Cybersecurity: A joint terminal engineering office perspective

The integration of cyberspace and space systems development and operations activities has become essential to the successful achievement of Air Force Space Command (AFSPC) Net-Centric mission requirements. In general, approaches to Air Force risk management and cybersecurity have focused largely on the implementation of technology as reactive mechanisms in the operational environment. The importance of proactively addressing the risks associated with space/cyberspace integration at any point in the system development lifecycle (SDLC) and iteratively re-addressing those risks throughout the SDLC has become even greater in the face of continually evolving cyberspace threats. In response to this situation, an approach to threat and vulnerability assessments has been developed to conduct risk identification, analysis, handling, and monitoring iteratively throughout the SDLC for the Military Satellite Communications (MILSATCOM) Systems Wing (MCSW) portfolio of programs. The U.S. Department of Defense (DoD) Joint Terminal Engineering Office (JTEO) emphasizes proactive end to end terminal engineering analysis that is critical to the success of terminal acquisition programs (systems development) and the operational (warfighter) mission. This paper presents the JTEO´s approach to addressing cyber-based threats and vulnerabilities to MILSATCOM systems, architectures, and Joint terminal development that integrates both qualitative and quantitative engineering analyses for improved decision-making regarding the effectiveness of and return on investment (ROI) from terminal requirements. The JTEO approach to threat, vulnerability and risk assessment adapts MCSW and AFSPC enterprise risk management strategies by identifying cyberspace threats to the terminal segment and supporting the mitigation of those threats during systems engineering, development, systems integration, test and evaluation, and information assurance (IA) certification and accreditation (C&A) and supplying- - the results of those efforts to the enterprise. The JTEO cybersecurity initiatives support the terminal C&A process and can also support the process by which terminals may gain approval to connect to MILSATCOM systems, and potentially, through those MILSATCOM systems, to the Defense Information Systems Network (DISN)/Global Information Grid (GIG).