Air Mobility Command’s Test and Evaluation Squadron conducted a benchmark C-5M Cybersecurity Adversarial Assessment, becoming the first test of this kind conducted on an AMC aircraft, and among the first conducted on any Air Force major weapons system.
AMCTES test directors coordinated the development of cyber-attack scenarios, working in conjunction with personnel from the U.S. Army Threat Systems Management Office, and Lockheed Martin Avionics Engineers.
Operationally configured, this assessment was executed at Dover Air Force Base, Del., aboard a grounded C-5M aircraft. Test participants included members from the 436th Airlift Wing, 436th Maintenance Group and the 9th Airlift Squadron. The AMCTES test team, the sole operational test organization of HQ AMC/TE, which is the Directorate of Test and Evaluation at Scott AFB, facilitated all test activities.
The test parameters involved providing the cyber-threat team physical access to the electronic systems aboard the aircraft to allow them to attempt to gain logical access to systems that may compromise security.
Capt. Ryan Tell, AMCTES senior test director
Capt. Ryan Tell, AMCTES senior test director, said the purpose of the test was, “to develop scenarios whereby access can be gained to disrupt or disable the aircraft and prevent the aircrew from completing their mission.”
This assessment will provide a baseline to define and refine current threat protocols and anti-cyber-attack procedures if vulnerabilities are detected. USA TSMO acted in a generic adversary role whose goal was to create cyber effects that would inhibit or prevent the C-5 from performing its mission.
“The test parameters involved providing the cyber-threat team physical access to the electronic systems aboard the aircraft allowing them to attempt to gain logical access to systems that may compromise security,” said Tell.
The test was conducted in two phases. The initial phase provided the adversarial team access to the C-5M system architecture. This allowed for the team to explore pathways to potentially exploit the systems and focus the cyber attack on the systems most likely to be targeted by an adversary.
The second phase required operational aircrew and maintainer test participants to conduct simulated attempts at launching an operational mission while the adversarial team attempted parallel cyber-attacks.
The scope of the test involved all major aircraft systems. It also involved mission support systems that connect to the aircraft via removable media devices or data transfer interfaces. Data regarding the ability of the test participants to detect, react, and restore systems on the aircraft in response to exploitation was collected.
The Department of Defense has recognized that the detection, exposing, and subsequent protection against cyber-threats is a critical military function given today’s global environment, and has been steadily adopting protocols in its fight to thwart attacks of its informational and technology systems.
Recent major aircraft system upgrades, with decreasing reliance on analog displays, has elevated the risk of cyber-security vulnerability to interrelated software systems.
The Department of Defense has recognized that the detection, exposure, and subsequent protection against cyber-threats is a critical military function given today’s global environment. The DoD has steadily adopted protocols in its fight to thwart attacks from its information and technology systems.
This Adversarial Assessment complies with the Secretary of Defense, Director of Operational Test and Evaluation policy memorandum directs the accomplishment of adversarial tests for all oversight information systems and weapon systems Air Force-wide