Accreditation of Instrumentation Systems and a Few Ways Vendors Can Help

Abstract

The USAF requires a cybersecurity Risk Management Framework (RMF) accreditation package to be approved by Authorizing Official (AO) to grant an Authority to Operate (ATO) for all instrumentation systems installed on USAF platforms. Vendors can help the USAF obtain an ATO by delivering software and hardware that implements best cybersecurity practices such as delivering software with reduced attack surface, secure delivery of software binaries, and secure methods for installing/validating firmware. Hardware designs can assist the accreditation processes by defining non-volatile memory (NVM) characteristics and reduce the operational issues by isolating NVM. Adding options for logging control-plane and data-plane network traffic is very helpful as instrumentation systems expand the use of connected networks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 15, 2019
Accession Number
AD1073339

Entities

People

  • Todd Jacob

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Boundaries
  • Business Administration
  • Cybersecurity
  • Department Of Defense
  • Digital Information
  • Firmware
  • Information Operations
  • Instrumentation
  • Operating Systems
  • Risk
  • Risk Management
  • Security
  • Standards
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Naval Mine Countermeasure Systems Development.
  • Software Engineering

Technology Areas

  • Cyber