The U.S. Military is betting on technology to help defend against current and future adversaries. They are working towards an interoperable, cloud-based digital battlefield to launch their attacks and direct their autonomous weapons systems from anywhere in the world. Obviously, security for such a digital battlefield is key as the entire system is incredibly vulnerable without it. Imagine if someone took remote control of our weapons and turned them on American citizens or warfighters?
Military and commercial aircraft, ground vehicles, maintenance and data loading, weapons systems and legacy LRUs all rely on the 1553 serial data bus for communications. When it was designed almost 50 years ago, they weren’t thinking about security and certainly not constantly evolving cyberthreats like we have today. The 1553 bus has unfortunately become a serious threat to a secure digital battlefield.
The upside is that the 1553 has many built-in controls to make sure that signals are properly interpreted between simple ones and zeroes. There are ways to detect if the MIL-STD-1553 criteria for bits, words, message formation, and responses are being met and if not, there are ways to protect against those things that do not fit that criterion. There are a multitude of products on the market that can handle this task for you. But to be a complete cyber resilience solution, it really must have these 5 features:
Your security solution needs to monitor your 1553 bus continuously. It must collect and analyze bus traffic, identify invalid data and threat messages based on user-defined rules or algorithms, and give you real-time alerts. What good is an alert if it’s too late to do anything about it?
2. Active Mitigation
Cyberattack messages need to be prevented from reaching their intended targets. While some solutions only alert, better products also mitigate the threat in real-time. Passive mitigation won’t catch attacks before the damage is done.
3. User-Defined Threat Definition
You need to be able to define your own threats for your specific platform including custom detection algorithms. An open, predictable design based on user-defined rules ensures all applicable threats are covered.
4. Simple Integration
While this isn’t a must, it is nice to only have one device protecting your entire bus without having to buy expensive hardware, integrate complicated software, or change your A-Kit or LRU. You don’t want a product that is going to interfere with your normal bus traffic. Plug and play is the way to go. Better yet is for the security to be integrated into the bus products at the factory; being hardware based prevents the likelihood of bypass or disablement. A single device protecting your system without a doubt provides a very convenient, logistically simple, low SWAP solution to a huge problem.
5. On Platform and Test and Maintenance Protections
Some solutions only work for one, not both. You don’t want to have to get two different solutions; make sure you find one that works for both.
Our team of knowledgeable hardware and software engineers with 30+ years in the business has helped Abaco be the first in the market to offer the only cyber-resiliency solution that meets all five of these criteria and is compatible with the thousands of existing 1553 devices in operation worldwide. The 1553Guard is the only solution that both monitors and mitigates threats in real-time. Learn more here.
We are helping the world fly more safely. Let us show you how, too.
If you enjoyed this blog, you'll want to read the blog, "What Zero Trust Is and Why You Should Implement It"