Air Force gets a move on dynamic cyber defense

The C2PD program is looking to incorporate Moving Target Defense into an existing command and control framework.

As cyber threats continue to loom for private industry and the military alike, the Air Force is looking to improve its own defenses.

In a solicitation released yesterday, the Air Force has requested white papers for the development of a command and control capability that could orchestrate Moving Target Defense across the entire enterprise.

MTD strategies seek to move cyber defenses from static configurations to a more dynamic, changing set of system parameters that would make it more difficult for attackers to discover and take advantage of vulnerabilities, according to FCW. For instance, the Defense Advanced Research Projects Agency’s Resilient Cloud program sought to change the allocation of tasks to hosts—the theory being that attackers would be unable to map a constantly shifting system and make a coordinated attack.  

“Cyber agility techniques called moving target defenses offer a capability to assure the network and Air Force missions,” the Air Force said in its solicitation. “By providing mobility to static network and computing resources within the enterprise, we create uncertainty for the attacker and can outmaneuver attacks to critical cyber infrastructure.”

The new program, called the Command and Control of Proactive Defense (C2PD), is seeking a C2 system that would be able to assess, plan and execute a coordinated defense in order to avoid cyber fratricide and limit the amount of available avenues for attack.

The Air Force recognizes two challenges associated with MTDs that the new program will be tackling.

The first is that the strategy would have to modify resources that would already be supporting critical system functions being used for missions—implementation of MTD could cause resource contention, or conflicts in terms of access to shared resources such as hardware. The second challenge is that MTDs would have to be incorporated into an existing C2 framework. The ultimate goal of the program would be to develop a C2 capability that could provide decision-making support to orchestrate multiple MTD technologies.

The current solicitation focuses on white papers for two technical areas for 2015:

MTD Characterization. The Air Force is looking for research that would allow for the characterization of MTD in terms of resource consumption and the gains in security, allowing for better matches between missions and MTDs.

MTD Wrapping. The service also is looking to integrate MTDs into an existing C2 framework that would enable MTDs to be deployed, monitored and controlled in a target environment. This means that MTDs would have to be wrapped to fit the framework’s application programming interface.

White papers on the two topics are due by Aug. 29, with awards up to $500,000.