Cyber Security and Information Systems Information Analysis Center

Cyber Security and Information Systems Information Analysis Center (CSIAC) is a United States Department of Defense (DoD) Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC). The CSIAC is a consolidation of three predecessor IACs: the Data & Analysis Center for Software (DACS), the Information Assurance Technology IAC (IATAC) and the Modeling & Simulation IAC (MSIAC), with the addition of the Knowledge Management and Information Sharing technical area.[1]

CSIAC, one of three IACs sponsored by DTIC,[2] performs the Basic Center of Operations (BCO) functions necessary to fulfill the mission and objectives applicable to the DoD Research, Development, Test and Evaluation (RDT&E) and Acquisition communities’ needs.[3] These activities focus on the collection, analysis, synthesizing, processing and dissemination of Scientific and Technical Information (STI).

The BCO functions, specifically the collection and dissemination of STI, produce several valuable resources (e.g., reports, tool databases, data collections, etc.) in the CSIAC's core technology areas (Cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation and Knowledge Management/Information Sharing).

CSIAC's mission is to provide the DoD with a central point of access for Information Assurance and Cybersecurity to include emerging technologies in system vulnerabilities, R&D, models and analysis to support the development and implementation of effective defense against information warfare attacks.[4]

The CSIAC is chartered to leverage best practices and expertise from government, industry and academia on cyber security and information technology.

History

edit

The United States may be vulnerable to Information Warfare attacks due to the dependence of various infrastructures on timely and accurate information services. This is further complicated by the reliance of DoD information systems on commercial or proprietary networks that are accessible to both authorized users and potential adversaries. Identifying critical paths and vulnerabilities within the information infrastructure is a complex undertaking, and recent advances in information technology have made information systems easier to use, less expensive and more available to a wide spectrum of potential adversaries.

The security of the nation depends on the survivability, authenticity and continuity of DoD information systems. These systems are vulnerable to external attacks, due in part to their necessary dependence on commercial systems and the increased use of the Internet. The survivability, authenticity, and continuity of DoD information systems are crucial for the Warfighter. With the increasing amount of concern and Information Warfare activities requiring rapid responses, it is challenging to ensure that all appropriate agencies and organizations have the knowledge and tools to protect from, react to and defend against Information Warfare attacks. CSIAC has been established under the direction of the Defense Technical Information Center and the integrated sponsorship of the Assistant Secretary of Defense for Research and Engineering (ASDR&E); Assistant to Secretary of Defense/Networks and Information Integration; and the Joint Chiefs of Staff.[5]

CSIAC provides centralized Cyber Security vulnerability data, information, methodologies, models, and analyses of emerging technologies to support the survivability, authenticity, and continuity of operation of Information Systems critical to the nation's defense. It serves as a specialized subject focal point, supplementing DTIC services within DoD Directive 3200.12, DoD Scientific and Technical Information Program (STIP), dated February 11, 1998.[6][5]

Summarized Version

edit

The United States is vulnerable to Information Warfare attacks due to its reliance on timely and accurate information services and recent advances in technology have made it easier for potential adversaries to access critical infrastructure. The security of the nation depends on the survivability, authenticity and continuity of DoD information systems, which are vulnerable to external attacks. CSIAC provides centralized Cyber Security vulnerability data and support to ensure the continuity of critical Information Systems for the nation's defense.

  1. Reliance on Timely and Accurate Information Services: In the modern era, timely and accurate information is crucial for various aspects of society, including government operations, financial systems, and communication networks. This dependence on information systems makes the country vulnerable to attacks that disrupt or manipulate these systems. Disinformation campaigns and cyberattacks on critical infrastructure can have far-reaching consequences.
  2. Advances in Technology: Technological advancements have provided both opportunities and challenges for national security. While technology has improved communication, efficiency, and convenience, it has also opened up new avenues for potential adversaries to exploit vulnerabilities. Cyberattacks can be launched remotely, making it easier for malicious actors to target critical infrastructure without a physical presence.
  3. Security of DoD Information Systems: The Department of Defense (DoD) operates a vast network of information systems that are essential for national defense. These systems contain sensitive and classified information, making them attractive targets for cyberattacks. Ensuring the security, authenticity, and continuity of DoD information systems is paramount to national security.
  4. External Attack Vulnerability: DoD information systems are susceptible to external cyberattacks, including those launched by state-sponsored hackers, cybercriminals, and hacktivists. These attacks can disrupt military operations, compromise classified information, and undermine national defense efforts.
  5. Role of CSIAC: The Cyber Security and Information Systems Information Analysis Center (CSIAC) plays a crucial role in centralizing cybersecurity vulnerability data and providing support to maintain the continuity of critical information systems for national defense. By collecting and analyzing threat intelligence, identifying vulnerabilities, and disseminating best practices, organizations like CSIAC contribute to strengthening the nation's cybersecurity posture.

To address these vulnerabilities and threats, the United States employs a multi-faceted approach that includes cybersecurity policies, defense strategies, threat intelligence sharing and investments in technology and personnel. Continuous vigilance, collaboration among government agencies, private sector cooperation and international partnerships are essential to protect against information warfare attacks and ensure national security.

DTIC Realignment and Restructuring

edit

Given the evolving Defense environment, as well as recent congressional guidance, the Defense Technical Information Center (DTIC) recognized an opportunity to reshape the IACs to better respond to DoD mission needs. As a result, DTIC is realigning and consolidating the IAC program structure to achieve several objectives:

  • Expand the IAC program scope and increase synergy across related technology areas
  • Increase opportunities for small business
  • Expand the industrial base accessible through the IACs[7] See United States Cyber Command

To achieve these objectives, DTIC is forming new, consolidated IAC Basic Centers of Operation (BCOs). The BCOs are managed by both industry and academia. The DoD establishes IAC BCOs in areas of strategic importance, such as cyber security and information systems. An IAC BCO serves as the center for its technical community, and, as such, must maintain a connection with all of the key stakeholders within that community, to understand ongoing activities, current information, future strategies, and information needs.

This mission remains unchanged in the new IAC structure. However, what the new approach brings is expanded scope, increased focus on technical information needs, and enhanced agility, as the Defense environment continues to evolve.

BCOs will still analyze and synthesize scientific and technical information (STI). However, they are also to take on an expanded role in program analysis and integration by assessing and shaping nearly $6 billion in Technical Area Tasks (TATs). TATs are a companion offering of the IAC Program, through which DTIC leverages industry and academia's best and brightest to conduct research and analysis, developing innovative solutions to the most challenging requirements. IAC BCOs will ensure consistency with and reduce duplication of prior or other ongoing work by helping to ensure TATs are more responsive both to customer needs and broader DoD imperatives. BCOs are also required to ensure that TAT results are properly documented and made available for broad dissemination. This approach both achieves cost savings and reduces risks, ensuring that in this time of shrinking budgets and evolving requirements, the Defense community leverages all available knowledge to identify and implement innovative solutions.

Creation of CSIAC

edit

The CSIAC BCO represents the first awarded BCO under the new DTIC structure. As its name suggests, CSIAC's main technical focus is on Cyber Security and Information Systems. CSIAC merges the software engineering technology area of the DACS, the modeling & simulation technology area of the MSIAC, and the information assurance technology area of the IATAC together. It will also address two new technology focus areas: knowledge management and information sharing. Additionally, CSIAC will expand into other areas of importance and closely monitor new technologies as they emerge.[8]

Steering Committee

edit

CSIAC operates under the direction of our Government Steering Committee. The committee is made up of 19 individuals from the Government, DoD, and the research and development (R&D) communities, including representation from the Defense Information Assurance Program (DIAP), Joint Task Force for Global Network Operations (JTF-GNO), National Security Agency (NSA), Naval Postgraduate School (NPS), Office of the Secretary of Defense (OSD), and the Navy Information Operations Command - Norfolk, to name a few. The steering committee meets once a year and provides input and feedback to CSIAC's operations, particularly our information collection and dissemination efforts. Additionally, the topics of the technical reports that CSIAC authors write are dictated by the Steering Committee.[5]

Sponsors

edit

The Cyber Security and Information Systems Information Analysis Center (CSIAC) is a U.S. Department of Defense Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC), and Assistant Secretary of Defense for Research and Engineering (ASDR&E). CSIAC is hosted by Quanterion Solutions Incorporated.

Team Members

edit

The CSIAC team members consist of a BCO, Tier 1 team members, and Tier 2 team members.

Quanterion Solutions Incorporated, a small business in Utica, New York was awarded the CSIAC contract in fall of 2012.[9]

Tier 1 Team Members

edit

Tier 2 team members

edit

In addition to the Tier One team members, the CSIAC team includes Tier Two organizations, that provide reach-back support with subject matter experts (SMEs) that assist with technical inquiries, State-of-the-Art reports (SOARs), and core Analysis Tasks (CATs). The Tier 2 organizations of the CSIAC team include:

Services

edit

Community of Practice

edit

CSIAC's strategy to address the broadened scopes of the three IACs (DACS, IATAC, MSIAC), as well as the new areas of knowledge management and information sharing is to build and facilitate a Community of Practice (CoP) for the cyber security and information systems community.[8]

The CSIAC website (www.thecsiac.com) provides the infrastructure for the CoP and serves as the catalyst. The CSIAC website is member driven and encourages participation from the CSIAC community supported by CSIAC resources and activities. The website emphasizes unifying CSIAC resources and its members by supporting conversions and collaborations.[8]

The CoP supports the entire operation of the CSIAC, including information collection, analysis, and dissemination.[8]

Subject Matter Expert (SME) Network

edit

CSIAC's Subject Matter Expert (SME) Network is one of the most valuable resources to the user community.[citation needed] They provide a wealth of knowledge and information to the center through a variety of means. For example, SMEs are the main contributors of journal articles and webinar presentations. They are also available to respond to inquiries, assist with State-of-the-Art reports (SOARs), and perform research and analysis to support Core Analysis Tasks (CATs).[15]

SME qualifications

edit

CSIAC SMEs are those individuals who are considered to be experts in the fields that fall within the CSIAC's technical domain (i.e., cybersecurity, information assurance, software engineering, Modeling & Simulation, and Knowledge Management/Information Sharing). No single criterion provides the basis for being considered an expert, but instead it is based on a combination of factors, including an individual's:

  • Education (i.e., undergraduate, graduate and doctoral degrees)
  • Work experience (years in the field, positions held, past programs, etc.)
  • Publications[15]

The database consists of a wide range of SMEs from various backgrounds. Among those are members of the CSIAC's technical staff, key individuals from team member organizations, retired senior military leaders, leading academic researchers, and industry executives.

Technical inquiries

edit

The CSIAC provides up to four hours of free technical inquiry research to answer users’ most pressing technical questions. Technical inquiries submitted online are sent directly to an analyst who identifies the staff member, CSIAC team member, or Subject Matter Expert (SME) that is best suited to answer the question. The completed response will be sent to the user, and can take up to 10 working days; though they are typically delivered sooner.[16]

Core Analysis Task (CAT) program

edit

Challenging technical problems that are beyond the scope of a basic inquiry (i.e., require more than four hours of research) can be solved by initiating a Core Analysis Task (CAT). CATs are separately funded work efforts over and above basic CSIAC products and services. Through the CAT program, the CSIAC can be utilized as a contracting vehicle, enabling the DoD to obtain specialized support for specific projects. These projects, however, must be within the CSIAC's technical domain (cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation, and Knowledge Management/Information Sharing).[17]

Some of the advantages of the IAC CAT program include:

  • Minimal start-work delay – Not only does the CSIAC provide DoD and other agencies with a contract vehicle, but it is also a pre-competed single award CPFF IDIQ. Work can begin on a project in as little as 4–6 weeks after the order is placed.
  • Expansive Technical Domain – the CSIAC's broad scope (Cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation and Knowledge Management/Information Sharing) provides numerous resources for potential projects, and is especially valuable for efforts that cross multiple domains.
  • Subject Matter Expert (SME) Network – The CSIAC is able to leverage reach-back support from its expansive SME Network, including technical experts from the CSIAC staff, team members, or the greater community, to complete CATs and other projects.
  • Scientific and Technical Information (STI) Repositories – As a consolidation of three predecessor IACs, the CSIAC has a wealth of data and information to support the completion of CATs.
  • Apply the Latest Findings – Draw from the most recent studies performed for agencies across the DoD, as the results from all CSIAC CATs and SNIM Technical Area Tasks (TATs) are collected, stored and used to support future efforts by the CSIAC.[17]

Scientific and Technical Information (STI) Program

edit

CSIAC collects IA/DIO related STI to share with the DoD, other federal agencies, their contractors, and the research and engineering (R&E) community. The STI program is governed by DoD Directive 3200.12, DoD STI Program.[18]

CSIAC has thousands of IA/DIO-related documents in their technical repository.[19] This collection is a combination of both classified and unclassified material. All of CSIAC's documents are uploaded to DTIC Online Access Control (DOAC), which is an online repository of STI from all of DTIC's IAC's.[20]

CSIAC's library facilitates knowledge sharing between diverse groups and organizations, and all STI is readily accessible to the IA/DIO community within the classification and secondary distribution instructions.[21]

All STI collected by CSIAC is relevant to IA/CS research, development, engineering, testing, evaluation, production, operation, use, or maintenance. STI is collected in many forms including text-based documents, multimedia, and rich media files. Some topic areas include: Biometrics, Computer Network Attack, Computer Network Defense, Cyber Terrorism, Hacking, Information Warfare, Network-centric Warfare, Malicious Code, Product Evaluations, among others. CSIAC collects unclassified submissions from across all of the IA/CS community.

Events Calendar

edit

The CSIAC maintains an online calendar of events related to the interests of its members. The Events Calendar is also available as an RSS feed or a HTML viewable from the CSIAC website.[22]

Products

edit

S2CPAT

edit

Software & Systems Cost & Performance Analysis Toolkit (S2CPAT) is a web-based toolkit with the goal of capturing and analyzing software engineering data from completed software projects that can be used to improve:

  • the quality of software–intensive systems
  • the ability to predict the development of software–intensive systems with respect to effort and schedule[8]

S2CPAT currently allows users to search for similar software projects and use the data to support:

  • Rough order of magnitude estimates for software development effort and schedule
  • Project planning and management: life cycle model information, key risks, lessons learned, templates, estimation heuristics
  • Software engineering research[8]

The S2CPAT repository contains Software Resources Data Report (SRDR)[permanent dead link] data provided by the US Air Force. This data has been sanitized for public release by DoD and validated by a DoD-funded academic research team.[23]

Reports

edit

CSIAC publishes three types of reports on current Cyber Security and Information Systems topics:

  1. State-of-the-art Reports (SOAR) investigate developments in IA issues. Past SOAR topics include: Insider Threat,[24][25] Software Security Assurance,[26] Risk Management for the Off-the-Shelf Information Communications Technology Supply Chain,[27] and Measuring Cyber Security and Information Assurance.[28]
  2. Critical Reviews and Technology Assessments (CR/TA) evaluate and synthesize the latest available information resulting from recent R&D findings. They offer comparative assessments of technologies and/or methodologies based on specific technical characteristics.[29] Topics include Wireless Wide Area Network (WWAN) Security, Network-Centric Warfare, and Biotechnology.
  3. Tools Reports outline a current technology and provide an objective listing of currently available products.[29] Topics for tools reports include firewalls, vulnerability assessment, Intrusion Detection Systems, and malware.

Journal

edit

CSIAC's Journal of Cyber Security & Information Systems is a quarterly technical journal written from a DoD perspective and contains the following: synopses and critiques of significant, newly acquired reports and/or journal articles; summaries of the initiation of new R&D programs; listing or calendar of future conferences, symposia, etc.; and summaries of significant technological breakthroughs and significant new technological applications and highlights of any other outstanding developments. News from various DoD CSIAC programs that would be of interest to other DoD organizations may also be included. The journal is distributed in print and electronic format to registered CSIAC subscribers free of charge and is available for viewing and download from the CSIAC website.[30]

Journal sources are direct invitations, publishing "Call for Papers", and unsolicited submissions. Direct invites are the most common method, usually by contacting conference presenters and asking if they could write something based on their presentation. Authors are solicited for their expertise or experience relative to the theme of the journal issue.

IA Digest

edit

The CSIAC's Information Assurance (IA) Digest is a semi-weekly news summary for information assurance and software reliability professionals protecting the Global Information Grid (GIG). It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cyber security, information assurance, and information systems topics.[30]

Webinars

edit

References

edit
  1. ^ "DoD Information Analysis Centers". Archived from the original on 2014-07-25. Retrieved 2013-08-22.
  2. ^ "DTIC.mil". Archived from the original on August 5, 2008. Retrieved 22 August 2013.
  3. ^ "SNIM PWS". Archived from the original on 2016-03-03. Retrieved 2013-08-23.
  4. ^ "About the CSIAC". Archived from the original on 2013-09-21. Retrieved 2013-08-22.
  5. ^ a b c "CSIAC History". Archived from the original on November 18, 2012.
  6. ^ "DoD Directive NUMBER 3200.12" (PDF).[permanent dead link]
  7. ^ "DoD Joint Publication 3-12(R) Cyberspace Operations (5 February 2013)" (PDF). Archived from the original (PDF) on 2018-01-27. Retrieved 2018-12-01.
  8. ^ a b c d e f Zember, Christopher. "cyber security tips by Let's build destiny". Archived from the original on 2019-02-28. Retrieved 2019-02-28.
  9. ^ "CSIAC Team Members". Archived from the original on 2013-09-21. Retrieved 2013-08-23.
  10. ^ "Home - SURVICE Engineering Company". Retrieved October 5, 2016.
  11. ^ "WetStone Technologies, Inc. - Home". Retrieved October 5, 2016.
  12. ^ "Home - Aptima". Retrieved October 5, 2016.
  13. ^ "Minerva Engineering - Engineering Excellence for the Warfighter". Archived from the original on October 6, 2016. Retrieved October 5, 2016.
  14. ^ "Home - Griffiss Institute". Retrieved October 5, 2016.
  15. ^ a b "CSIAC Subject Matter Expert (SME) Network". Archived from the original on 2013-09-21. Retrieved 2013-08-23.
  16. ^ "theCSIAC.com - Submit a Technical Inquiry". Archived from the original on 2013-09-21. Retrieved 2013-08-23.
  17. ^ a b "Core Analysis Task (CAT) Program". CSIAC. Archived from the original on 21 September 2013. Retrieved 23 August 2013.
  18. ^ http://biotech.law.lsu.edu/blaw/dodd/corres/pdf2/d320012p.pdf [bare URL PDF]
  19. ^ "Archived copy" (PDF). Archived from the original (PDF) on 2014-08-12. Retrieved 2013-08-23.{{cite web}}: CS1 maint: archived copy as title (link)
  20. ^ "DTIC Online Access Controlled". Dtic.mil. Archived from the original on 2011-10-23.
  21. ^ Goertzel et al. (2010) CSIAC's Critical Role in Cyber Security, SoftwareTech News, Vol. 13 No. 2
  22. ^ "CSIAC Events". Retrieved 23 August 2013.[permanent dead link]
  23. ^ "Welcome to S2CPAT".
  24. ^ Gabrielson et al. (2008) The Insider Threat to Information Systems, An CSIAC State-of-the-Art Report.
  25. ^ "Archived copy" (PDF). Archived from the original (PDF) on 2011-10-19. Retrieved 2013-08-23.{{cite web}}: CS1 maint: archived copy as title (link)
  26. ^ Article title [bare URL PDF]
  27. ^ Goertzel et al. (2010) Security Risk Management for Off-the-Shelf (OTS) Information and Communications Technology (ICT) Supply Chain, An CSIAC State-of-the-Art Report.
  28. ^ "404w Page Not Found (DTIC)" (PDF). Archived from the original (PDF) on February 16, 2013. Retrieved October 5, 2016. {{cite web}}: Cite uses generic title (help)
  29. ^ a b "CSIAC-Reports". iac.dtic.mil. Archived from the original on November 18, 2012. Retrieved August 23, 2013.
  30. ^ a b "CSIAC FAQs". CSIAC. Archived from the original on 21 September 2013. Retrieved 23 August 2013.
edit