2007 Issue 2 - Raytheon


2007 Issue 2 - Raytheon


Addressing the Challenge of

Information Warfare

feature overview

It is no surprise that information assurance,

or information security, is a top

priority concern for Raytheon and our

customers. Information assurance protects

systems and networks from loss of availability,

integrity, confidentiality, authenticity

and control or ownership. It includes measures

taken to detect and respond to cyber

threats. It is what makes systems and networks

secure. This is critical to delivering

Mission Assurance in the age of information

warfare. When members of the armed

forces rely on our technology, they depend

on us to do the job right — regardless of

whether they are facing an enemy on the

battlefield or in cyberspace.

Our military customers need secure systems

that also handle multiple levels of security.

Modern security classification practices

have been used since the mid-20th century

to protect sensitive information at various

levels, granting individuals access to information

according to their “need to know.”

In today’s world, many military systems

must create, transmit, store and process

dynamically changing information at multiple

levels of security and deliver it to the

right users at the right time. Information

must not leak from one security domain to

another, either by accident or by the malicious

intent of a user, administrator or an

external attacker. Several articles in this

issue discuss how Raytheon is addressing


different challenges in engineering multilevel

secure information systems.

Raytheon has established a dependable and

repeatable process for engineering information

assurance into its systems. Our process

incorporates federal standards and guidelines

with Raytheon best practices to ensure

that the systems we develop can be trusted.

It covers engineering activities from information

assurance requirements development

through system certification and accreditation

(C&A). The process addresses many

challenges, such as developing a secure system

that contains COTS hardware and software

components that were not designed

with information assurance in mind.

Network architectures, links, routers and

protocols must be secure, reliable and

robust, delivering a high quality of service

under attack. Our dependence on networks

will only grow as the military realizes its

vision for the Global Information Grid (GIG)

and its Net-centric Enterprise Services

(NCES). This global network of systems will

manage and deliver information on demand

to warfighters, their leaders and support

teams. Networks will need to be self-healing;

they must know their attackers, learn

their goals and adaptively respond.

One of the steps Raytheon is taking toward

that goal is highlighted in the article on a

honeypot for wireless networks. A honey-

Our nation needs secure computers and networks

that deliver Mission Assurance even

in hostile cyberspace. Information warfare is

a valid strategy for attacking military forces

as well as a nation’s critical infrastructures.

A war could be won in cyberspace without

firing a shot, by successfully compromising

information systems and networks that are

essential to banking, utilities, industry and

our national defense.

pot is an information system that is used to

attract, confuse and observe attackers, and

to identify the threats they pose so that

these threats can be mitigated.

Raytheon is conducting internally funded

research to address anticipated and real

customer needs that no currently available

security technology can meet. An example

discussed in this issue is intrusion tolerance

— the ability of a system to tolerate malicious

faults. This enables a system to operate

under sustained cyber attacks, including

new and unknown attacks. Coupled with

self-regeneration, the ability to automatically

and fully restore all services after an

attack, intrusion tolerance will be a major

step forward in delivering Mission

Assurance in hostile cyberspace. Raytheon

recently participated in DARPA’s Self-

Regenerative Systems (SRS) program, and is

now working to transition the results of

SRS and other DARPA programs described

in this issue to make such capabilities realizable

in future systems.

Raytheon is also teaming with universities

and small businesses to develop and apply

technologies that address security challenges

on many fronts, such as improving

the survivability of wide area networks, and

mitigating the “insider” threat presented

by malicious users. •

Tom Bracewell


More magazines by this user
Similar magazines