace domain is contested and/or denied. Yet our ability

to address opportunities and threats is constrained by time, treasure, and talent.

Cyber Vision 2025 provides the Air Force vision and blueprint for cyber S&T spanning

cyberspace, air, space, command and control, intelligence, and mission support. Cyber Vision

focuses on S&T in the near (FY12-15), mid (FY16-20), and far (FY21-25) term, delineating

where the Air Force should lead, follow, or watch. Championed by the Office of the Chief

Scientist, Cyber Vision 2025 was created in partnership with operators and technologists from

across the Air Force and engaged experts across government, industry, academia, National

Laboratories, and Federally Funded Research and Development Centers (see Appendices C, D).

Cyber Vision 2025 finds that our missions are at risk from malicious insiders, insecure supply

chains, and increasingly sophisticated adversaries as well as growing (often cyber) systems

interdependencies. Fortunately, cyberspace S&T can provide assurance, resilience, affordability,

and empowerment. However, this requires integration across authorities and domains, shaping

of doctrine, policy, people, and RDT&E processes, and intelligent partnering.

Motivated by a set of enduring cyberspace principles, Cyber Vision 2025 recommends

addressing these challenges by assuring and empowering missions. It recommends enhancing

mission system security standards, making more effective use of authorities (e.g., Title

10/50/32), synchronizing multi-domain effects, and increasing the cost of adversary cyberspace

operations. It also recommends improving cyber accessions and education and developing Air

Force Cyberspace Elite (ACE) forces. It recommends requiring and designing-in security and

securing weapon systems throughout their full life cycle. It recommends rapid, open, and

iterative acquisition that engages user and test communities early. It recommends integrating

cyber across all core functions, advancing partnerships, aligning funding, and orchestrating

effort and effects across domains. Cyber Vision 2025 recommends complexity reduction to ease

verification and reduce life cycle cost, the development of trusted and self-healing networks and

information, the creation of agile, resilient, disaggregated mission architectures, and the

advancement of real-time cyber situational awareness/prediction and cyber S&T intelligence.

Across all Air Force domains of operation, Cyber Vision 2025 recommends science and

technology to improve foundations of trust, enhance human machine interactions, enhance

agility and resilience, and assure and empower missions, in collaboration with our partners.

Extracting value from Cyber Vision 2025 will require adoption and sustained effort across the

S&T, acquisition, and operational communities. May Cyber Vision 2025 inspire you to advance

the Air Force¡®s assured cyber advantage to ensure the Air Force¡®s ability to fly, flight, and win

in air, space, and cyberspace.

Cyber Vision 2025

iv

Table of Contents

Executive Summary ......................................................................................................................iii

Table of Contents .......................................................................................................................... iv

Table of Figures ...........................................................................................................................vii

List of Tables ...............................................................................................................................vii

1. Introduction ................................................................................................................................ 1

1.1 Motivation ............................................................................................................................ 1

1.2 Vision and Alignment .......................................................................................................... 1

1.3 Methodology ........................................................................................................................ 2

1.4 Enduring Principles.............................................................................................................. 3

1.5 S&T Partnerships ................................................................................................................. 5

1.6 S&T Roles: Lead, Follow, Watch ........................................................................................ 6

1.7 Strategic Focus ..................................................................................................................... 6

1.8 Significant Past Progress ..................................................................................................... 6

1.9 Cyber Vision 2025 Integrating Themes ............................................................................... 7

1.9.1 Mission Assurance and Empowerment ......................................................................... 7

1.9.2 Agility and Resilience ................................................................................................... 7

1.9.3 Optimized Human-Machine Systems ........................................................................... 8

1.9.4 Foundations of Trust ..................................................................................................... 8

1.10 Structure of Cyber Vision 2025 Document ....................................................................... 8

2. Future Environment and Cyberspace Threat ............................................................................. 8

2.1 Demographics, Economy, and Adversaries - 2025.............................................................. 9

2.2 Technological Change - 2025 ............................................................................................ 10

2.3 Impacts ............................................................................................................................... 12

2.4 Cyber Threats to Air Force Missions ................................................................................. 13

2.4.1 Threat Vectors ............................................................................................................. 13

2.4.2 Areas of Concern: Threat Increase and Attack Surface Expansion ............................ 15

2.4.3 Cyber Operations (CO) Actors in 2025 - Refer to classified Annex. ......................... 15

2.4.4 Threat Recommendations ........................................................................................... 15

3. Cyberspace ............................................................................................................................... 17

3.1 Cyber Domain Strategic Context ....................................................................................... 17

3.2 Findings and Recommendations ........................................................................................ 19

3.2.1 Broaden Limited Cyber Mindset ................................................................................ 19

3.2.2 Enhance Situational Awareness & Understanding ..................................................... 20

3.2.3 Assure Missions and Protect Critical Information in Fragile Architectures ............... 20

3.2.4 Create Hardened, Trusted, Self-Healing Networks & Cyber Physical Systems ......... 21

3.2.5 Develop Integrated and Full Spectrum Effects ........................................................... 21

3.3 Cyber S&T Technologies .................................................................................................. 21

3.3.1 Assure and Empower Missions ................................................................................... 21

3.3.2 Agile Operations and Resilient Defense ..................................................................... 22

3.3.3 Optimize Human-Machine Systems ........................................................................... 23

3.3.4 Trusted Foundations .................................................................................................... 24

Cyber Vision 2025

v

4. Air Domain .............................................................................................................................. 25

4.1 Air Domain Strategic Context ........................................................................................... 25

4.2. Findings and Recommendations ....................................................................................... 25

4.2.1 Design-in Security to Address Insufficient Intelligence ............................................. 25

4.2.2 Reduce Complexity and Enable Verification to Mitigate COTS Vulnerabilities ....... 26

4.2.3 Secure Full Life Cycle to Overcome Insufficient Security Architectures .................. 27

4.2.4 Secure Platform IT to Mitigate Outdated Security Policies and Controls .................. 27

4.2.5 Secure C2 Architecture to Address Brittleness ........................................................... 28

4.2.6 Overcome Insufficient Cyberspace Situational Awareness ........................................ 28

4.3 Science and Technology Solutions .................................................................................... 28

4.3.1 Anti-Tamper Root-of-Trust (L) .................................................................................. 29

4.3.2 Cyber Black Box (L) ................................................................................................... 30

4.3.3 Secure Maintenance Aids (L) ..................................................................................... 30

4.3.4 GPS Hardening and Alternatives (L) .......................................................................... 30

4.3.5 Collaborative/Cooperative Control (L) ....................................................................... 30

4.3.6 Advanced Satellite Communications (L) .................................................................... 30

4.3.7 Managed Information Objects (L) .............................................................................. 31

4.3.8 Trusted Cloud Computing (L) .................................................................................... 31

4.3.9 Mission Mapping (L) .................................................................................................. 31

4.3.10 5th to 5th Platform Communications (L) .................................................................... 31

4.4 Conclusions of Air Domain ............................................................................................... 31

5. Space ........................................................................................................................................ 32

5.1 Space Domain Strategic Context ....................................................................................... 32

5.2 Findings and Recommendations ........................................................................................ 33

5.2.1 Develop a Resilient Architecture to Address Space Network Vulnerabilities............ 33

5.2.2 Enhance Space Anomaly Detection and Attack Attribution ....................................... 35

5.3 Space S&T Recommendations .......................................................................................... 35

5.3.1 Near Term: Cyber Test Beds, Space Sensors, Reconfigurable Antennas, Trusted

Foundries.............................................................................................................................. 36

5.3.2 Mid Term: Survivable C3, Malware Detection, Autonomous Self-healing Systems,

Trusted Architectures ........................................................................................................... 37

5.3.3 Far Term: Verified Code Generation, Intent Detection, Cognitive Communications,

Space Quantum Key Distribution ........................................................................................ 37

6. C2 and ISR ............................................................................................................................... 38

6.1 C2 and ISR Domain Strategic Context .............................................................................. 38

6.2 Findings and Recommendations ........................................................................................ 39

6.2.1 Focus Teams of Experts to Assure Contested C2 and ISR ......................................... 39

6.2.2 Create Intelligent Processing Capability to Overcome Massive Data Deluge ........... 40

6.2.3 Assure Information Integrity of Cyber-enabled C2 and ISR at the Tactical Edge ..... 41

6.2.4 Mature Cross Domain Synchronization ...................................................................... 42

6.4 C2 and ISR S&T ................................................................................................................ 42

6.4.1 Assure and Empower the Mission .............................................................................. 42

6.4.2 Optimize Human-Machine Systems ........................................................................... 43

6.4.3 Resilience and Agility ................................................................................................. 45

6.4.4 Foundations of Trust ................................................................................................... 46

6.5 Conclusion ......................................................................................................................... 47

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download