洛克希德公司推出针对武器系统的网络弹性评估模型

作者：Mark Pomerleau

洛克希德马丁公司推出了一种评估武器系统网络弹性的模型。这个被称为网络弹性水平（crl）模型的国防巨头吹嘘说，这是其同类概念中第一个专门针对国防武器系统、任务系统和训练系统的概念，而不是针对IT系统。

该模型列出了六个类别需要权衡的四个弹性级别（即席、管理、优化和自适应）。

这些类别包括：

可视性：能够有效地感知、收集和输入数据；

网络卫生：评估和维持网络控制有效性的能力；

要求：对某些能力的需求，官员说这与任务的重要性和对作战环境的风险相称；

测试和评估：衡量针对任务目标的控制有效性的能力；

体系结构：保持抵御网络攻击能力的能力；以及

信息共享：程序可以与其他程序共享威胁信息。

洛克希德马丁公司网络弹性水平模型（洛克希德马丁公司）

8月13日，洛克希德马丁公司（Lockheed Martin）政府事务部（Government Affairs）网络主管吉姆凯弗（Jim Keffer）在弗吉尼亚州的洛克希德阿灵顿（Lockheed”s Arlington）全球视野中心（Global Vision Center）对记者说，开发这种模型的原因有三方面。

首先是紧迫性。Keffer说，威胁继续以关键系统为目标，直到2014-2015年，国防部才开始编写武器系统网络安全要求。

他补充说，部队每天都在不断地接触。

第二，国会自2016年以来一直要求国防部对其武器系统的网络安全进行审计，并规定如何减轻发现的漏洞。基弗说洛克希德的模型实现了这一点。

第三，基弗强调，战斗人员需要这种能力来保护自己。

洛克希德公司的官员解释说，该模型正在10个试点项目内部使用；但是，他们拒绝提供有关试点项目中客户或系统的具体信息。

官员们说，随着威胁或技术的变化，该模型被设计成具有灵活性和适应性。此外，它还可以应用于新系统的开发，以及遗留系统的维持工作。

原文：

This is Lockheed’s new cyber resiliency scale for weapon systems

By: Mark Pomerleau

Lockheed Martin has unveiled a model for measuring the cyber resiliency of weapon systems.

Dubbed the Cyber Resiliency Level (CRL) model, the defense giant boasts this is a first-of-its-kind concept focusing exclusively on defense weapon systems, mission systems and training systems — not IT systems.

The model lists four resiliency levels — ad-hoc, managed, optimized and adaptive — that six categories are weighed against.

The categories include:

Visibility: the ability to efficiently sense, collect and infuse data;

Cyber hygiene: the ability to assess and maintain the effectiveness of cyber controls;

Requirements: the needs for certain capabilities, which officials said is commensurate with mission importance and risk to operational environment;

Test and evaluation: the ability to measure the effectiveness of controls against mission objectives;

Architecture: the ability to maintain a capability against cyberattacks; and

Information sharing: can a program share threat information with other programs.

Lockheed Martin Cyber Resiliency Level model (Lockheed Martin)

The reason for developing this model was threefold, Jim Keffer, director of cyber at Lockheed Martin Government Affairs, told reporters Aug. 13 at Lockheed’s Arlington, Virginia, Global Vision Center.

First was urgency. Threats continue to target critical systems and the Department of Defense did not start writing requirements for cybersecurity of weapon systems until the 2014-2015 timeframe, Keffer said.

He added that forces are in constant contact every day.

Second, Congress has been demanding since 2016 that DoD conduct audits on the cybersecurity of its weapon systems, as well as define how to mitigate vulnerabilities found. Keffer said the Lockheed model achieves this.

Third, Keffer stressed that war fighters need this type of capability in order to protect themselves.

Lockheed officials explained the model is being used internally on 10 pilot programs; they declined, however, to offer specifics regarding the customers or systems within the pilots.

The model is designed to be flexible and adaptable over time as threats or technology changes, officials said. Moreover, it can be applied to the development of new systems, as well as sustainment efforts for legacy systems.

声明：本文来自网电空间战，版权归作者所有。文章内容仅代表作者独立观点，不代表士冗科技立场，转载目的在于传递更多信息。如有侵权，请联系 service@expshell.com。