Integrated Information Technology (IT) & Information Assurance (IA)

Technical Authority (TA)28 April 2015

Presented by:

RDML John Ailes SPAWAR Chief Engineer

Presented to:

AFCEA C4ISR Symposium

Statement A: Approved for public release, distribution is unlimited (27 APRIL 2015)

2

What’s the Problem?

▼ A series of stovepipes wired together & not organized or aligned for effective interoperability Little-to-no focus on System-of-

Systems or Enterprise-level engineering

Integration & Interoperability an afterthought

▼ Resulting in an IT infrastructurethat is: Too large Too old & too hard to upgrade Too varied & expensive Too hard to manage & operate Too hard to defend

We Need a Disciplined Engineering Approach to Interoperability and Cybersecurity

3

Fundamental Changes Needed to Improve Navy Interoperability & Cybersecurity

Current IT Infrastructure Future End State

▼ Complex design driven by stovepipe acquisition

▼ Poor configuration management

▼ Simplified design with no stovepipes▼ Enables disciplined configuration

management

Need Enterprise-Level Approach to Interoperability & Cybersecurity

▼ Each program implements security controls

▼ Attackers see a single network with seams

▼ Mandatory implementation of standardized security controls

▼ Fewer seams and smaller attack vector—easier to operate, manage and defend

4

4

System Data Exchanges

Hosted App

Hosted App

CANES Service

CANES Service

Off Platform Comms

FirewallIDS

CS LAN

CS Elements

CS Elements

CS Elements

CS Elements

Boundary Defense

Combat System CANES

Video Conversion Rack

Physical

Logical

Switch Switch

5

SPAWAR-led Actions to Improve Navy Cybersecurity & Interoperability

SPAWAR Plays a Critical Role in Navy Cybersecurity & Interoperability

Off-Platform Communications

Platform Boundary

Enclave BoundaryEnclave Enclave

Specifications & Standards

Defense-in-Depth Functional Implementation Architecture (DFIA)

DFIA Afloat

Implementation Guidance (Standards)

▼ Cross-SYSCOM governance board for reviewing, adjudicating & endorsing IT & IA TA products for use throughout the Naval Network Enterprise

▼ Charter signed by SYSCOM CHENGs

▼ Stakeholders provide key policy & operational perspectives

▼ Working Groups collaborate & refine SPAWAR-initiated IT & IA TA products

IT/IA Technical Authority Board(TAB)

Specs & Standards promulgated to PORs to drive toward a target endstate that

addresses cybersecurity and interoperability holistically across the

Navy Enterprise

6

▼ Cybersecurity & Interoperability are Navy Imperatives The cyber threat continues to grow exponentially; a challenge to both government and

commercial cybersecurity enterprises Ensuring critical data exchange and securing the Fleet requires a fundamental change

in our approach Smart IT planning simplifies cyber problem—effective execution of integrated IT and IA

TA is the key!

▼ SPAWAR plays a critical role in Navy Interoperability & Cybersecurity Establishing the cyber specifications, standards and configurations Developing and delivering capabilities to the Fleet with interoperability and cyber

designed up front

Summary

7