Product Line Guide - Advatech Pacific Tactical Cross Domain

Transcription

Product Line Guide - Advatech Pacific Tactical Cross Domain
Product Line Guide
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Tactical Cross Domain Solutions
Advatech Pacific’s Tactical Cross Domain
Solutions are uniquely suited for sharing
information at the tactical edge
In today’s increasingly connected battle space, instant information
sharing is a necessity. For such systems, a cross domain solution
(CDS) is a key enabling technology. A CDS allows selective,
assured communication between networks of different levels of
security by controlling the data flowing between the two networks. A
high quality CDS does this by content aware inspection of the data,
passing the data items unchanged, sanitizing individual items, or
blocking the data flow entirely, according to a pre-specified security
policy rule set. A good CDS also validates that the data flow content
is well-structured and contains only good values for each individual
data item to reduce the risk of covert channels or the transfer of
malware content.
As mobile devices become an essential part of the war-fighter’s kit, the
need for network connectivity extends down to the individual soldier.
With this expansion of the network, the challenge of cybersecurity is
a critical concern. A robust CDS capable of withstanding the harsh
environmental conditions and physical constraints of a soldier kit or
crowded vehicle can provide an effective cyber defense mechanism
at the far reaches of the network. At the tactical edge, a CDS must
not only protect sensitive systems from cyber threats, but it must
also protect itself from compromise in the event that it falls into
adversary hands.
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Tactical Cross Domain Solutions
Table of Contents
CyberGuard™ Core Cross Domain Technology...........................6
TACDS™ - Militarized for Deployment in Tactical Vehicles.........8
TACDS™ - Specifications...............................................................9
CenturionCDS™ - Next Generation Ultra Small CDS.................10
CenturionCDS™ - Specifications................................................. 11
Potential Tactical Cross Domain Applications...........................12
Cross Domain Filter Components...............................................15
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Tactical Cross Domain Solutions
Common Core Security Framework
CyberGuard™ is the common core security
framework used in TACDS™ and CenturionCDS™. A common core means fewer changes
to adapt the CDS to a new tactical application
which directly translates into faster certification
cycles. The CyberGuard™ core provides a
robust security framework for all future generations of Advatech’s cyber security products.
Low Size, Weight and Power (SWaP)
The CyberGuard™ core security framework is
specifically targeted to operate on the embedded hardware systems that need small, lightweight, low power products, like TACDS™ and
CenturionCDS™. This allows Advatech’s CDS
products to be deployed in tactical vehicles,
command posts, shelters, aircraft, unmanned
vehicle system (UVSs), remote sensors and
even in dismounted soldier kits.
6
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Built-in Anti-tamper
With CyberGuard™, robust FIPS 140-2 Level 4 tamper resistance is built-in. Attempts to
break into the device are detected and countered even when the system is powered down;
everything stored inside the device is securely
encrypted. This means that a CDS, even when
forward deployed in a hostile environment or
lost behind enemy lines, is protected from unauthorized access automatically.
Ease of Use
CyberGuard™ is meant to be user-friendly. A
CyberGuard™ CDS operates automatically
at power-up without any user interaction. This
means that there is no impact to vehicle crew,
command post personnel, or individual dismounted soldiers. It also means that the CDS
can operate in UAV, radar stations and remote
sensor networks without human intervention.
10100100001
10
0101010 1 0 1 0
010101010
10 1 0 1 0 1 0 1 0 1 0
10
Advatech Pacific’s CyberGuard™ core CDS technology handles all of the challenges
of tactical cross domain solutions. Used as the common security core across
Advatech’s CDS product line, CyberGuard™ is at the heart of both TACDS™ and
CenturionCDS™. With high performance, low size, weight and power (SWaP)
requirements, robust anti-tamper and user-programmability at an affordable cost,
Advatech Pacific’s CDS products with CyberGuard™ core technology provide
excellent security at the tactical edge.
10
0100101
01010110101
HIGH-SIDE
10
SECURITY DOMAIN
10
CyberGuard™ Core Cross Domain Technology
1 010101010
1
1
LOW-SIDE
SECURITY DOMAIN
1101001000011
TM
CORE CDS TECHNOLOGY
Customer Programmable
Cross Domain Product Line
Low Cost
CenturionCDS™ is the latest Advatech Pacific
CDS product to incorporate the CyberGuard™
core. With its small size, minimal power usage
and ultra-light weight packaging, CenturionCDS™ is ideally suited for dismounted soldiers, small unmanned vehicle systems (UVS)
and other embedded system applications.
With the CyberGuard™ core, all network configurations, filters and rule sets are completely
customer configurable. CyberGuard™ utilizes a standard human-readable XML file for
configuration, based on the NSA’s Data Flow
Configuration File Specification. This allows a
customer with the proper security credentials
to configure and program a CyberGuard™
without requiring that it be done by Advatech
Pacific.
The CyberGuard™ core security technology
was designed with cost in mind. With a common technology suite across all products,
a solidly proven technical design, customer
programmability, a straightforward pricing approach and superior product support, the CyberGuard™ product line provides an economical and affordable solution for all tactical CDS
applications across the entire system life-cycle.
TACDS™ is Advatech Pacific’s initial CDS
product offering. Using the CyberGuard™ core
technology, TACDS™ has been NSA certified and placed on the Unified Cross Domain
Management Office (UCDMO) Baseline List of
Validated Solutions. TACDS™ leverages all of
the features of its CyberGuard™ core into an
extraordinarily rugged system that integrates
easily into tactical vehicles, command posts
and aircraft.
www.TacticalCDS.com
7
Tactical Cross Domain Solutions
TACDS™ - Militarized for Deployment in Tactical Vehicles
TACDS™ - Specifications
Advatech Pacific’s Tactical Cross-Domain Solution
(TACDS™) enables the automated exchange of
tactical information between security domains
and is specifically designed to meet the unique
needs of war-fighters at the Tactical Edge. Built
on the CyberGuard™ Core, TACDS™ provides a
low cost, small Size, Weight, and Power (SWaP),
rugged, tamper-resistant cross domain solution
that is ideal for tactical vehicles, mobile shelters,
ground sensor systems and aircraft.
Security Architecture
■■ Hardware enforced domain
separation
■■ FIPS 140-2 Level 4 anti-tamper with
automatic device zeroization built-in
■■ Encrypted storage of rule sets &
audit logs
■■ Secure boot and trusted platform
verification upon power up
■■ Authenticated, role based device
management
Ease of Use
■■ Many message formats supported
through pluggable filter component
interface.
■■ User programmable rule sets
■■ Autonomous, bi-directional message
filtering
■■ No user interaction required for
normal operation
8
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Physical Characteristics
Dimensions 7 in. x 4 in. x 1.75 in.
Weight 1.75 lb
Power 12-33 VDC, 9 watts
Operating Temperature
Storage Temperature
Operational Altitude
Reliability and Maintainability
Predicted MTBF >150,000 hours
Predicted MTTR 10 mins
Network Ports
10 / 100 Ethernet
RS-232
USB 2.01
Management Port – USB/Com
Tactical Packaging
■■ Low Size, Weight, and Power (SWaP)
■■ Ruggedized for military ground,
airborne, and maritime environments
■■ Fully environmentally qualified package
■■ Tamper resistant
■■ Highly reliable, low maintenance impact
Proven Technology
■■ Fully National Security Agency
(NSA) certified for Secret and
Below Interoperability (SABI) under
sponsorship from the US Marine Corps
■■ Listed on the Unified Cross Domain
Management Office (UCDMO) Baseline
List of Validated Solutions
■■ Proven capable around the world
in numerous military exercises,
demonstrations and operations
Environmental
Mechanical Shock
Gunfire Shock
Ballistic Shock
Vibration
Protocols Supported
TCP, UDP
Unicast, Multicast, Broadcast
PPP, IGMP, ARP
IPv4, IPv6
Throughput/Latency2
12 Mbps for KLV Full Motion Video streams (4
SD or 2 HD 720p video streams)
Up to 400 messages per second for typical VMF
messages
Typical latency < 10 msec for typical VMF
messages
1
2
Special order; contact sales for quote
Message type, size and rule set dependent
Fluid Contamination
Relative Humidity
Rain / Immersion / Ice /
Freezing Rain
EMI/EMC
Power
-40 °C to 70 °C
-51 °C to 85 °C
0 - 15,000 Ft above
sea level, 0 - 60,000
Ft above sea level 1
40g, 11 msec, each
axis
5g, 20 msec, each
axis
4,000g each axis
MIL-STD-810G,
Method 514.6, Procedure I, Tracked &
Wheeled Vibration
Profiles
Diesel, Hydraulic,
Oil, Bleach
10-95%
MIL-STD-810G,
Methods 506.5,
512.5, 521.3
MIL-STD-461F,
RE102, CE102,
CS101, CS114,
CS115, CS116,
RS103
28 VDC, MIL
www.TacticalCDS.com
9
Tactical Cross Domain Solutions
CenturionCDS™ - Next Generation Ultra Small CDS
CenturionCDS™ - Specifications
CenturionCDS™ is Advatech Pacific’s next generation, high performance, ultra small
tactical Cross Domain Solution (CDS). It enables secure data transfer to tactical warfighters without adding to the space, weight or power burden of dismounted soldiers.
CenturionCDS™ is built on the proven CyberGuard™ security framework that allows
CenturionCDS™ to use the same filter components and security policy rule sets
available in Advatech Pacific’s NSA certified CDS, TACDS™.
Ease of Use
■■ Many message formats supported
through pluggable filter component
interface.
■■ User programmable rule sets
■■ Autonomous, bi-directional message
filtering
■■ No user interaction required for
normal operation
10
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Environmental
Reliability and Maintainability
Mechanical Shock
Dimensions 3.4” x 2.25” x 1” (86mm x 57mm x
35mm)
Weight 4 oz (114 grams)
Power 5 – 16 VDC, < 2W
Predicted MTBF >150,000 hours
Predicted MTTR 2 mins
CenturionCDS™ is 100% Compatible with
TACDS™ Filter Components and Rule Sets
Security Architecture
■■ Hardware enforced domain
separation
■■ FIPS 140-2 Level 4 anti-tamper with
automatic device zeroization built-in
■■ Encrypted storage of rule sets &
audit logs
■■ Secure boot and trusted platform
verification upon power up
■■ Authenticated, role based device
management
Physical Characteristics
Network Ports
Low Side - USB 2.0 Peripheral Mode,
10 / 100 Ethernet
High Side - USB 2.0 Embedded Host Mode,
10 / 100 Ethernet (Adapter Cable required)
Management Port – High Side USB Port
Tactical Packaging
■■ Low Size, Weight, and Power (SWaP)
■■ Ruggedized for soldier worn, unmanned
vehicle systems (UVS) and other
embedded applications
■■ Tamper resistant
■■ Highly reliable, low maintenance impact
■■ Custom packaging for embedded
applications available with special
orders
Operating Temperature
Storage Temperature
Operational Altitude
Gunfire Shock
Vibration
Relative Humidity
EMI/EMC
Protocols Supported
TCP, UDP
Unicast, Multicast, Broadcast
PPP, IGMP, ARP
IPv4, IPv6
Throughput/Latency1
Up to 15 Mbps for KLV Full Motion Video
Typical latency < 20 msec
1
Message type, size and rule set dependent
Input Power
-40 °C to 70 °C
-51 °C to 85 °C
0 - 10,000 Ft above
sea level
40g, 11 msec, each
axis
5g, 20 msec, each
axis
15 – 2000 Hz,
0.1g2/Hz
10-95%
MIL-STD-461F,
RE102, CE102,
CS101, CS114,
CS115, CS116,
RS103
5 -16 VDC IN Jack,
< 500ma Avg, 1A
Peak High Side
USB OTG Port, 4.4
– 6.2VDC (VBUS),
< 500ma, Requires
internal Li+ rechargeable battery
option
Based on Proven Technology
■■ Utilizes same CyberGuard™ core
technology as NSA certified TACDS™
■■ Fully backward compatible with
TACDS™ firmware, software, rule sets
and audit logs
www.TacticalCDS.com
11
Tactical Cross Domain Solutions
Potential Tactical Cross Domain Applications
Situational Awareness and Command & Control
TACDS™ and CenturionCDS™, both built on the CyberGuard™ core cross domain
solution technology, support a wide variety of tactical deployments and systems.
Each CyberGuard™ based CDS can process numerous mission-enabling tactical
data and message formats to provide instant, secure access to real-time information
for all war-fighters on the battlefield. With its broad capabilities and tactical focus, the
CyberGuard™ CDS family is well suited for the diverse tactical requirements of the
modern battlefield.
Example Uses
■■ VMF Messages
■■ SA & C2 Data
■■ Position/Location
Information (PLI)
■■ MEDEVAC Information
■■ Link-16/JREAP
Coalition Interoperability
Example Uses
■■ STANAG 4677
■■ Realtime C2 & SA
■■ ISR Video Collaboration
On the front line the ability to exchange tactical situational awareness (SA) and command and
control (C2) data in real-time greatly enhances mission success. Sharing this information in realtime across security domains improves both the warfighters’ and commanders’ comprehension
of the battle space, decreases decision cycles, and reduces the chance for friendly fire incidents.
A cross domain solution installed in vehicles or carried by dismounted soldiers maintains network
cyber security and allows information to flow between the individual soldier and the command level
networks.
Real-time Condition Based Maintenance
Information sharing between coalition partners in today’s battlefield is challenging due to each
nation’s ISR and Battle Management Systems being isolated from other nations’. Sharing time
sensitive information with another country is a cumbersome manual process that is compounded
because each national system is unique and may rely on custom or proprietary information
exchange protocols. NATO has recently ratified Dismounted Soldier System Standards and
Protocols for C4 Interoperability standardization agreement 4677 (STANAG 4677), which provides a
protocol and messaging standard for real-time information exchange at the dismounted soldier level.
The remaining challenges are adapting STANAG 4677 to each national system’s custom protocols
and providing each nation the ability to limit the situational awareness information to be shared with
other nations.
A CyberGuard™ based tactical CDS can address both of these challenges. Using the Advatech
Pacific developed Coalition Interoperability Gateway, a CyberGuard™ CDS can seamlessly translate
in real-time between a coalition standard format like the NATO STANAG 4677 and a national format
like the US MIL-STD-6017 VMF. This translator approach provides a more cost effective way to
share information as compared to upgrading all of a nation’s tactical systems to the new format.
Also, since the Coalition Interoperability Gateway is built on a CyberGuard™ CDS, the utilizing
nation automatically gets a robust and flexible filtering engine that can be used to selectively limit the
sharing of sensitive data with partner nations.
12
Copyright © 2014 Advatech Pacific Inc. All rights reserved
Example Uses
■■ Vehicle Health &
Status Monitoring
■■ Remote Maintenance
& Vehicle Diagnostics
■■ Fuel & Ammunition
Level Monitoring
A big challenge of maintaining a fighting force in the field is the cost and complexity of its logistics
tail. Keeping track of the health and status of each of the unit’s vehicles while it is in operation,
commonly referred to as Condition Based Maintenance (CBM), greatly reduces the size and cost
of the logistics tail. With the inclusion of our rugged tactical CDS, TACDS™, unclassified logistics
data can be shared in real-time across the tactical network to operations personnel in the classified
command post networks. This real-time access to information such as fuel, ammo state and vehicle
health and status data permits more efficient logistics planning and delivery. Furthermore the
vehicle health and status data enables prognostics and diagnostics algorithms to fix things before
the break or more rapidly fix them when they do break.
www.TacticalCDS.com
13
Tactical Cross Domain Solutions
Cross Domain Filter Components
Real-time Video & ISR Data Collection & Dissemination
Example Uses
■■ UAV Video
■■ Unmanned Ground
Sensors
■■ Remoter Sensor Video
■■ Every Soldier is a
Sensor
■■ Vehicle-mounted
Cameras
■■ Soldier-carried Cameras
Sharing live video among all levels of a combat force has been demonstrated to be a huge force
multiplier. CyberGuard™ based tactical CDS products, with their support for full motion video,
mitigate security concerns and enable this crucial video distribution on the battlefield in realtime. Sensors and other ISR assets deployed statically on the ground or on airborne or vehicular
platforms provide key raw data for intelligence, surveillance, or reconnaissance analysts. Our
tactical CDS provides a key cyber security element that allows the sensors to be both remotely
accessed and remotely controlled in real-time, enabling valuable sensor data to be quickly
analyzed to provide more timely intelligence to affect the outcome of an engagement or a more
secure force protection posture for a perimeter.
Advatech Pacific’s CyberGuard™ Core security framework includes a pluggable filter
component architecture that allows content aware filtering of custom data flows.
Filter components for the following data formats are currently available or in
development. Special purpose filters can be rapidly customized for your specific
application.
■■ MIL-STD 6017/A/B Variable Message
Format (VMF)
■■ Web Service Description Language
(WSDL)
■■ Full Motion Video with Key Length
Value Meta-data (KLV-FMV)
■■ XML – Configurable for Cursor
on Target (CoT) and other well
structured XML Schemas
■■ STANAG 4586 UAV Payload,
Platform Control
■■ Customizable Text/ASCII & Binary
■■ Tactical Ground Reporting System
■■
■■
■■
■■
■■
■■
(TIGR)
SolarWinds Gateway
Radar formats including ASTERIX
STANAG 4677 - Coalition
Interoperability Gateway
Configurable Image (suitable for
JPG/JPEG, BMP, PNG, NTIF)
Terra Harvest Unattended Ground
Sensor Remote Interface
Google Protocol Buffers
Unmanned Vehicle Platform & Payload Control
Example Uses
■■ STANAG 4586 - UAV
Platform and Payload
Control
■■ Cursor on Target
(COT)
■■ STANAG 3277 - Air
Reconnaissance
■■ Text Based Sensor
Cueing Messages
Unmanned Vehicle Systems (UVS) have become an integral part of the modern battlefield but
controlling a UVS is complex and has introduced many new security challenges. UVSs frequently
have unclassified vehicle management subsystems and its payload sensors or subsystems
round and Control System (GCS) and remote tactical user terminalsmay include a mix of both
unclassified and classified security domains. CyberGuard™ based tactical CDS products are well
suited for the security challenges of UVS platforms and GCS and address the need to protect the
security boundaries both on and off-board the platform. Additionally, a CyberGuard™ CDS acts as
a strong cyber defense guard to prevent hostile takeover of the platform.
14
Copyright © 2014 Advatech Pacific Inc. All rights reserved
www.TacticalCDS.com
15
Advatech Pacific Electronics & Communications Business Unit
4134 Linden Ave. Suite 304
Dayton, Ohio 45432
Phone: 937-723-2001
Fax: 937-496-5466
Email: cds-info@advatechpacific.com
Website: www.TacticalCDS.com