Nuclear Deterrence and the Space and Cyber domains

NPS NRP Technical ReportThe space and cyber domains are becoming increasingly intertwined in both conventional and theoretical nuclear conflicts. Deterrence strategies involving aggression, escalation, and deterrence must evolve with ever changing reality of the world situation. The space and cyber domains are unique from other domains since actions taken in these domains may be unattributable to a state actor and damage that occurs may be non-kinetic yet severe at the same time. In the past the U.S. has clearly defined nuclear redlines and communicated these to potential adversaries to help them understand actions which could be interpreted by the U.S. as precursor to nuclear aggression. Clearly communicated nuclear redlines seem to have been effective strategy at deterring the actions defined by the redline. In many cases potential adversaries have protested some of the redlines, but regardless of their protest in practically every case they still abided by them. It is vitally important that nuclear redlines evolve as the world situation and technology progress. This is not a simple task. Many space and cyber assets are dual tasked with conventional and nuclear missions. This project will help define which events in these domains is significant enough to warrant a kinetic response from the U.S., and which may justified crossing the nuclear threshold. With this understanding, recommendations will be made to improve or modify U.S. nuclear deterrence strategy if necessary. Keywords: Nuclear Deterrence, Strategic Deterrence, Space domain, cyber domain, crossdomainN3/N5 - Plans & StrategyThis research is supported by funding from the Naval Postgraduate School, Naval Research Program (PE 0605853N/2098). https://nps.edu/nrpChief of Naval Operations (CNO)Approved for public release. Distribution is unlimited.

A Survey on Data Plane Programming with P4: Fundamentals, Advances, and Applied Research

With traditional networking, users can configure control plane protocols to match the specific network configuration, but without the ability to fundamentally change the underlying algorithms. With SDN, the users may provide their own control plane, that can control network devices through their data plane APIs. Programmable data planes allow users to define their own data plane algorithms for network devices including appropriate data plane APIs which may be leveraged by user-defined SDN control. Thus, programmable data planes and SDN offer great flexibility for network customization, be it for specialized, commercial appliances, e.g., in 5G or data center networks, or for rapid prototyping in industrial and academic research. Programming protocol-independent packet processors (P4) has emerged as the currently most widespread abstraction, programming language, and concept for data plane programming. It is developed and standardized by an open community and it is supported by various software and hardware platforms. In this paper, we survey the literature from 2015 to 2020 on data plane programming with P4. Our survey covers 497 references of which 367 are scientific publications. We organize our work into two parts. In the first part, we give an overview of data plane programming models, the programming language, architectures, compilers, targets, and data plane APIs. We also consider research efforts to advance P4 technology. In the second part, we analyze a large body of literature considering P4-based applied research. We categorize 241 research papers into different application domains, summarize their contributions, and extract prototypes, target platforms, and source code availability.Comment: Submitted to IEEE Communications Surveys and Tutorials (COMS) on 2021-01-2

Rapid Mission Assurance Assessment via Sociotechnical Modeling and Simulation

How do organizations rapidly assess command-level effects of cyber attacks? Leaders need a way of assuring themselves that their organization, people, and information technology can continue their missions in a contested cyber environment. To do this, leaders should: 1) require assessments be more than analogical, anecdotal or simplistic snapshots in time; 2) demand the ability to rapidly model their organizations; 3) identify their organization’s structural vulnerabilities; and 4) have the ability to forecast mission assurance scenarios. Using text mining to build agent based dynamic network models of information processing organizations, I examine impacts of contested cyber environments on three common focus areas of information assurance—confidentiality, integrity, and availability. I find that assessing impacts of cyber attacks is a nuanced affair dependent on the nature of the attack, the nature of the organization and its missions, and the nature of the measurements. For well-manned information processing organizations, many attacks are in the nuisance range and that only multipronged or severe attacks cause meaningful failure. I also find that such organizations can design for resiliency and provide guidelines in how to do so

Challenges Of Implementing Defense Policies To Deter Hostile Actors In Space And Cyberspace

Space and cyber operations have changed national security for both nations and non-state actors worldwide. The low barriers to entry have allowed less sophisticated nations and actors to have an impact on the U.S. and near-peer nations. The lack of attribution and the ability to obfuscate the source of the space or cyber weapon will make the case for wartime retaliation difficult. The highly proactive antisatellite weapons test conducted by China in 2007 and the alleged employment of Stuxnet against Iran\u27s nuclear program by the United States and Israel illustrates the potentially destabilizing effects to high priority national programs. If a hostile country were to remove the technological advantage, especially concerning space platforms, it could neutralize the conventional weapons advantage of the United States in future conflicts. This thesis will explore the key components of both the space and cyberspace domains. The threat of weapons employment, the unique deterrence characteristics of the space and cyberspace domains, and some case studies where these weapons have been employed. Ultimately, this paper investigates under what conditions deterrence is possible with regard to space and cyberspace technologies. In addition, answers the key question, of whether future enemies can be deterred from attacking U.S. space systems

A systemic review of the cybersecurity challenges in Australian water infrastructure management

Cybersecurity risks have become obstinate problems for critical water infrastructure management in Australia and worldwide. Water management in Australia involves a vast complex of smart technical control systems interconnected with several networks, making the infrastructure susceptible to cyber-attacks. Therefore, ensuring the use of security mechanisms in the control system modules and communication networks for sensors and actuators is vital. The statistics show that Australia is facing frequent cyber-attacks, most of which are either undetected or overlooked or require immediate response. To address these cyber risks, Australia has changed from a country with negligible recognition of attacks on critical infrastructure to a country with improved capability to manage cyber warfare. However, little attention is paid to reducing the risk of attacks to the critical water infrastructure. This study aims to evaluate Australia’s current cybersecurity attack landscape and the implemented controls for water infrastructure using a systematic literature review (SLR). This study also compares Australia in the context of global developments and proposes future research directions. The synthesis of the evidence from 271 studies in this review indicates the importance of managing security vulnerabilities and threats in SCADA water control systems, including the need to upgrade the contemporary water security architecture to mitigate emerging risks. Moreover, human resource development with a specific focus on security awareness and training for SCADA employees is found to be lacking, which will be essential for alleviating cyber threats to the water infrastructure in Australia

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures comprise of many interconnected cyber and physical assets, and as such are large scale cyber-physical systems. Hence, the conventional approach of securing these infrastructures by addressing cyber security and physical security separately is no longer effective. Rather more integrated approaches that address the security of cyber and physical assets at the same time are required. This book presents integrated (i.e. cyber and physical) security approaches and technologies for the critical infrastructures that underpin our societies. Specifically, it introduces advanced techniques for threat detection, risk assessment and security information sharing, based on leading edge technologies like machine learning, security knowledge modelling, IoT security and distributed ledger infrastructures. Likewise, it presets how established security technologies like Security Information and Event Management (SIEM), pen-testing, vulnerability assessment and security data analytics can be used in the context of integrated Critical Infrastructure Protection. The novel methods and techniques of the book are exemplified in case studies involving critical infrastructures in four industrial sectors, namely finance, healthcare, energy and communications. The peculiarities of critical infrastructure protection in each one of these sectors is discussed and addressed based on sector-specific solutions. The advent of the fourth industrial revolution (Industry 4.0) is expected to increase the cyber-physical nature of critical infrastructures as well as their interconnection in the scope of sectorial and cross-sector value chains. Therefore, the demand for solutions that foster the interplay between cyber and physical security, and enable Cyber-Physical Threat Intelligence is likely to explode. In this book, we have shed light on the structure of such integrated security systems, as well as on the technologies that will underpin their operation. We hope that Security and Critical Infrastructure Protection stakeholders will find the book useful when planning their future security strategies

Analysis of security at the Near-real-time RIC xApps based on O-RAN-defined use cases

The Open Radio Access Network Alliance (O-RAN Alliance) is a group of industry and academic organizations that strive to realize the vision of next-generation cellular networks. Using standardized interfaces, telecommunications operators can operate multi-vendor infrastructure and deliver high-speed services to their mobile users. Additionally, the O-RAN Alliance has standardized an Open Radio Access Network (RAN) architecture based on the Third Generation Partnership Project (3GPP) and other standards. User planes and control planes are currently separate in RAN architecture. The separation makes it easier to accommodate network function virtualization methods required for 5G, enabling it to be more flexible. To help in the management of resources, the O-RAN standard proposes the use of xApps, i.e., dedicated applications that can be customly installed by the network operatior and that can be purchased from different vendors. For this reason, securely managing xApps represents a significant challenge for the security of the overall network.\\ In this thesis, we analyze the security of xApps and their proposed use cases. Based on the applications porposed by the O-RAN alliance, we provide an in depth analysis of the vulnerabilities and their impact on the network. We also discuss different features of attacks, such as reproducibility, stealthiness, exposure, and impact. Based on our analysis, we conclude that significant work is still to be made to guarantee the security of O-RAN and in particular of its xApps. This thesis hence provides a baseline for future research in the domain of security and privacy for next generation communication network

Cyber Threats and NATO 2030: Horizon Scanning and Analysis

The book includes 13 chapters that look ahead to how NATO can best address the cyber threats, as well as opportunities and challenges from emerging and disruptive technologies in the cyber domain over the next decade. The present volume addresses these conceptual and practical requirements and contributes constructively to the NATO 2030 discussions. The book is arranged in five short parts...All the chapters in this book have undergone double-blind peer review by at least two external experts.https://scholarworks.wm.edu/asbook/1038/thumbnail.jp

Smart Urban Water Networks

This book presents the paper form of the Special Issue (SI) on Smart Urban Water Networks. The number and topics of the papers in the SI confirm the growing interest of operators and researchers for the new paradigm of smart networks, as part of the more general smart city. The SI showed that digital information and communication technology (ICT), with the implementation of smart meters and other digital devices, can significantly improve the modelling and the management of urban water networks, contributing to a radical transformation of the traditional paradigm of water utilities. The paper collection in this SI includes different crucial topics such as the reliability, resilience, and performance of water networks, innovative demand management, and the novel challenge of real-time control and operation, along with their implications for cyber-security. The SI collected fourteen papers that provide a wide perspective of solutions, trends, and challenges in the contest of smart urban water networks. Some solutions have already been implemented in pilot sites (i.e., for water network partitioning, cyber-security, and water demand disaggregation and forecasting), while further investigations are required for other methods, e.g., the data-driven approaches for real time control. In all cases, a new deal between academia, industry, and governments must be embraced to start the new era of smart urban water systems

Barriers to Secure ICT in a Maritime Environment

The purpose of the research reported in this thesis was to investigate the barriers to ICT security in a maritime environment so that the findings of the research can be used to develop a secure ICT maritime profile that will be capable of being updated on an on-going basis. This is an important area of research because the maritime sector is increasingly reliant upon ICT yet there is evidence that ICT security and the potential threats and consequences if ICT is not available when needed have not been given the attention they deserve. Indeed, the literature review carried out as part of this research pointed to a big gap in the maritime literature regarding ICT security. Literature from non-maritime specific fields was used to establish a basic understanding of the barriers most likely to be relevant and provide key terminology for use in this research. Empirical data were collected from semi-structured interviews with Royal Naval personnel and informal discussions with Merchant Navy officers. A robust yet flexible approach was used to interpret the results and thus identify the barriers, many of which are caused by complex interactions between social and technical factors, particularly on-board ships. Nine barriers to ICT security were revealed. They are: tensions experienced between security experts and ICT users; operational imperatives override security requirements; security requirements impeding business process; a limited ability to recover from disruption; unable or unwilling to share security incident information; Inadequate security training; disruption to situational awareness; unpredictable behaviour of people in difficult situations; and a lack of ICT security awareness. A new understanding of barriers arose from further interpretation of the findings, the results of which led to recommendations for the design for an updateable maritime ICT security profile that could be used to guide relevant staff (including Ship’s Security Officers) and as a tool to raise security awareness for non-experts