Abstract: The DoD sought innovative capabilities to manage cyber risks to missions in contested cyber environments, including 7 specific challenges. This project aims to tackle these challenges by proposing an innovative framework, dubbed Cyber Risks to Missions Management (CR2M), as well as supporting techniques and prototype system implementation. CR2M offers a new paradigm of cyber operations with inherent capabilities for managing cyber risks to missions. The paradigm consists of three phases:
- Mission Planning, which is conducted by the mission planner to select cybersecurity tools from the Cybersecurity Tools Base, which includes tested cybersecurity mechanisms, cybersecurity architectures, and cyber command-and-control (C2) systems;
- Mission Execution, which is conducted by defenders according to the output of the Mission Planning phase, including the use of the cybersecurity tools selected from the Cybersecurity Tools Base in the Mission Planning phase;
- Mission Review, which assesses what have been done right / wrong in the preceding two phases, to improve the Mission Planning, the Cybersecurity Tools Base, and the Mission Execution for future missions.
CR2M addresses the seven challenges as follows.
- Metrics definition. The challenge is to define a set of risk and mission assurance metrics. CR2M tackles this challenge by leveraging the PI’s prior study on the SARR cybersecurity metrics framework, which accommodates Security, Agility, Resilience, and Risk metrics.
- Addressing risks. CR2M addresses this challenge by leveraging the PI’s prior study on the Cybersecurity Dynamics framework, which can incorporate and orchestrate the intelligent use of preventive, reactive, adaptive, proactive, and active defenses.
- Risk management. The challenge is to investigate how to manage, mitigate, and control the risks
to missions. CR2M addresses this challenge also by leveraging the Cybersecurity Dynamics framework because it can inherently model the interdependence between missions and the interdependence between the services in the mission network.
- Mitigating errors. CR2M addresses this challenge by automating cyber operations as much as possible and leveraging attack-tolerance techniques to mitigate human and machine errors.
- Command-and-control. This requires the defender to orchestrate defenses to mitigate cyber threats against missions. CR2M addresses this challenge by leveraging cyber C2 systems together with risk management to deal with the threats that were unforeseen at the Mission Planning phase.
- Protecting warfighters. The challenge is to protect defenders (e.g., cyber operators or warfighters) from the high cognitive demands incurred when executing the missions. CR2M addresses this challenge also by automating cyber operations as much as possible.
- Training. The challenge is to have a systematic way to train mission planners and defenders. CR2M addresses this challenge via the three phases mentioned above.