Rules and Guidelines
Want to participate in the discussions? Please read our Community Rules and Guidelines. Need some help? Visit Support and Answers.

  • State Not Answered
  • Replies 5 replies
  • Subscribers 18 subscribers
  • Views 117 views
  • Users 0 members are here
Options
You may also be interested in

GBAD Network Safety?

David Outram

"What are the best practices for ensuring the safety and resilience of Ground-Based Air Defence (GBAD) networks in the face of evolving cyber and physical threats?"

Context:
As GBAD systems increasingly rely on interconnected networks for communication, command, and control, the potential vulnerabilities to cyberattacks, electronic warfare, and physical disruptions are growing. I am particularly interested in:

  • Strategies for securing data transmission within GBAD networks.
  • Mitigating risks associated with integrating legacy systems with modern technologies.
  • Approaches to testing and validating the safety and security of these networks under operational conditions.

I would appreciate insights from those with experience in military systems engineering, network security, or related fields. Are there specific standards, frameworks, or case studies that you would recommend exploring?

Parents
  • 0

    I'd almost hope there weren't published standards for that kind of thing ... if the "other side" knows how you're protecting the system from any particular threat, it may make it a lot easier for them to develop a method of defeating it.

       - Andy.

  • 0 in reply to AJJewsbury

    I would expect lots of standards, but would be worded as expectations, rather than specific "this'll do" levels. Have a look at the UK Def-Stans and US MIL-STDs. Plenty to go at.

    A lot of it is no (or minimally) different from all the other forms of computer, strategic asset and critical infrastructure safety and security, but applied with the appropriate focus.

    Known bugs will be patched, or procedures updated, or backups installed just as with all the other CVEs that plague use. Things that go 'bang' have plenty of attention. Wink

Reply
  • 0 in reply to AJJewsbury

    I would expect lots of standards, but would be worded as expectations, rather than specific "this'll do" levels. Have a look at the UK Def-Stans and US MIL-STDs. Plenty to go at.

    A lot of it is no (or minimally) different from all the other forms of computer, strategic asset and critical infrastructure safety and security, but applied with the appropriate focus.

    Known bugs will be patched, or procedures updated, or backups installed just as with all the other CVEs that plague use. Things that go 'bang' have plenty of attention. Wink

Children
  • 0 in reply to Philip Oakley

    Air gap networks, and humans in the decision loop as well. Automated systems do not normally need a connection to the internet, and unless they do, they won't have one just for fun. Connections between sensors (imagine the RADAR bit) and the firing bit will be on dedicated line. Tempest specs will indicate how the larger threats like jamming of that link, are kept at bay.

    Mike.

  • 0 in reply to mapj1

    There's also a lot of other specs that are just 'solid foundation' aspects to avoid some 'social engineering' aspects that could use procedural aspects to cause issues, such as power outage ride through. A lot of defence in depth, layered approaches, and Reason's Swiss cheese minimisation.

Community Rules & Guidelines