Strengthening Electronic-Warfare Systems with Cybersecurity Measures

What you’ll learn:

The state of security in electronic-warfare systems.
Obstacles ensuring security in EW systems, including the overlapping dependence between EW and cybersecurity.
How designers can address these obstacles applying advanced cybersecurity practices.

Electronic warfare (EW) has been around since the late 1800s when the British Army used a searchlight to "bounce" Morse code signals off the clouds. By the time of World War II, both the Allies and Axis Powers extensively used EW, or what Winston Churchill termed the "Battle of the Beams."

Today, devices whose functions depend on the electromagnetic spectrum (EMS) are used by both civilian and military organizations and individuals for intelligence; communications; positioning, navigation, and timing; sensing; command and control; attack; ranging; data transmission; and information storage and processing. The military requirement for unimpeded access to, and use of, the EMS means EW is essential for both protecting friendly operations and denying adversary operations.

The Electronic-Warfare Ecosystem

EW is the general term given to the use of electromagnetic energy to attack or defend a target. It's further categorized into electronic attack (EA), electronic protect (EP), and electronic-warfare support (ES).

EA involves the offensive use of electromagnetic-energy weapons, directed-energy weapons, or anti-radiation weapons to attack personnel, facilities, or equipment with the intent of degrading, neutralizing, or destroying enemy combat capability. The end goal of EA is to create an environment where conventional attacks on an adversary can be more effective.

EP are the defensive techniques to protect against friendly or enemy use of electromagnetic energy.¹ Some EP examples include the use of spread spectrum, flare rejection logic, and frequency-hopping communications to resist jamming (Fig. 1).

1. Electronic attack (EA), electronic protect (EP), and electronic-warfare support (ES) are terms given to the use of electromagnetic energy to attack or defend a target.

ES is the tactical use of the electromagnetic spectrum to perform Intelligence, Surveillance, and Reconnaissance (ISR) on the battlefield. ES can be used to locate and identify enemy assets to prioritize their neutralization. This can be done by intercepting messages directly, or by using the EM properties of transmissions with other known enemy tactics, techniques, and procedures (TTPs) to the friendly commander’s advantage.

Cybersecurity plays a critical role in EW. The three categories of EW depend heavily on interconnected systems for Command, Control, Communication, Computers, Cyber, and ISR (C5ISR). In everyday cyberwarfare, a common attack method is to put a computer in an unstable state where the processor can be accessed and exploited to execute malicious code remotely. On the battlefield, a targeted energy attack is likely to be used to compromise computers, and if used in conjunction with a cyberattack, could compromise entire networks of systems.

^{>>Check out this TechXchange for similar articles and videos.}

Topics

TechXchange: Defense Electronics

RF/microwave technology is at the heart of the modern defense electronics sector.

Electronic Warfare and Cybersecurity

The overlapping dependence between EW and cybersecurity poses a unique challenge to designers implementing these systems because they're simultaneously independently functioning, and yet co-dependent on each other’s stability.

Software must be constructed in a way that's immune to an EW attack. An EW attack could be used to jam a friendly network while a cyberattack is taking place simultaneously. The attack may consist of a virus or program that's uploaded to the same network and used to infiltrate the software, potentially corrupting data or exposing critical information to the attacker.

One important method to reduce vulnerabilities in software is to use static application security testing (SAST) techniques and a coding standard or a list of programming rules designed to identify and remove known attack vectors within the software (Fig. 2). Some commonly accepted coding standards are MISRA, Cert Secure Coding Standards, and CWE.

2. Static application security testing and a coding standard are among the techniques that can be used to reduce security vulnerabilities in software used in EW aircraft (photo of EA-18G Growler).

Because EW is so dependent on digital systems, it faces the same challenges it looks to exploit. Defects can be catastrophic and persistent, and the update process for the EW inventory is generally a lengthy one.

Static-analysis tools can be used on software throughout its development, allowing that analysis to be done early and often, checking code against the chosen coding standard to highlight potential security threats. This reduces the number bugs and the cost of development.

Looking further into the development lifecycle, dynamic application security testing (DAST) along with data and control coupling analysis can be helpful in identifying dependencies and vulnerabilities within software.

Dynamic analysis quickly identifies which parts of software haven't been executed, and as a result, not tested. It can also help pinpoint weaknesses and vulnerabilities such as memory leaks, buffer overflows, and race conditions. Through unit testing, the effectiveness of security controls and mechanisms can be exercised, validating inputs and verifying access control mechanisms are both implemented correctly and enforced during runtime (Fig. 3).

3. Designers need to ensure all security risks are known and understood, especially for aerial command and control aircraft such as the E3 sentry AWACS.

Complementing dynamic testing is data and control coupling analysis. Ensuring appropriate levels of separation exist between modules, and proper protocol is implemented to protect data, is paramount to a secure system.

Some common best practices to guard against cybersecurity vulnerabilities with data and control coupling include minimizing data sharing, validating and sanitizing inputs, designing for portability, and regularly monitoring data and control flows within the system.

Dynamic analysis and data and control coupling analysis tools are available that can analyze and manage all of this information and make it quick and easy for software developers to verify their software is safe and secure. This idea is also introduced via taint analysis—a method used to identify user inputs and tracked throughout the system, ensuring all possible avenues for security risks are known and understood.

Cybersecure C5ISR Systems

Creating a robust system that resists EW attacks is a challenge. C5ISR systems are independent in their functionality, but a successful attack on one can create a waterfall effect, resulting in widespread damage.

Applying cybersecurity practices such as static analysis and using a coding standard, running dynamic analysis, unit testing software, analyzing the data and control coupling, and reviewing the taint analysis are essential for creating a more resilient system.