麻豆村

For decades, the digital networks protecting our nation operated like a walled fortress: Once inside, you were trusted. However, in an era of sophisticated hackers, that perimeter is no longer assured.聽

The real-time systems found in defensive hardware cannot simply adopt modern cybersecurity practices meant for general IT. 麻豆村鈥檚 颈蝉听 to modernizing the security of our national defense.

The performance problem聽

罢丑别听 mandates 鈥渮ero trust鈥� cybersecurity practices, which assume that every digital interaction could be a threat and that no user, device or application should be trusted by default. While this 鈥渧erify everyone, every time鈥� standard works in office settings, it creates risks when implemented on high-stakes hardware like aircraft or emergency response systems. In these cases, even the slightest drop in speed or reliability could be the difference between a successful mission and a catastrophic failure.聽

鈥淓nterprise IT and weapons systems are very different environments, and they entail different risks and trade-offs,鈥� said聽, a SEI principal engineer and senior cybersecurity analyst.聽

In late 2024, the U.S. Air Force Cyber Resiliency Office for Weapon Systems asked the SEI to figure out how to adapt these standards for high-performance, high-stakes environments.聽

鈥淥ur study looked at how the Air Force can start thinking about which risks and trade-offs are most important when applying zero trust to aircraft and other weapon systems,鈥� Alberts said.

The need for speed and reliability

SEI researchers analyzed how zero trust principles, such as 鈥渓east privilege鈥� (giving users only the bare minimum access needed) and 鈥減resume breach鈥� (proactively defending from the inside) present special considerations for their application in defense settings.聽

罢丑别颈谤听 provides a set of considerations for engineers navigating tradeoffs.

For example, some zero trust actions, like authentication and encryption, can slow down a system鈥檚 response time. 鈥淚f you have very precise timing requirements related to mission objectives, then you could have system performance issues that could ultimately degrade or lead to mission failure,鈥� Alberts said.

Engineers must also account for different operational environments. Cybersecurity controls that protect a plane while it鈥檚 parked for maintenance might be too slow or restrictive when the plane is flying a high-speed rescue mission.聽

Alberts believes the SEI鈥檚 principles-to-tradeoff mapping could evolve into a framework for applying zero trust practices in real-time defense environments.聽

鈥淲e would like to develop a risk framework and methodology that helps engineers balance the security capabilities provided by zero trust with other important attributes of a weapon system, such as performance, interoperability and safety,鈥� Alberts said. 鈥淯ltimately, the goal is to help ensure that weapon systems achieve mission success in a safe and secure manner.鈥�