The Air Force is looking for industry help in securing security and industrial control systems networks on its bases.
Under the Evaluation of Cyber/IoT Vulnerabilities of Department of Defense Critical Infrastructure (ExCITe) proposal, released online Dec. 23, the Air Force is asking for information regarding technical concepts and approaches that might be able to automatically identify, map and provide analysis of base control systems.
These systems — which include industrial control systems/supervisory control and data acquisition (ICS/SCADA), building automation, life safety, utility monitoring and airfield control systems — have become increasing cyber targets in recent years.
Some believe the Department of Defense should move away from typical information network defense and expand its coverage to include industrial control and data acquisition systems more extensively.
These types of systems control a variety of services, including energy ones, so knocking them out can have severe impacts for mission and even basic services, such as heat in the winter.
According to the notice, the Air Force eventually wants a real-time situational awareness platform that can determine a base’s overall cyberthreat surface as it relates to control systems. A comprehensive understanding of threats and risks to these systems is critical to ensuring Air Force mission success, the notice says.
A key factor in determining this threat surface, the notice states, is an accurate inventory of systems and devices connected through both internet protocol and other connections.
Abstracts for the request for information notice are due Jan. 31.