The Department of Defense (DoD) and industry currently lack the capability to conduct security operations for Critical Infrastructure Protection (CIP) and Industrial Control Systems (ICS). Specific capabilities that are needed are the Certification and Accreditation (C&A), continuous monitoring, and ability to have real-time situational awareness of CIP/ICS through Common Operating Pictures (COPs) and dashboards. The Continuous Industrial Control System Security Awareness Tool (CISSAT) addresses these issues by providing the cyber security integration, evaluation, and continuous monitoring for CIP/ICS. Specific objectives are to automate C&A artifact development to decrease time to accreditation, automate technical testing data into C&A controls, and provide COPs for enterprise visibility and continuous monitoring to ensure security throughout the lifecycle of the CIP/ICS. Demonstrations will be conducted at Naval Support Activity (NSA) South Potomac, Virginia and at the Washington Navy Yard in the District of Columbia.

Technology Description

CISSAT is a Service Oriented Architecture (SOA)-based C&A/continuous monitoring automation tool with the ability to provide real-time situational awareness to the on ground cyber analyst or commander. Innovation behind CISSAT is its unique ability to automate currently manual C&A processes. It begins with IA artifact development transforming stagnant documentation into living documents that can be rapidly updated from one screen. It continues with integration of multiple security perspectives merging baseline accreditation data with continuous monitoring resulting in a holistic picture of security posture. Lastly it displays the most relevant data at multiple levels of enterprise with drill down capability through the COP. Through the technology demonstration, the economic and technical capabilities of CISSAT will be proven by quantifying the amount of resources used to accredit a CIP/ICS versus regular accreditation methodologies and by qualifying the accuracy of accreditation through metrics reporting of accuracy of data collected to present to the Authorizing Official Designated Representative (AODR).

Implementation Issues

CISSAT enhances CIP through increased cyber security. The cost to operate CISSAT will be minimized to the DoD community as it was developed to be enterprise centric alleviating the need to purchase multiple hardware for decentralized implementation. CISSAT can be deployed in multiple variations to include virtualization to minimize footprint and maximize flexibility of the tool based on mission criteria and to allow future integration into the cloud-based technologies currently being deployed by DoD. Additionally, CISSAT increases performance by decreasing the resources needed to conduct both accreditation and continuous monitoring of CIP/ICS as the accreditation timeline is shortened as the bulk of the process is automated, resulting in less time and resources needed to complete the risk assessment. Benefits the functional community will realize are real-time visibility of CIP/ICS compliance to federal regulations and DoD task orders, shortened time to deployment with secure CIP/ICS, and continuous monitoring of CIP/ICS with real-time feedback of cyber security vulnerability exposures. (Anticipated Project Completion - 2016)

  • RMF ,

  • Assessment ,

  • Configuration Management