UNMANNED AERIAL SYSTEM RISK MANAGEMENT DECISION MATRIX
Loading...
Authors
Daponte, Aaron M.
Maguire, Gregory A.
Roldan, Calvin J.
Subjects
cybersecurity
decision matrix
unmanned aerial system
decision matrix
unmanned aerial system
Advisors
Van Bossuyt, Douglas
Hale, Britta
Date of Issue
2020-06
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
The Department of Defense (DOD) lacks a suitable method for identifying and managing the cybersecurity risks associated with commercial off-the-shelf (COTS) unmanned aerial system (UAS) use. With no method in place to mitigate the cybersecurity risk, the DOD suspended the purchasing and use of COTS UASs in a memorandum by the deputy secretary of defense on May 23, 2018, until a strategy was developed to mitigate the known cybersecurity risks and vulnerabilities. This research establishes a method to identify and mitigate the cybersecurity risk of COTS UASs at the tactical level. The chosen method was a cybersecurity risk-management decision matrix that would help produce a risk assessment to help tactical operators make informed operational decisions. More specifically, an architecture, method, and processes were developed for commands to be able to create their own risk matrices. Utilizing a systems engineering approach, the UAS was broken down into subsystems to help identify potential cybersecurity vulnerabilities. These vulnerabilities were then used to create inputs to the matrix that would assign an output risk that tactical operators could use to make real-time decisions. The matrix was then validated using the National Institute of Science and Technology (NIST) framework.
Type
Thesis
Description
Includes supplementary material
Series/Report No
Department
Systems Engineering (SE)
Systems Engineering (SE)
Systems Engineering (SE)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release. distribution is unlimited
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.