2020-07-03 智邦网
编译 致远
据c4isr网2020年7月1日报道,美海军信息战系统司令部计划2022财年前使180艘舰船具备网络安全要求的技术能力。
司令部舰队战备指挥部网络安全办公室(FRD 300)为舰船配备的网络基线是一种基于网络的应用程序,为海军所有网络提供一个可搜索、易于使用、平台专属的记录,包括托管与连接系统、舰上与岸上系统等信息。
该工具将使舰船具备独立管理和维护舰上信息的技术能力,自2018年1月开始至2020年6月,共计80艘海军舰船完成了安装。
FRD 300负责人表示,该工具采用端到端的方法,确保所有托管和连接的系统符合国防部的要求,可识别舰船在应用或现代化改装期间的能力风险,并验证网络符合安全技术权威标准,确保出航前的网络安全。
该工具的交付与安装是与美海军司令部、太平洋海军信息战中心和大西洋海军信息战中心合作完成的。
The Navy aims to install cyber baselines aboard 180 ships
Naval Information Warfare Systems Command plans to deploy technology that will certify a ship’s compliance with cybersecurity requirements to 180 vessels by fiscal 2022.
The cyber baseline system — deployed by FRD 300, which is short for the Cybersecurity Office of the command’s Fleet Readiness Directorate — is a web-based application. It allows the directorate to ensure a ship’s systems comply with cybersecurity requirements set by the departments of Defense and the Navy prior to departure, according to a June 29 news release from NAVWAR.
A baseline “offers a searchable, easy-to-use, platform-specific record of all Navy networks, including hosted and connected, afloat and ashore systems, enabling the ability to independently manage and maintain a ship’s information technology capabilities,” the release said.
Cyber baselines have been deployed aboard 40 ships in fiscal 2019, the release said. The program, which started in January 2018, has implemented cyber baselines on 80 Navy ships as of June 2020, according to the release.
“Delivering cyber baselines allows us to identify capability risks during a ship’s availability or scheduled modernization, assuring a cyber-ready platform prior to departure,” FRD 300 Director Duane Phillips said. “We are using an end-to-end approach, ensuring that all hosted and connected systems, including the Consolidated Afloat Networks and Enterprise Services (CANES) and Integrated Shipboard Network System (ISNS), comply with DoD and DoN requirements and are approved to meet cyber security technical authority standards.”
The tool is delivered and installed in coordination with NAVWAR Headquarters, Naval Information Warfare Center Pacific and Naval Information Warfare Center Atlantic.
According to the release, FRD 300 supports 10 to 15 platforms at any given time. It is currently working on ships in Bahrain, Japan, California, Washington “and more,” the release said. Because of the coronavirus pandemic, FRD 300 is providing both distance and in-person training on the system.
“Despite today’s current circumstances, our Navy and our nation are continuing to experience an unprecedented degree of competition in the maritime environment,” FRD 300 Executive Director Mike Spencer said. “As the technical leader for Navy cybersecurity we must continue to drive implementation of cyber standards, creating a secure, defensible information domain. By delivering, installing and managing cyber baselines, we are able to provide a validated end-to-end cyber compliant network improving cyber readiness across the fleet.”
NAVWAR is also working with NIWC Pacific and Program Executive Office Command, Control, Communications, Computers and Intelligence and Space Systems to create a C4I certification by the end of fiscal 2021 that assess a system’s cyber readiness. According to the release, the certification process will confirm “all warfighter tools and capabilities are cyber secure through consistent and pervasive implementation of cybersecurity specifications and standards.”
The efforts come as the Navy continues to work to improve its cybersecurity after an assessment last year found the service lacked effective cyber hygiene and recommended that it restructure its cybersecurity governance.
相关信息