Assessments and Evaluations Cyber Vulnerabilities

Abstract

The Cyber Vulnerability Assessments and Evaluations program funds for cyber vulnerability assessments of major Navy weapons systems and cyber vulnerability assessments of critical shore infrastructure as directed by Sec. 1647 of the FY16 National Defense Authorization Act (NDAA) and Sec. 1650 of the FY17 NDAA, respectively. Funding will be used for assessments and non-recurring engineering for mitigations related to the Navy's major weapons systems identified in Joint Requirements Oversight Committee Memorandum (JROCM) 039-16 and on prioritized critical shore infrastructure prioritized. Sec. 1647 of the FY16 NDAA directs the Secretary of Defense to complete an evaluation of the cyber vulnerabilities of each major weapon system of the Department of Defense by not later than December 31, 2019. Funded vulnerability assessments will build upon existing efforts regarding the identification and mitigation of cyber vulnerabilities of major weapons systems, and shall not duplicate similar ongoing efforts such as Task Force Cyber Awakening or conduct redundant assessment on systems that have already been evaluated. Sec. 1647 assessment will be formalized in Vulnerability Assessment Reports (VARs), Cyber Table Top Exercises (CTTXs), Cyber Risk Analysis (CRAs) and other reporting. Sec. 1650 of the FY17 NDAA directs the Secretary of Defense to submit a plan for assessing the cyber vulnerability of critical defense infrastructure and begin assessment of this infrastructure during a preliminary pilot program that will assess no fewer than two installations by December, 31 2019. Funded vulnerability assessments will end by calendar year 2020 and will build upon existing mission assurance, blue team, and red team capabilities. As instructed by the Congressional language, the assessments will utilize Department of Energy (DoE) and Department of Defense (DoD) national laboratory partnerships. Assessments will end with the submission of a final report to Congress. Strategies and procedures for mitigating the risk of cyber vulnerabilities should be identified during the course of evaluation.

Open PDF

Document Details

Document Type
R2 Budgetary Justification
Publication Date
Oct 01, 2019
Source ID
0606942N_6_1319_PB_2019
Change Summary Explanation
Funding is requested in FY 2019 to conduct cyber vulnerability assessments of major Navy weapons systems and critical infrastructure. Technical: Not applicable. Schedule: Not applicable.
Service Agency Name
Navy

Entities

Organizations

  • United States Navy

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Control Systems
  • Cooperative Engagement Capability
  • Department Of Defense
  • Engineering
  • Information Warfare
  • Language
  • National Security
  • Risk
  • Risk Analysis
  • Strategic Weapons
  • System Of Systems
  • Task Forces
  • Uss Gerald R. Ford
  • Vulnerability
  • Warfare
  • Weapon Systems
  • Weapons

Readers

  • Civilian Systems Systems Program Capability Development and Upgrade Support Activity Expense and Pay Management.
  • Cybersecurity.
  • Technical Research and Report Writing.

Technology Areas

  • Cyber

Related Documents