Information Systems Security Program

Abstract

The Information Systems Security Program funding line supports the Army Network Modernization Strategy LOE 1, Unified Network. Efforts are aligned to support the Network-Cross Functional Team capability set approach to achieve the network modernization strategy. Project 491: Army CIO/G6 manages Project 491 Project 491: Information Assurance (IA) Development supports the implementation of the National Security Agency (NSA) developed Communications Security (COMSEC) Modernization and Key Management (KM) technologies within the Army. This including current and next generation encryption techniques, current and future Key Management Infrastructure (KMI) and technology migrations. This program provides oversight in developing policies, guidance, standard operating procedures and recommendations in integrating COMSEC and KM techniques into specific systems in support of securing the Army Tactical and Enterprise Networks. This entails architecture studies, system integration and testing, developing installation kits, and technological collaborations with NSA, DISA and other Services for enterprise and last mile implementations. The program assesses, develops and integrates Cyber Security (CS)/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance (SPG) and the Army Modernization and Strategy Plan (AMSP). IA Development funding implements and establishes functional and technical boundaries of cryptographic, key management and IA capabilities in coordination with the NSA, the DISA, and Joint Services, to secure National Security Systems (NSS), and National Security Information (NSI). Technical evaluations assess the security, operational effectiveness and network interoperability of advanced concept technologies to develop policies, standards, and fundamental building blocks for Army COMSEC capabilities that reduce the risk of future material solutions that could underperform and disrupt classified operations. Develop and publish the COMSEC Implementation Planning Guidance to identify, standardize, and govern the insertion of CS capabilities to bridge operational gaps and support the DoD and NSA mandated requirements to enhance network capacity while providing for secure information exchange of voice, video, and data in accordance with the Army Network Campaign Plan. This will be accomplished by interoperability evaluation, standards testing, and CS, System of System Network Vulnerability Assessments (SoS NVA) for Army Capability Sets for CS/COMSEC capabilities that provide protections for tactical and fixed infrastructure post, camp, and station networks. Project 491 FY 2022 Justification: This funding enables the continuation of oversight for the executions of the Army's COMSEC Modernization initiatives including major Advanced Cryptographic Capabilities (ACC) updates and replacements of existing devices and systems to meet NSA mandates. Continue to support the evaluation and testing of new technologies to support DoD Cryptographic Moderation 2 (CM2) Army implementations including Transmission Security (TRANSEC), EKMS to KMI migration and S-ICAN/ITN architecture future Capability Set developments. Support efforts to provide updated end-to-end, tactical-to-strategic COMSEC standardization and implementation guidance to meet Army's operational requirements. Continuous funding will enable the evaluations and maturity assessment of new COMSEC and key management capabilities developed by DoD joint KMI program for Army fielding to protect and strengthen the Army Network posture, with reduced cryptographic interoperability issues for both embedded and standalone systems. This funding also supports the risk reduction testing to document operational value of commercial products prior to insertion for Army use. Provide timely test and evaluate results to enable the Army to make sound investment strategic decisions and to reduce or eliminate duplications. Also supports efforts to update and develop policies to posture Army's operations to implement innovative cryptographic and key management tools and services. Perform System of System Network Vulnerability Assessments (SoS NVA) to provide protections for the Army Integrated Tactical Networks. The Defensive Cyberspace Operations (DCO) program provides initial capabilities that enable passive and active cyberspace defense operations to preserve friendly cyberspace capabilities and protect data, networks, net-centric capabilities, and other designated systems. Big Data Pilot provides an advanced analytics capability capable of ingesting structured, semi-structured, and unstructured data from multiple data sources (e.g., Joint Regional Security Stacks (JRSS), intrusion detection systems, intrusion prevention systems, network device log files, trouble tickets, firewalls, proxies, web and applications server log files, etc) and proves situational awareness of cyberspace battlefield. It provides the computer network defense provider with common analytic platform which informs and reduces risk associated with future material solutions and forms a blueprint for future Big Data Analytics. Big Data (analysis-of-all DoD Information Network sensor data) provides two optimized and accredited clusters deployed in support of JRSS and Defense Research and Engineering Network (DREN) with a tools suite accessible to Cyber Mission Forces via secure remote access. The Army's DCO activities are a construct of active cyberspace defenses which provide synchronized, real-time capability to discover, detect, analyze, and mitigate threats to and vulnerability of DoD networks and systems. Project DV4 & DV5: COMSEC is governed by the Chairman of the Joint Chiefs of Staff Instruction (CJCSA) 6510. In order to ensure Warfighters continue to have secured communications (i.e., encrypted data and voice), Army communications systems are required to support modern cryptographic capabilities by implementing modern algorithms. These efforts are consistent with Strategic Planning Guidance (SPG). These funding lines support the Army Network Modernization Strategy LOE 1, Unified Network. Efforts are aligned to support the Network-Cross Functional Team capability set approach to achieve the network modernization strategy. Project DV4: The Army Key Management Infrastructure (AKMI) is the Army's implementation of the National Security Agency (NSA) KMI ACAT IAM program, automating the functions of COMSEC electronic key management, control, planning, and distribution. AKMI supports the Army's ability to communicate and distribute Cryptographic data on the Army's tactical and strategic networks by limiting adversarial access to and reducing the vulnerability of, Army Command, Control, Communications, Computers, Cyber, Intelligence (C5I) systems. AKMI devices receive, store, manage, and transfer electronic key through the network to be loaded into communication devices such as radios and satellites to secure the network. Without this technology Warfighters are required to manually receive their cryptographic products by traveling to COMSEC account locations (which may not be co-located) and manually fill their devices. Project DV4 FY 2022 Justification: This funding line supports COMSEC technologies within the Army with allocations for the following: $0.987M, Reprogrammable Single Chip Universal Encryptor (RESCUE) to create a secure, reprogrammable cryptographic engine in providing Cryptographic Modernized Capabilities including future Over the Network Keying (OTNK) to Fill Devices and End Cryptographic Units (ECU)s. The RESCUE is a potential solution for meeting the cryptographic requirements for the NGLD-M which is available as an option for integration by NGLD-M hardware developers. As of FY2022 NGLD-M development will transfer from PE 0303140A, Project DV4 to PE 0605144A, Project BY6 funding line starting FY2022. PE 0605144A, Project BY6 was established to clearly identify requirements for NGLD-M development and is not considered a new start effort. Project DV5: Crypto Modernization (Crypto Mod) performs test, evaluation, development, and configuration management for cryptographic devices that receive key through fill devices and allow for secure communication through Army devices such as radios and satellite terminals. This program utilizes National Security Agency (NSA) developed Communications Security (COMSEC) technologies within the Army providing encryption, trusted software, or standard operating procedures, and integrating these mechanisms into specified systems in support of securing the Army Tactical and Enterprise Networks. The effort supports network operations from end-to-end throughout the force and the Common Operating Environment (COE) thus mitigating networked vulnerabilities to Army information security systems. In order to ensure Warfighters continue to have secured communications (i.e., encrypted data and voice), Army communications systems are required be upgraded to modern algorithms to meet emerging threat developed by our adversaries. Crypto Modernization necessitates the utilization of the latest NSA cryptographic capabilities in order to defeat adversarial efforts to decrypt, disrupt, or exploit US Army networks. COMSEC is the Army's implementation of NSA protections to create a unified network that is protected, resilient, and survivable. Project DV5 FY 2022 Justification: The program continues testing and evaluation of COMSEC devices to confirm capability and interoperability on Army networks and tactical systems as well as identifying risk areas for compliance with COMSEC regulations and procedures. The program will test and evaluate Crypto Systems compliant devices, Suite B IPSec devices built on commercial standards, Cryptographic High Value Product (CHVP), Commercial Solutions for Classified (CSfC) Guidance, and new software releases to High Assurance Internet Protocol Encryptor (HAIPE) 4.X devices in accordance with AR 700-142 Revision dated 8 June 2018. The program tests interoperability and provides ways to insert Data At Rest (DAR) and Data In Transit (DIT) technology within the existing and future network infrastructure. Additionally, this program evaluates performance of technologies and provides direction to ensure the lowest impact on performance while providing the greatest protection from loss of sensitive data.

Open PDF

Document Details

Document Type
R2 Budgetary Justification
Publication Date
Oct 01, 2022
Source ID
0303140A_7_2040_PB_2022
Change Summary Explanation
FY 2022 decrease of $13.108 million based on establishment of the new funding line in support of NGLD-M development. Funding was realigned from PE 0303140A Project DV4 to 0605144A Project BY6 starting in FY 2022.
Service Agency Name
Army

Entities

Organizations

  • United States Army

Tags

Communities of Interest

  • Cyber
  • Human Systems
  • Space

DTIC Thesaurus Topics

  • Application Software
  • Big Data
  • Computer Networks
  • Computers
  • Configuration Management
  • Cost Analysis
  • Cyberattacks
  • Cyberspace Operations
  • Data Analysis
  • Information Assurance
  • Information Systems
  • Intrusion Detection
  • Network Protocols
  • Software Development
  • Test And Evaluation
  • User Interface
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber
  • Fully Networked C3
  • Fully Networked C3 - Command and Control
  • Microelectronics
  • Space

Related Documents