Air Force seeks command and control system for cyber ops
The system would be designed to automatically detect an attack on Air Force networks and generate alerts and recommended responses.
As part of its evolving cyberwarfare strategy, the Air Force is looking for input on how to construct a command and control system that would support defensive and offensive operations in the event of an all-out attack on the country’s information infrastructure.According to a draft document, the Cyber Control System would monitor network activity across the Air Force's segment of the military's Global Information Grid. If the system detected an attack, it would alert Air Force cybersecurity personnel and automatically take measures to mitigate and repair any damage to its networks.The Cyber Control System would also give Air Force officials recommended responses or courses of action. Those responses might be limited to cyber operations or they might require coordination with traditional operations. Air Force officials believe that capability is vital.Cyber forces "must be capable of producing real-time analysis and developing courses of action in shorter periods of time in order to execute selected [courses of action] and assess the impacts of their actions…before any potential adversary has time to react," the document states.Like traditional command and control systems, the Cyber Control System would generate various products, including tasking orders, battle damage assessments and incident reports.The Air Force is in the process of building a Cyberspace Command under the jurisdiction of the 8th Air Force, with plans to formally establish it in 2008. Although the other military services have groups that focus on cyberspace, the new command is widely seen as establishing the Air Force as the leader in cyberwarfare.Along with the overall need for a Cyber Control System, the Air Force said its cyber forces require real-time and predictive expert analysis, culled from information across the military and performed by an Enterprise Pattern and Integration Correlation engine.Such an analysis would be able to determine, for example, if a network device should be disconnected, what data is associated with the device, what capabilities it provided, and what activities on the network depend on the device.Funding for the system’s development is tagged at $27 million for fiscal 2008 and 2009, with future amounts to be determined. An industry day to explain the details of the new program is scheduled for Jan. 29, 2008, at Hanscom Air Force Base in Massachusetts.
NEXT STORY: House wants to fine-tune DHS research strategy