1. Cyber Vision 2025: Air Force Cyber S&T Vision
tinyurl.com/cybervision
Dr. Mark T. Maybury
Chief Scientist
United States Air Force
Perhaps the most fundamental center of gravity for our nation and military, cyber and the missions it supports are under constant attack.
We need S&T to enhance our readiness, resiliency, and robustness. This requires clarity in our S&T to enable cyber superiority.
Vision: The Assured Cyber Advantage in air, space, cyber, and C2ISR enabled by superior mission support.
Objective: This study will articulate the near, mid, and far-term S&T vision for Air Force cyber indicating where the AF will lead, follow, and watch, in partnership with others.
“The dogmas of the quiet past are inadequate to the stormy present. The occasion is piled high with difficulty, and we must rise with the occasion. As our case is new, so must we think anew and act anew.” -- Abraham Lincoln, 1862
14 March 2012
Distribution A. Approved for public release; distribution is unlimited. Public Release Case No 2012-XXX

2. National Cyber Security
“We count on computer networks to deliver our oil and gas, our power and our water. We rely on them for public transportation and air traffic control… But … we've failed to invest in the security of our digital infrastructure “
President Barack Obama, 29 May 2009
“The most menacing foreign intelligence threats in the next two to three years will involve cyber-enabled espionage … insider threats … and espionage by China, Russia, and Iran.” Lt. Gen James Clapper, Jr. USAF (Ret), DNI, 31 Jan 2012
“On the global technology front, rapid advancement in communication has spread knowledge around the world, leveling competition and causing us to work harder to maintain U.S. advantages, making us more interdependent with international partners.” Michael Donley, Secretary of the Air Force, Nov 19, 2009
“We have certain industrial, design and engineering advantages, and if they are surreptitiously obtained by others, it reduces those advantages Gen Norton A. Schwartz, Chief of Staff, USAF 27 Feb “Cyberspace superiority describes our mission to gain advantage in, from, and through cyberspace at the times and places of our choosing, even when faced with opposition.”
Gen William Shelton, AFSPC/CC, AFCEA Cyber Symposium, 7 Feb 2012
‘‘The national security of the United States, our economic prosperity, and the daily functioning of our govern16
ment are dependent on a dynamic public and private information infrastructure, which includes tele-com18
munications, computer networks and systems, and the information residing within. This critical infra20
structure is severely threatened We cannot protect cyberspace without a coordinated and collaborative effort that incorporates both the US private sector and our international partners.’’
- February 2, 2010, DNI Admiral Dennis C. Blair, testimony before the Select Committee on Intelligence of the Senate regarding the Annual Threat Assessment of the U.S. Intelligence Community
‘‘Those who disrupt the free flow of information in our society, or any other, pose a threat to our econ3
omy, our government, and our civil society. Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an Internet-connected world, an attack on one nation’s networks can be an attack on all. And by reinforcing that message, we can create norms of behavior among states and encourage respect for the global networked commons.’’
- January 2010, speech on Internet freedom, Secretary of State Hillary Clinton
November 2011 is 10th anniversary of the Convention on Cybercrime, the only multilateral agreement on cybercrime, to which the Senate provided advice and consent on August 3, 2006, and is currently ratified by over 30 countries.
Gen. Martin Dempsey , The Pentagon, Washington, D.C. Tuesday, October 18, 2011
"So, let me make this point up front: improving our energy security directly translates to improving our national security"
"But to enhance our energy security, we must look beyond vulnerabilities and instead, focus on and view energy as an opportunity"
"Because fundamentally we know that saving energy saves lives"
"Today Americans are more energy conscious in our homes and at work and so too are we in our military. But, we can and must do even better – particularly in pushing progress out to the field, to the flightline and into the fleet."
"Today’s warfighters require more energy than at any time in the past and that requirement is not likely to decline."
"During World War II, supporting one soldier on the battlefield took one gallon of fuel per day. Today, we use over 22 gallons per day, per soldier. We’re also more expeditionary than ever. These energy needs require a vast yet vulnerable supply chain that our enemies target."

3. Cyber Vision 2025 Terms of Reference
ideachampions.com
Cyber Vision 2025 Terms of Reference
Background:
Need to forecast future threats, mitigate vulnerabilities, enhance the industrial base, and develop the operational capabilities and cyber workforce necessary to assure cyber advantage across all Air Force mission areas
An integrated, Air Force-wide, near-, medium- and far-term S&T vision to meet or exceed AF cyber goals and, where possible, create revolutionary cyber capabilities to support core Air Force missions
Key Stakeholders: Air Staff, MAJCOMS, AFRL, 24th AF, ESC, ASC, SMC
Approach
Identify state of the art and best practices in government and private sector
Analyze current and forecasted capabilities, threats, vulnerabilities, and consequences across core AF missions to identify critical S&T gaps
Articulate AF near (FY11-16), mid (FY16-20) and long (FY21-25) term S&T to fill gaps, indicating where AF should lead, follow, or watch
Address cyber S&T across all Air Force core missions and functions (air, space, C4ISR) comprehensively including policy as well as DOTMLPF considerations
Engage and partner (industry, academia, national labs, FFRDC, government)
Product: Cyber S&T Vision to top 4 by 7/15/12 (Report 1/1/13)
DOTMLPF - Doctrine, Organization, Training, Materiel, Leadership and education, Personnel, and Facilities

4. A Wicked Problem
Decision Making Environment
Static Uniform
Dynamic, Real Time Conflicting
Stable systems and environment; shared cyber goals across organizations
Rapidly changing and ambiguous phenomena and human behavior, potentially competing objectives
Mission Environment
Static, Uncontested
Fluid, Evolving, Contested, Congested, Competitive
System Behavior
Linear
Complex
Social Systems
Information Systems
Cognitive Systems
Multiple actors
Can’t observe/understand all behavior
Do not necessarily follow predictable rules of behavior; unintended consequences
Interact with environment and evolve
Behavior is regular, well understood and, to a large extent, predictable
Relatively closed to the environment
Components not purposeful; exist only as part of larger system
Multiple stakeholders, increasing threat, increasing complexity, greater uncertainty, rapid evolution
(SAF PA Case # )

5. Mobile Internet Adoption (>60% in 2010) BS Production (CS and CE)
A Perfect Storm
Internet Adoption
>80% in 2010
Technology Change
Threat
Complexity
286M+Threats in 2010
6 million probes/day in 2011
Connectivity
Foreign Supply
Mobile Internet Adoption (>60% in 2010)
7M nodes in 2011
20-120M LOC in 2010
Years
20k in 2004
5.1k in 2010
Vulnerabilities
6.7k in 2007
nvd.nist.gov
% outsourcing
Overruns (GAO)
20-50%
Cost Overruns
3.5M computers, 120k circuits in GIG in 2005
BS Production (CS and CE)
weeks
Explanation of Curves
For some variables (e.g., technology, connectivity) ideally we would include defense vs. industry curves, however, we include only one to enhance the clarity of the graph.
Terms: By IT we include both computing hardware and software (and telecom?)
We have increasing:
Technology Change: IT Patent Growth Rate ( % of patents awarded to foreigners from 44% in 1998 to 49% in 2008, and 51% in
Connectivity: Growth in telecom, internet and cross domain growth. ( Internet traffic increased from PB/Month in 1990 to 14,984 PB/Month in 2010.
Complexity: For example commercial operating systems have grown to 50M LOC (See Figure 5 in F22 > 2M LOC. Boeing 777 has 4M LOC. Aegis 5M LOC with 1.8M (36%) growth for DDG FA18 10M LOC going to 20M in JSF.
System Complexity: Barry Boehm statistics about the size and complexity of has on software intensive systems of systems (SISOS) (
10-100M LOC; external interfaces; suppliers; 6-12 hierarchical levels of suppliers (primes and subs); coordination groups (IPTs). See also Measuring Architectural Complexity by Grady Booch, IEEE Software 2008 which recommends SLOC.
Vulnerabilities: 12 new vulnerabilities per day reported in cve.mitre.org. Trends are all increasing:
CERT/CC 5,990 3,780 3,784 4,129 2,437
NVD 4,584 2,340 1,248 1,943 1,672
OSVDB 7,187 4,629 2,632 2,184 1,656
Symantec 3,766 2,691 2,676 2,604 1,472
Sources: Computer Emergency Response Team Coordination Center (CERT/CC), National Vulnerability Database, Open-Source Vulnerability Database, and the Symantec Vulnerability Database Year
# of NVD Vulns
From CVE
As of January 2011, NVD contains CVE vulnerabilities, 11 pr day. Team evaluates over 6k vulnerabilities/year.
211 US-CERT Alerts, 2448 US-CERT Vulnerability notes.
As of 12 Dec 2011, NVD contains CVE Vulnerabilities (7 per day), 220 Checklists, 221 US-CERT Alerts, 2556 US-CERT Vuln Notes, 6908 OVAL Queries, CPE Names
Foreign Supply: Primary sources of IT offshoring are India, Russia, and China;
Cost growth: Software cost can comprise as much as 90 percent of some programs, Maintenance 70% of life cycle costs. GAO reports increases in cost overruns
Threat: Increasing volume (50->5,000 per week) and sophistication (e.g., spearphishing) adversary attacks . In 1998 the number of viruses was approximately 20K, in 2000 it was about 50K. Now it is over 1million in 2008.
Time to market: Systems used to take a years to build and now because of complexity and bureaucracy acquisitions can take decades (e.g., satellite constellation).
Internet Adoption: – growing mobile internet usage (Smartphones)
[Is this a good source?] Pandasecurity.com - Malware viruses variants expanded from 14 to 16 million from 2008 to 2010
While at the same time we have decreasing:
US Computing Graduates: Data from Computing Research Association ( annual report which shows US Computing Graduates dropped from 14 to 8 thousand per year between 2004 and Jumped to 8k enrolled CS in 2010 (see
Expert Staff: Between , decreases in program managers (-5%), production engineers (-12%) and financial managers (-20%) whereas the test and evaluation workforce grew by 40% (Defense Acquisition Performance Assessment Report, Jan 2006)
System Response Times – cyberattacks on IT systems used to be lengthy planned out attacks but automated scanning, analysis, and global sharing of attack vectors makes attack cycles in the minutes and seconds
8k in 1998
4.6k in 2005
11k in 2011
9k in 2009
-5% program managers
<10%
Overruns in 1950s
-12% production engineers
Expert Staff
1.7 k in 2001
-20% financial managers
Response Timelines
1M LOC in 1998
50K viruses in 2000
Seconds
1998
2000
2002
2004
2006
2008
2010
2012

6. National Cyber security Initiative
DRAFT
Bold Responses
Eisenhower
Autobahn
Sputnik
Kennedy
1969
Bush/Obama
National Cyber security Initiative
DRAFT
thenewnewinternet.com
Aerospace.or

7. Cyber S&T Vision DRAFT STRATEGY REQUIREMENTS AND PLANS MISSION FOCUS
MAJCOM Requirements
Air Cyber
Space Cyber
Cyber Vision United States Air Force CyberS&T Vision
AF/ST TR December 2012
Cyber (C2, IT, Comms)
Independent Senior Expert Review
C2ISR Cyber
(2008) United States Air Force Scientific Advisory Board (AF-SAB) report on Defending and Operating in a Contested Cyber Domain
“Develop Mission Essential Cyber Competencies”
“Leverage existing technologies to develop cyber training and exercises.”
Fight through
(2010) Air Force Doctrine Document 3-12 RISE OF THE CYBERSPACE OPERATOR (pg38)
“Requires a well-educated and trained professional cadre”
“ready to provide the required capability and capacity for mission accomplishment”.
“…with technical and tactical expertise are mission essential individuals.”
“possess high levels of technical competence, robust analytical skills, and a critical understanding of cyberspace warfare application.”
(2011) Department of Defense Strategy for Operating in Cyberspace
“focus on communication, personnel training, and new technologies and processes”
“The development and retention of an exceptional cyber workforce is central to DoD’s strategic success in cyberspace.”
“The development of the cyber workforce is of paramount importance to DoD.”
“Continued education and training will be hallmarks of the cyber workforce…”
“DoD will invest in future personnel…”
AFSPC Science and Technology (S&T) Guidance, “Realistic Distributed Network Training Environment for Network Operations”, Tech need , Tech need date 2014
Increase Supply
Change the Culture
Mission Support (A1, AQ, A6, M&S, Critical Infrastructure)
Cross Cutting Enabling S&T
RFIs, EXPERT SUMMITS
DRAFT

8. Cyber Vision Team Senior Governance Team (3*) Key Senior Stakeholders
Dr. Mark Maybury (chair), Lt Gen Mike Basla (AFSPC/CV –> SAF/CIO A6), Lt Gen Janet Wolfenbarger (SAF/AQ), Lt Gen William Lord (SAF/CIO A6), Lt Gen Larry James (AF/A2), Lt Gen Chris Miller (AF/A8)
Key Senior Stakeholders
Lt Gen Charles Davis (ESC/CC, AFPEO C3I and Networks), Lt Gen Ellen Pawlikowski (SMC), Maj Gen Ken Merchant (AAC), Lt Gen Thomas Owen (ASC), Lt Gen “Hawk” Carlisle (A3/5), Maj Gen Neil McCasland (AFRL), Maj Gen Suzanne Vautrinot (24th AF), Maj Gen Mike Holmes (A3/5), Dr. Steve Walker (AQR), Dr. Jackie Henningsen (A9), Lt Gen(Sel) John Hyten (AQS –> AFSPC/CV), Maj Gen Robert Otto (AFISRA/CC), Maj Gen(Sel) Samuel Greaves (AFSPC/A8/9)
Cyber S&T Mission Area Study Leads
Air: Dr. Kamal Jabbour (AFRL/RI), Dr. Don Erbschloe (AMC), Mr. Bill Marion (ACC)
Space: Dr. Doug Beason (AFSPC), Col Brad Buxton (SMC) & Dr. Jim Riker (AFRL/RV)
Cyber: Dr. Rich Linderman (AFRL/RI), Dr. Doug Beason (AFSPC) & Mr. Arthur Wachdorf (24th)
C2ISR: Dr. Steven K. Rogers (AFRL/RY), Mr. Ron Mason (ESC), Mr. Stan Newberry (AFC2IC), Dr. Chris Yeaw (AFGSC), B Gen Scott Bethel (AFISRA/CV), B Gen (S) John Bansemer  (AFISRA/CVA), DISL Keith Hoffman (NASIC), Dr. Rick Raines (CCR, AFCyTCoE)
Mission Support (Talent, Training, Acquisition, Infrastructure): Dr. Steve Walker (AQR), Maj Gen Tom Andersen (LeMay Center), Mr. Mike Kretzer (688th), Dr. Nathaniel Davis (AFIT), BG Dwyer Dennis (AFMC/A2/5)
Enabling Technology: Dr. Jennifer Ricklin (AFRL), Dr. Robert Bonneau (AFOSR)
Threat: Mr. Gary O’Connell (NASIC), Col Matthew Hurley (AF/A2DD)

9. DRAFT Senior Independent Expert Review Group (SIERG)
Air
Space
Cyber
C2ISR
Mission Support
S&T, Threat, and Overall
Prof Mark Lewis, U. Maryland
Dr. Mike Yarymovych, Sarasota Space
Prof Ed Feigenbaum, Stanford
Gil Vega, DoE
Prof. Gene Spaffford, Purdue
Herb Lin, National Academy
Prof. Werner Dahm, ASU
Prof. Alex Levis, GMU
John Gilligan
Jim Gosler, Sandia
Evi Goldfield, NSF
Charles Bouldin, NSF
TBD OSTP
Natalie Crawford, RAND
Dr. Rami Razouk, Aerospace
Dr. Paul Nielsen, CMU/SEI
Dr. Mark Zissman MIT LL
Harriet Goldman, MITRE
John Woodward, MITRE
Lee Short, JH-APL
Giorgio Bertoli, Army
Konrad Vesey, IARPA
Stan Chincheck, NRL
Dr. Wen C. Masters, ONR
Lt Gen George Muellner (Ret) USAF
Keith Hall, BAH
Gen Mike Hayden (Ret), USAF
Lt Gen Ken Minihan (Ret) USAF
RADM Will Metts, NSA/TAO
Paul Laugesen NSA/TAO
Dr Starnes Walker, Fltcyber, Navy
VADM Mike McConnell, (Ret) USN
Lt Gen David Deptula, (Ret) USAF
Dr Ernest McDuffie, CMU
Gen (Ret) Jim McCarthy, USAFA
Dr. Peter Friedland
Prof Pat Winston, MIT
Robert Osborne, NNSA
Matt Linton, NASA ARC-IS
David Mountain, NSA
Dr. Yul Williams, NSA/CSS TOC
Dr. Charles Romine, NIST
Lt Gen Ted Bowlds, (Ret) USAF
Lt Gen Robert Elder, (Ret) USAF
Lt Gen (Ret) Trey Obering, USAF
David Honey, DNI
Dr. Steven King, OSD(R&E) PSC
Former DNI
Former USAF Chief Scientist
Former Director of NRO
Former Director NSA, DIA
NSA Reccs from Larry James:
Chris Inglis, the Deputy DIRNSA too high?
Our other recommendations, in priority order, would be
Mr Greg Smithberger, Director, NSA/CSS Tailored Access Office (TAO)
Mr Paul Laugesen Deputy TAO
NASIC recommended contacting Glenn Gafney, Director of S&T, and Andy Makridis, new Director of WINPAC
Ms Mo Baginsky at
Gil Vega, Chief Information Security Officer and Associate CIO for Cybersecurity, U.S. Department of Energy,
Four former AF chief scientists
Former DNIs
Former Director of NRO, Keith Hall
Former AFRL Commanders
Dr. Yul Williams, NSA/CSS Threat Operations Center Technical Director
RADM Will Metts, Deputy Chief, TAO
Lt Gen George Muellner (Ret) USAF, former SAF/AQ
Lt Gen Ken Minihan (Ret) USAF, Former Director NSA
Gen Mike Hayden (ret), USAF, former DNI, NSA and CIA director
VADM Mike McConnell, (Ret) USN, former DNI, DRNSA
Lt Gen (Ret) David Deptula, USAF, Former AF/A2
Dr Ernest McDuffie, CMU National Initiative on Cyber Education
David Honey, PhD - ADDNI for S&T, Director, S&T
Herb Lin, National Academy, Chair Computer Science Panel
Giorgio Bertoli, Army CERDEC I2WD
Lt Gen (Ret) Trey Obering, USAF, former Director of Missile Defense Agency now SVP at Booze Allen Hamilton
Prof. Werner Dahm, SDSI & ASU
Lt. Gen. Robert J. Elder former Commander, 8th Air Force, Air Combat Command and Joint Functional Component Commander for Space and Global Strike, U.S. Strategic Command, Offutt AFB, Nebraska. Now Research Faculty at George Mason University.
Giorgio Bertoli Army CERDEC I2WD (Intelligence & Information Warfare Directorate ) works for Henry Muller (SES) (CERDEC) Army
Mr. John Gilligan, Air Force Chief Information Officer (CIO) and former SVP and Director at SRA International
Recommended: Dr Rick Boivie (IBM), Dr Don Robinson (NG), Dr IT)
DRAFT

10. Key Events 12-13 March – Air Workshop, Langley
18-20 Jan – Preliminary Air-Cyber Mission Meeting – Edwards AFB
23 January – Threat Workshop (SCI), Washington, DC
(7-9 Feb, AFCEA Cyber Conf, Colorado Springs)
Air-cyber: 8 Feb (Scott AFB), 9 Feb (Langley)
8-9 Feb 24th AF/US Navy Cyber Tech Summit, Colorado Springs, CO
24 Feb – RFI Input Due (See
29 Feb – 2 Mar – West Coast Industry Visit for team leads
5-9 March – AFOSR Computational Sciences Review, DC
12-13 March – Air Workshop, Langley
14-15 March – C2ISR Workshop, Langley
19-21 March – Space-Cyber, Cyber, S&T Workshops, AFSPC, Peterson AFB
22-23 March – AFA Cyber Futures Conference, Gaylord, DC
27 March - Mission Support Summit, DC
28 March - AF-DoE Cyber Summit, ORNL
29 March - DARPA Cyber PM Briefs to CV25 Mission Leads
TBD April – NSA/CYBERCOM Day, Ft Meade
10 Senior Independent Expert Review Group – Slide Review
9 - Senior Independent Expert Review Group – Doc Review
POCs
March – Air-Cyber Workshop, Langley AFB
March – C2ISR-Cyber Workshop, Langley AFB
March – Space-Cyber Cyber and Cross cutting Cyber S&T AFSPC, Peterson AFB
- (22-23 March – AFA Cyber Futures Conference, Gaylord, DC)
- 27 March - Mission Support Summit, DC
28 March - AF-DoE Cyber Summit, ORNL
29 March - DARPA Cyber PM Briefs to CV25 Mission Leads, DARPA I2O SCIF
- TBD - 3, 4, 9, or 30 April – NSA/CYBERCOM Day, Ft Meade

11. Elements of Contested Cyber
ATTACKS
TARGETS
EFFECTS
Insider attack, unwitting behavior
Data and policy corruption
Human Organization
Disinformation, distraction, confusion
Disruption of C2, behavior manipulation
Command and
Control
Formation
Processing
Sensor
Mission Layer
Code manipulation, malware
Worms, viruses, flooding
Induced inaccuracies and failures
Denial of service, exfiltration
Application Layer
OS/Network Layer
Life-cycle implants of backdoors
Physical destruction, eavesdropping
HW/Systems Layer
Triggered malfunction, performance loss
Loss of communication
Materials, Devices & Comm. Links 11

12. Partnership and Focus COCOMs Intelligence Community
CYBERCOM
Intelligence Community
NSA, CIA, NRO, FBI, IARPA
Army, Navy, Marines
Land and Maritime cyber
National Labs
Air, Space, C4ISR
Federal Research DARPA, NSF, FAA, OSTP, NASA
FFRDCs
Critical Infrastructure
DHS, EPRI, Utilities
Industry & Consortia (e.g., DIB Pilot)
Academia
Air Force will leverage cyber capabilities and investments of our partners and focus S&T investment on Air Force missions

13. Principles & Practices
DRAFT
Principles & Practices
Principles
Least Privilege (e.g., white listing, discretionary access control)
Balance of power (e.g., distribution of authority, peer review, two person rule)
Minimization – limit attack surface, limit dependencies, reduce capability to essentials
Simplification – Pursue only necessary complexity
Resiliency (flexibility, rapid reconstitution, active defense), Robustness (e.g., redundancy), and Readiness (e.g., intel/situational awareness, training)
Diversity
Speed (responsiveness) , Agility, and Evolvability
Balance (Offense/defense, human creativity and machine intelligence, confidence/control)
Cost and efficiency
Practices
Systems, e.g., redundancy, diversity, roots of trust (hardware and software, supply chain)
Architectures, e.g., loose couplers (avoid brittleness)
Acquisition, e.g., clear/focused requirements, early/continual user/test involvement, early prototyping and rapid cycles for evolution, modular/open standards, model driven archs
Information, e.g., chain of custody, encryption at rest/in motion
Operations, e.g., fractionated authority, cyber hygiene
People, e.g., accessions, education and training, deep experience
DRAFT

14. DRAFT
AF Cyber S&T Vision
“Assured cyber advantage across air, space, cyber, C2ISR, and mission support”
Assured – Ensured operations in congested, competitive, contested, and denied environments in spite of increased dependencies, vulnerabilities, and threats
Cyber – its defense, exploitation, operation
Advantage – we seek a speed, agility, and effectiveness edge over our adversaries to ensure operational dominance
Across – we require superiority within and across
Air, space, cyber, C2ISR, mission support – we require full spectrum cyber solutions
DRAFT

15. AF Core Mission Prioritized S&T Roles
DRAFT
AF Core Mission Prioritized S&T Roles
Technology Leader – Creates or invents novel technologies through research, development and demonstration. Key S&T for core Air Force Title 10 missions and associated platforms with few or no other investors outside of the Air Force, e.g., IADS
Fast Follower – Rapidly adopts, adapts or accelerates technologies originating from external leading organizations, e.g., hardening DoE’s microgrids
Technology Watcher – Uses and leverages others S&T investments for non core missions, e.g., generic IT
DRAFT

16. BACKUP Slides

17. What is Out of Scope? In: Cyber exploitation, defense, operations
Cyber security of communications, data links, power
OSD (R&E) Priority Steering Committees – Cyber, Data to Decisions, Autonomy and cyber aspects of Human Systems and Resilient Systems Engineering (but not Countering WMD, EW/EP)
Out:
Commodity commercial IT infrastructure and communications
Spectrum allocation and/or management – except for application to use of cyber methods for spectrum protection
Electronic warfare
Directed energy - lasers or high power microwave for sensing or communication

18. Software Challenges
Increasing % of mission systems software (air, space, cyber, C2ISR)
Large (10s of millions SLOC) and complex - (dependencies)
Acquisition difficult - 46% over budget (by 47%) or late (by 72%); Successful projects have 68% specifications
Scarce Talent
Source: SEI, LM

19. Cyber Trends Bigger: HPC: Petascale to exascale
(top500.org)
Bigger: HPC: Petascale to exascale
Programmable, performance (peta to exa), green
Smaller: Nanoelectronics (e.g., nanowires, memristers)
Diverse: Clusters, clouds, GPUs, FPGAs
Embedded: 4.5M LOC in F-35, 90% of functionality
More contested and dangerous: Advanced threat, insider threat, supply chain
More competitive: global hardware, software, talent
More complex: Interconnected
Greener: infrastructure and algorithms
Less US talent: STEM Challenge
“Over the past 30 years, minimum feature sizes for advanced integrated circuits have been reduced by over 100X, from several microns in the early 1980s to just 32 nm today, with plans for sub-20 nm production firmly in place at most major manufacturers. While predictions abound that the relentless pace of geometry shrinks will have to end at some point, it seems clear the industry is well on target to continue shrinking geometries to less than 10 nm before the end of the decade. What is less clear is which lithographic technology will be used in producing these leading-edge devices…” Moshe Preil, GLOBALFOUNDRIES
INTERNATIONAL TECHNOLOGY ROADMAP FOR SEMICONDUCTORS (ITRS)has identified energy as one of the top three overall challenges for the last seven years
- computational energy/operation (per logic and per memory-bit state changes
energy efficiency of basic components (i.e., switches, wires, and memory bits) and end-equipment (e.g., microcontrollers, signal processors, and power/battery management circuits) are key to the efficiency of communications systems, household appliances, transportation (e.g., cars), industrial machines, etc.
---
On December 1, 2010, the U.S. Air Force unveiled the “Condor Cluster,” a supercomputer made of more than 1,716 processors taken from PlayStation 3 video game consoles, and designed by military scientists at the Air Force Research Laboratory (AFRL) in Rome, New York. the Condor Cluster calculates an impressive 500 trillion operations per second. This is the fastest interactive computer currently in use at the Department of Defense (DoD). 168 General Purpose Graphical Processing Units
According to Air Force officials, the Condor Cluster is 10 to 20 times less expensive than similar supercomputers used by the U.S. government. Officials also said it consumes less than one-tenth the amount of energy, making it a "green" supercomputer. The new system will be freely available to all DoD users on a shared basis
Source:

20. DoD Cyberspace Strategy
DEPARTMENT OF DEFENSE STRATEGY
FOR OPERATING IN CYBERSPACE
Treat as an Operational Domain
Employ New Defense Operating Concepts
Partner with Public and Private Sectors
Build International Partnerships
Leverage Talent and Innovation
DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE
Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s
potential
Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems
Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy
Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity
Strategic Initiative 5: Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation
Source: DoD Strategy for Operating in Cyberspace, May 2011

21. Cyber JCTDs Non Persistent Desktop Browser (NPDB)
Protection and Operation of IP Secure Network Terrain (POINT)
DISA Mission Assurance Decision Support System (MADSS)
Computer Adaptive network Defense in Depth (CANDID)
Smart Power Infrastructure Demo for Energy Security and Reliability (SPIDERS)
Cross Domain Collaboration Information (CDCIE)

22. Executable Lines of Code in Mission Systems
ESLOC is a valuable and intuitive measure that is correlated with the number
of people required to build, use, and maintain software systems.11 However,
dimensions beyond size can significantly increase the complexity of IT systems.
For example, Boehm and Lane (2006)12 describe how software intensive systems
of systems (SISOS) “integrate multiple, independently developed systems” and
“are very large, dynamically evolving, and unprecedented with emergent
requirements and behaviors, and complex socio-technical issues to address.”
SISOS are characterized by 10–100 million LOC; 30–300 external interfaces; 2–
200 suppliers; 6–12 hierarchical levels of suppliers (primes and subs) and 20–200
coordination groups (or integrated product teams).
Sources: CARD Data, SEI, CSIS Analysis. Fig 7 from 2009 DSB TF on IT Acquisition

23. Adoption Acceleration
Source:
See also: