Cyber has become a supposedly cheap first-strike weapon of political choice by potential adversaries in a milieu placing insurgency, terrorism, international crime and state-based influences in close un-regulated prox...Cyber has become a supposedly cheap first-strike weapon of political choice by potential adversaries in a milieu placing insurgency, terrorism, international crime and state-based influences in close un-regulated proximity. The merging of electronic and cyber warfare means that not even submarines, however unconnected or firewalled they may be, are immune. The quantum attack surface of submarines is as much in their past, as they are in their designs today and their operations tomorrow: they must survive to be credible and ideally they should even be a contemporary offensive cyber deterrent. Such critical defensive systems require robust security systems engineering and cybersecurity test and evaluation to build and sustain their cyber-resilience. This paper uses Australia’s future submarine program [1]1 to outline key facets needed in a submarine program to achieve cyber resilience, including how to adapt U.S. Department of Defense (DoD) best practices to engineer, test and sustain cyber-resilient submarine systems. Strategies are needed that provision sovereign-owned and operated land-based test sites to design, build, demonstrate and sustain critical submarine systems. This work is most relevant to countries allied to the U.S. and importing submarine capabilities, such as within lesser European powers and also in the Indo-Pacific where both cyber warfare and submarines are proliferating.展开更多
文摘Cyber has become a supposedly cheap first-strike weapon of political choice by potential adversaries in a milieu placing insurgency, terrorism, international crime and state-based influences in close un-regulated proximity. The merging of electronic and cyber warfare means that not even submarines, however unconnected or firewalled they may be, are immune. The quantum attack surface of submarines is as much in their past, as they are in their designs today and their operations tomorrow: they must survive to be credible and ideally they should even be a contemporary offensive cyber deterrent. Such critical defensive systems require robust security systems engineering and cybersecurity test and evaluation to build and sustain their cyber-resilience. This paper uses Australia’s future submarine program [1]1 to outline key facets needed in a submarine program to achieve cyber resilience, including how to adapt U.S. Department of Defense (DoD) best practices to engineer, test and sustain cyber-resilient submarine systems. Strategies are needed that provision sovereign-owned and operated land-based test sites to design, build, demonstrate and sustain critical submarine systems. This work is most relevant to countries allied to the U.S. and importing submarine capabilities, such as within lesser European powers and also in the Indo-Pacific where both cyber warfare and submarines are proliferating.