Industry
OT Network security
System Design & Architecture

US Air Force Seeking Help Securing ICS & IoT

December 26, 2019
US Air Force Seeking Help Securing ICS

The US Air Force has released an RFI for the EVALUATION OF CYBER/IoT VULNERABILITIES OF DOD CRITICAL INFRASTRUCTURE (ExCITe).  The US Air force is on a fact-finding mission to evaluate how they can better protect their OT/ICS/IoT systems.

“The RFI seeks to obtain technical concepts, approaches, and merits of the ideas of work pertaining to the automatic identification, mapping, and security analysis of various base control systems. For the scope of this RFI, base control systems consist of industrial control systems/supervisory control and data acquisition (ICS/SCADA), building automation, life safety, utility monitoring, and airfield control systems. Further, it seeks to obtain information about pricing, delivery, and other market information or capabilities for possible use in a future Broad Agency Announcement (BAA).”

[optin-monster-shortcode id=”dv4jqlr9fih8giagcylw”]

The RFI states that the Air Force “seeks to establish a real-time situational awareness platform capable of determining a base’s overall cyber threat surface in terms of control systems technology. A key factor in determining the overall cyber threat surface is an accurate inventory of control systems devices connected through both internet protocol (IP), serial, and other connections.  Base control systems of interest include, but are not limited to, supervisory control and data acquisition (SCADA) systems, building automation, life safety, utility monitoring, and airfield control systems.”

The US Air Force has done its homework and has specified the data acquisition capabilities required in response, including passive data capture, continuous monitoring and active scanning for specific systems and DPI for ICS protocols such as BACNet, LonWorks, Modbus, ZigBee.  Standard fair for most vendors in the space.

The RFI continues to lay out the analytics and data integration capabilities, including:

  • Ad hoc reporting, dashboarding, alerts (visualization and interaction)
  • Storage, indexing, processing (analysis and algorithms)
  • Determination of a base’s overall risk / threat posture
  • Generation of alerts for events of interest
  • Existing Application Program Interfaces (APIs) to support enterprise integration

Additional consideration for:

Comparing device configuration and software component versions with NIST and other vulnerability databases

Out of the box connectivity with data historians, vertical databases and management systems

And a familiarity with USAF Civil Engineering functions will go a long way.

Full RFI link here

 

Vidya Lakshmi
IndustrialCyber Editor & Features Vidya is a freelance journalist with over 10 years of experience in business journalism. She started her career reporting on U.S. equities markets and later moved to niche financial news. She developed an interest in ICS cybersecurity after researching some incidents and reading about it online.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
CISA issues Emergency Directive 24-02 in response to Russian cyber threat targeting Microsoft email accounts
CISA issues Emergency Directive 24-02 in response to Russian cyber threat targeting Microsoft email accounts
European Commission recommends Coordinated Implementation Roadmap for transition to Post-Quantum Cryptography
European Commission recommends Coordinated Implementation Roadmap for transition to Post-Quantum Cryptography
Proposed CIRCIA rule boosts cyber threat understanding, early detection of adversary campaigns, offers coordinated actions
Proposed CIRCIA rule boosts cyber threat understanding, early detection of adversary campaigns, offers coordinated actions
The Takepoint Research report indicates a significant shift towards adopting the Zero Trust model in OT, with 72% of professionals integrating it to boost security and efficiency. It highlights secure remote access as a key application, aligning with goals to reduce risk and enhance operations. Moreover, it points out the need for collaborative efforts across organizational roles to implement Zero Trust effectively, aiming to improve productivity and security.
Xage-Takepoint Research report reveals growing adoption of zero trust security in industrial enterprises
CSRB reports Microsoft Exchange breach by Storm-0558, urges security reforms following espionage incident
CSRB reports Microsoft Exchange breach by Storm-0558, urges security reforms following espionage incident
Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
White House issues policy on AI risk mitigation and benefits in line with President Biden's Executive Order
White House issues policy on AI risk mitigation and benefits in line with President Biden’s Executive Order
US DoD unveils DIB Cybersecurity Strategy 2024 to strengthen national cyber defenses
US DoD unveils DIB Cybersecurity Strategy 2024 to strengthen national cyber defenses
Growing need to implement effective post-incident recovery strategies in evolving OT, ICS environments
Growing need to implement effective post-incident recovery strategies in evolving OT, ICS environments