Cyber resilience, a prerequisite for autonomous systems – and vice versa

With defence capabilities increasingly interconnected, strong cyber resilience becomes ever more important. Military platforms, in all domains, must rely on communication networks protected against all types of cyber threats. This is particularly true for unmanned and autonomous systems. Conversely, autonomous systems shaped like intelligent agents tend to become indispensable for achieving the required high level of cyber resilience. 

Autonomous cyber response capabilities rely on a smart use of emerging technologies such as machine learning, Internet of Things (IoT) and Big Data. “To ensure that autonomous systems used by our Armed Forces are both cyber resilient – a functionality which allows a dynamic endurance when a cyber-attack occurs – and able to perform their military tasks, following a ‘system engineering’ approach is essential”, explains Salvador Llopis Sanchez, the European Defence Agency’s (EDA’s) project officer for cyber defence technologies.

In practical terms, it means that military capability developers must handle cyber protection requirements and military engineering needs (system design, life cycle management, etc.) simultaneously and in a coordinated manner, approaching the related system architectures with a security-centric mindset at the early stages of new developments. Artificial Intelligence (AI) may provide clues on how to build robust security system architectures by identifying security design flaws. A system engineering approach is needed to enforce the compliance of all aspects of the final capability with mission specifications, validated and verified against user requirements.

Given that more and more defence products are developed, produced and commercialised off-the-shelf solutions provided by civil companies – especially in the unmanned and autonomous realm – the need for a system engineering approach to adapt these assets to the demanding defence and cyber resilience requirements – addressing the complexity of the digital battlefield – is even more pressing.

Other design characteristics that need to be taken into account when developing cyber resilience for unmanned and autonomous systems are inter alia interoperability, data integrity, the existence of secure and robust back-up communications and protection against electronic warfare. Moreover, cutting-edge autonomous systems require secure inter faces to permit software corrections and updates whenever needed. Configuration control and risk mitigation in the supply chain are also crucial to avoid compromising security.  

Autonomous agents to enhance cyber defence

Cyber resilience is thus a key requirement for autonomous systems in general, and in the defence domain in particular.

On the other hand, autonomous agents – specialised digital artefacts – are increasingly used to enhance cyber defence and, many experts believe, they will even become irreplaceable in the future.

Some autonomous cyber defence tools using intelligent agents already exist today, monitoring network activities and ready to trigger immediate action when anomalous behaviour is detected. Early malware detection, crucial for cyber risk mitigation, is considered a high-potential activity in which autonomous systems shaped like intelligent agents deployed in cyberspace could excel in the future. The advantage is to provide a prompt response to achieve an agile secure architecture of the network.

That being said, more research and development work needs to be done to optimise the use of autonomous cyber tools in the future.

First and foremost, there is still a lack of unbiased datasets required for autonomous systems which need data sets to learn to adapt their behaviour. Indeed, the quality and efficiency of autonomous cyber protection systems rely on the type of programming and training which are installed on them prior to their deployment. Despite years of research into AI, generating an ‘unbiased’ training dataset is still a major challenge. Consequently, the performance of autonomous agents is in direct proportion to the data they are fed with. This lack of data becomes of even greater concern when it comes to military applications because generating data sets deemed accurate enough to represent realistic warfare scenarios is an even more complex undertaking.

In addition to that, there are numerous other technological, procedural and human related challenges to overcome. Take, for instance, the learning aspect. “The growing use of autonomous systems by Armed Forces automatically puts a stronger emphasis on human-machine teaming”, underlines Salvador Llopis Sanchez. Operators and military commanders will therefore need to understand and come to terms with the restricted influence they will have on the course of action in operations, especially in situations where human intervention is reduced to a minimum.

It is therefore essential to make sure military commanders decide in advance on the level of autonomy they are willing (or can afford) to accept, as part of the concept of operations. Whatever decision is taken, the military commander should always maintain the option to intervene during an operation to change (upgrade or degrade) autonomous functionalities in line with the previously agreed mission objectives.

Cyber-supported situational awareness

Situational awareness is required to take decisions in real time. “Cyber-supported autonomous systems could become paramount to provide this enhanced situational awareness”, says Salvador Llopis Sanchez. In the future, we might see autonomous systems react to unpredicted scenarios (such as degraded or contested electromagnetic environments) and automatically apply ‘spread spectrum’ techniques. Due to the increased data flows coming from remote sensors (belonging to what could be defined as the ‘Defence Internet of Things’), massive amounts of data must be filtered and processed to provide actionable information. 

Cyber-supported situational awareness will likely become part of military operations’ command and control information systems. To that end, a decision support mechanism for cyber operations will assist military commanders in their understanding of the implications of cyberspace, proposing remediation plans to achieve mission assurance. Artificial Intelligence, too, is expected to have a massive impact on future cyber risk mitigation. AI techniques have already been extensively explored for advanced malware detection tools and the prediction of cyber-attacks.

EU Capability Development Priority

The potential benefits that European Armed Forces could draw from the use of cyberresilient autonomous systems have also been recognised by EU Member States. One of the 11 EU Capability Development Priorities approved by Member States in June 2018 is called ‘Enabling capabilities for cyber responsive operations’. Therein, the wider cyber domain is identified as a key area where Europe needs to enhance its defence capabilities, taking into account that each operational domain (land, air, sea, space) has its own cyber-related challenges.

Cyber defence research and technological development has been identified as one of the key areas for action, including research topics on self- configured net works, automated cyber resilience or architecture agility in cyber defence.

One of the challenges of OCEAN2020 – a technology demonstrator for enhanced situational awareness in a naval environment under the Preparatory Action on Defence Research, is to encrypt and apply cyber security measures to exchange classified information. The aspects to be addressed are linked with multi-sensor information  fusion and information exchange mechanisms.

This is an underlying problem which might be related to more sophisticated multi-level security systems and secure gateways to connect different information classification levels. In the past, a Network Enabled Capability (NEC) required similar innovative solutions to be adopted.

To allow for deeper insight into the cyber defence aspects of autonomous systems, EDA will promote best practices in system engineering framework for cyber operations through its ‘Cyber Defence Requirements Engineering (CyDRE)’ study expected to be launched in late 2018. The goal is to avoid the design and development by Member States of their own cyber defence systems in complete isolation, which would result in disjointed and uncoordinated systems, applications, services, standards, vocabularies and taxonomies. In the past, attempts to solve this problem were often hindered by a lack of mutual understanding due to the missing common approach to cyber defence systems engineering.