Cybersecurity Assessment and Mitigation Stochastic Model

Abstract

With numerous cybersecurity incidents and vulnerability concerns in an increasingly contested cyber warfighting environment, the Department of Defense (DoD) has mandated cybersecurity assessment and authorization of all major weapon systems (MWS) before their use. In response to this direction, the Air Force Life Cycle Management Center (AFLCMC) created the Platform Information Technology Assessment and Authorization (PIT A and A) Process. Modeled after the NIST Risk Management Framework (RMF), the process applies a risk-based approach to cybersecurity with the goal of identifying risks and mitigating vulnerabilities in MWS. Within this work, a stochastic model of the PIT A and A Process is presented with an emphasis on understanding how the complexity of systems, accuracy of security artifacts, and workforce proficiency impacts the ability to effectively mitigate cybersecurity risks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 23, 2018
Accession Number
AD1056471

Entities

People

  • Matthew W. Davis

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Accuracy
  • Air Force
  • Computers
  • Cybersecurity
  • Department Of Defense
  • Experimental Design
  • Governments
  • Information Systems
  • Life Cycle Management
  • Life Cycles
  • Risk
  • Risk Management
  • Security
  • Spreadsheet Software
  • United States Government
  • Vulnerability
  • Weapon Systems

Fields of Study

  • Computer science

Readers

  • Aviation Safety Risk Assessment.
  • Defense Acquisition Program Management
  • Naval Mine Countermeasure Systems Development.

Technology Areas

  • Cyber