Escaping a fortress mindset: building trust in a multi-domain environment
Multi-domain integration, sharing information across a wider breadth of stakeholders and platforms, promises to deliver great benefits to UK Defence and her allies.
Pulling more information streams together into a connected warfighting machine can only enhance situational awareness and decision-making. However, greater connectivity also brings greater risks.
“Safety and security are two sides of the same coin,” said Tony Burton, Strategy and Marketing Director, Secure Communications and Information Systems for Thales in the UK. “Digital trust is absolutely critical. Stakeholders need to trust where information has come from and that it’s not been interfered with, otherwise acting on it comes at huge risk.”
Secure by design
Under the long-established model of Defence procurement, a system is designed and built, then a security wall is designed around it which must be accredited to military security standards before the system can be used. This “citadel” approach no longer works for a complex, interconnected and wide-ranging MDI environment.
“You can’t just build a wall, because you wouldn’t know where to build it, or even what you’re putting a wall around,” said Tony. “It’s complete nonsense in a connected environment, where boundaries change whenever something is added to, or removed from, a system.
“A network may be a squad of solders which then gets access to an RAF or Navy asset. They want to welcome it into their community of trust for a short period to get information from it, but as soon as they’re finished, they don’t want it in their community anymore because it’s a vulnerability.”
“We need the ability to build communities up and tear them down quickly. Dynamically-managed communities of trust are essential for building a multi-domain picture.”
Tony believes systems must be secure by design, incorporating zero-trust architecture and information-based security architecture, based on knowing who and what to trust.
“We need to change the way the security accreditation process is done, demonstrating inherent security by design from the outset and built from the from bottom up, rather than just bolted on,” he said.
A new joiner (human or machine) would be allowed into a community but, in the background, protocols are initiated and cryptographic keys exchanged before they are allowed to add to, or draw from, the common picture.
Under this dynamic model, should a trespasser breach the community, they might only access a limited part of it before being challenged again by the system as they try to access more areas, limiting damage.
Resilience
Moving beyond the traditional concept of cybersecurity is the concept of resilience. Any wall can be breached, so Thales is applying a long heritage in developing resilience in critical national infrastructure, such as transport and communications, to Defence operational systems.
Resilience offers trust that a system won’t fail catastrophically but continue functioning in a predictable way, managing degradation in the event of a cyberattack.
Learning from wider industry
Many of the challenges faced by the Defence sector have civilian parallels, for example in making connected autonomous vehicles work safely in the public space.
Driverless cars contain many sensors, actuators and people onboard, interacting with each other and external systems and relying on trusted data from trusted sources to keep them safe. Whenever they travel down a street, cars must set up and tear down communities of trust with roadside infrastructure, other vehicles and regulatory networks.
“For short periods, perhaps the 20 seconds while you pass another car, you need to set up a community of trust for early warning and collision avoidance, interact and then forget it as you leave it behind and approach a new control mechanism, whether the next set of traffic lights or roundabout,” explained Tony.
At a wider level, driverless vehicles also have data which other communities are interested in but don’t want to share wider, such as a fleet manager, DVLA, manufacturers or the owner’s family.
Exchanging data in a secure and trusted manner, between machine and machine, machine and human and machine and enterprise, is a field in which Thales is a leader, working with manufacturers, other agencies and academia. The result is Cybels, a suite of products including authentication protocols, roots of trust and cryptographic key management between devices and people.
Human physical identification is becoming increasingly important as communities become hybrid. Thales Digital Identity and Security (formerly Gemalto) is applying biometric identification to commercial security with potential crossover to the Defence sector. DIS uses multi-modal biometric techniques in a range of digital identity schemes for governments, financial institutions and many other critical operations that help to bridge the cyber–physical gap.
Thales is also working with the likes of Microsoft to solve issues of security, connectivity and bandwidth surrounding deployed Cloud network. The Nexium Defence Cloud has the potential to offer huge benefits as part of the multi-domain picture, providing common applications and services that link all domains in a single, trusted information environment. The ability to rapidly set up and tear down resources using cloud techniques ensures the best possible decision making and outcome by effectively linking individual soldiers’ handheld devices to their HQ or to battle-winning sensor or weapons resources, while minimizing C4 infrastructure in theatre.
Building stakeholder trust
Multi-domain integration requires a wider and freer exchange of information than ever before. A system of systems or “internet of military things” must enjoy security and resilience in such a way that engenders trust without negating the benefits.
MDI is more than a military concept; civil sectors such as banking, energy and the automotive industries must also be able to share information in communities of trust. As identified in the Integrated Review Multi-Domain Integration and the trend for collaboration between sectors, manufacturers and allies in both the military and civil contexts is likely to increase, creating as collaborative ecosystems in which security, trust and resilience are critical.