Defense Systems

Pentagon, industry pursue increased data bus security

A private firm has developed new data bus cybersecurity technology which claims to identify attacks and cyber intruders more quickly.

Kris Osborn

|

The Pentagon and industry are seeking to better protect and modernize MilSTD 1553 data bus cybersecurity and more quickly detect and defend against malicious intrusions.

Decision Zone, a private company, has engineered a new data bus security technology, which the company claims solves this problem. They are now in the process of offering the technology to the U.S. military services.

The thrust of the technology, called dzAudit, is a real-time message bus monitoring of business logic, known as established sequences and data exchanges that pass information to issue commands and perform various functions.

The Pentagon has been working with various vendors for quite some time to address data bus vulnerability, as evidenced by a memorandum last year from the Michael Gilmore, then Director, Operational Test and Evaluation at DOD.

The memo states: “Aircraft using military standard (MilSTD) 1553 data buses or commercial equivalents (such as Aeronautical Radio INC 429 as well as 700 and 800 series high speed avionics data buses), and vehicles using both MilSTD 1553 and commercial Controller Area Network bus protocols are potentially vulnerable to cyberattacks via code and data inserted across these communications protocols.”

Many networks, weapons systems and sensors increasingly rely upon data bus technology, which both massively improves functionality and simultaneously increases the need to fortify cyber defenses as attacks run the risk of having a larger impact.

In the case of a sensitive and crucial weapons system such as an ICBM database, business logic would establish procedures and functions moving the weapon’s platform from one stage of a launch to another. For instance, an initial command might be turning on a booster, activating command and control and then ultimately directing a launch.

“An ICBM has a lot of coding and databases,” said Rajeev Bhargava, CEO, Decision Zone.

Data analytics gathers information and monitors data bus activity for a period of time before cyber defenders can access the information. Faster detection, naturally, could expedite cyber defenses and needed reaction time.

“Data bus integration allows all the different modules to talk to each other. Someone could hack into that message bus and change direction, create specific dangerous actions or change course. Currently there is no technology to monitor business logic on message bus,” Bhargava said.

This technique allowed the Iranians to hack a GPS signal and take over control of a drone, experts and analysts maintain. That event generated worldwide attention several months ago, Bhargava explained.

The principal advantage of the live monitoring, Bhargava explained, is that it can detect threats and potential intrusions faster than currently used data analytics techniques, which operate on  a certain latency or lag time between data bus activity and threat detection.

Decision Zone’s technology follows its own sequence as well, Bhargave explained.

“First dzAudit uses next generation machine learning technology to reverse engineer the business logic running on the data bus in terms of state machines which define the message cause and effect relationships. Secondly, dzAudit uses the state machine to create autonomous cyber defense applications running on the data bus to block malware messages or insider message intrusions,” he said.

Bhargava further stated that with its current state of monitoring and detection, data analytics is not always accurate. This, he said, is because the algorithms are based on probability and are not able to specifically pinpoint problem areas in a 100-percent definitive way.

“What they do today is…after you have sent a command to the module, information is inputted into a big database to collect information and make a decision. In order to monitor a data bus, they perform data aggregation, analyze and then figure out what happened. In this environment, data analytics is ineffective and cannot detect messages from malware,” he said. 

The dzAudit technology uses an algorithm based on statistics and mathematical formulas to detect malware intrusions or problem messages as they happen, Bhargava explained. In order to accomplish this, dzAudit draws from substantial innovations in the area of automation and AI, enabling machine-learning to examine messages and data bus activity.

“We developed our own language to do what we do. It is a product which took years to develop,” Bhargava said.

Tim Kline, Cyber Security Subject Matter Expert at CIRRUS Research Associates, said dzAudit represents an important shift in cybersecurity as hardware server footprints decrease and more information migrates to a cloud environment.

“We have to get rid of this existing paradigm of many layers of imperfect security and replace it with something that actually works,” he said.

Kline, who previously served as the Director General of SIGINT Engineering Communications Security Establishment, the Canadian equivalent to the U.S. National Security Agency, said efforts like Decision Zone’s dzAudit represent a paradigm shift away from perimeter security and toward technologies which embed applications directly into a message bus.

Keeping systems separate through perimeter security as more and more data moves to the cloud no longer works, he explained.

“It goes back to trying to solve cyber security by actually trying to deal with the data in the application as opposed to trying to add a lot infrastructure into the network,” Kline said.

Keeping data separate within the cloud through network segmentation can be useful, Kline explained. It is less efficient but can increase security.

“Instead of building walls around systems, they (Decision Zone) are embedding the applications right into the middleware and doing it in a way that you do not have to change the applications,” Kline said.

NEXT STORY: New soldier 'exosuit' creates sharper, stronger fighters

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.