Mapping the cyber threats of Air Force base control systems
The Air Force is looking to assess the cyber threat surface for on-base control systems, such as building automation, life safety, utility monitoring and airfield control systems.
In a request for information, the Air Force Research Laboratory is looking for details on the pros and cons of various approaches for real-time situational awareness platforms that include automatic identification, mapping and security analysis of base control systems.
The Air Force said it is interested in novel ways to automatically identify and map control systems and infrastructure devices on base, perform analytics to identify threats and critical dependencies and support ad hoc reporting.
A key requirement for evaluating cyber and internet-of-things vulnerabilities is an accurate inventory of control systems devices, so the Air Force is looking for the ability to scan network packets and specific systems, with reporting that features visualized and interactive alerts and dashboards. The system should also be capable of interfacing with existing application programming interfaces, conducting analysis and determining a base's overall risk.
Additionally, the technology stack must be applicable to numerous Air Force bases, which vary significantly in in terms of geography and age, buildings and devices. It must also address classification concerns related to the aggregation of data.
Responses are due Feb. 14.
Connect with the GCN staff on Twitter @GCNtech.