Aspects of command and control system vulnerability analysis
Scientific Publication
- Report Number:
- DSTO-TR-1123
- Authors:
- Warren, L.
- Issue Date:
- 2001-03
- AR Number:
- AR-011-807
- Classification:
- UNCLASSIFIED
- Report Type:
- Technical Report
- Division:
- Information Technology Division (ITD)
- Release Authority:
- Chief, Information Technology Division
- Task Sponsor:
- DGISC
- Task Number:
- JNT 99/028
- File Number:
- 9505/19/199
- Pages:
- 29
- References:
- 24
- Terms:
- Vulnerability analysis; Computer security; Information warfare; System failures; Command and control systems
- URI:
- http://hdl.handle.net/1947/4262
Abstract
This report describes several different approaches to Command and Control System vulnerability analysis. The focus is on practical heuristics that can be used without a significant loss of accuracy. Topics covered are qualitative criticality evaluation of C2 nodes, identification of degradation sources, and dependability evaluation of digital C2 support systems. The use of the possibility measure for data with higher-order uncertainty forms is discussed, and dependability results using the possibility measure are contrasted with those of probabilistic methods
Executive Summary
Vulnerability analysis of military command and control (C2) systems is an increasingly important field of study as awareness grows of the leverage that Information Operations can provide in adversarial conflicts. However, there are many kinds of vulnerability analysis and which is the appropriate form for any given C2 situation is not always obvious. Initially, the concept of nodal criticality is examined and several types of criticality are described so that the most appropriate version for a given C2 situation can be assessed. Next, C2 system vulnerability is discussed based on elemental dysfunctions of diverse types. The Failure Modes, Effects and Criticality Analysis technique of systems engineering is described for evaluating system vulnerability based on the potential combination of diverse elemental dysfunctions. Finally, the concept of C2 network dependability is discussed based on combinatorial network communication failures. Two types of failure likelihood measure are applied in the network combinatorial computations: the conventional probabilistic failure likelihood, and the possibilistic likelihood measure. Whereas the probabilistic likelihood estimates the likelihood that communication between sets of nodes will not occur due to link failures, the use of possibilistic likelihoods estimates the communication failure likelihood that could feasibly occur for any set of nodes. It is suggested that the more conservative estimates derived using the possibility measure are especially relevant to military situations due to the use of subjective estimates for component failure likelihoods, and the limited relevance of historical evidence since the adversary will search for new ways to attack a system. An approximate probabilistic method is also demonstrated, and for some example networks the results are shown to exhibit small error from the more complicated exact probabilistic methods. This report aims to provide a broad perspective of the field of vulnerability analysis so that a suitable analytical approach, or combination of different approaches, can be selected to match the needs of a given C2 system and situation context. Overall, the emphasis is on practical methods, with relatively low computational requirements so that application in the field may be more readily achieved and not be dependent on the presence of technical analysts.