Vfortified Instrumented Bus Reliability Activity Net Tracker
What is it: VIBRANT is defensive cyber technology that will monitor mission-critical cyber-assets, using novel machine learning techniques, to identify in near real-time, any anomalous behaviors in these assets that might be indicative of attack, misconfiguration, or misuse.
Why we need it: VIBRANT will greatly improve the resiliency of mission-critical cyber-assets and embedded systems functionality by detecting, visualizing and mitigating real time anomalous cyber events on avionics, sea and land-based DoD weapon systems. VIBRANT is already proving that the cyber-resiliency and integrity of the 1553 and 429 busses can only be accomplished by real-time monitoring and mitigation capabilities. To protect our most important weapons systems, VIBRANT developers are striving to provide the following capabilities and benefits:
Technical Innovation: VIBRANT utilizes state-of-the art machine learning techniques to identify cyber-events within the metric streams and aligns these events to the lifecycle of a cyber-attack.
Key capabilities:
System objective: The objective is to adapt an appliance to operate as both a MIL-STD-1553 and ARINC-429 bus monitor/recorder, installed in a System Integration Laboratory (SIL), before a proposed avionics box swap, and after the box swap, to garner data for analyzing how the newly swapped-in avionics Remote Terminal (RT) is performing. We will provide analysis and reporting detailing what has changed, and if there are any indicators of unacceptable changes. These capabilities will be enhanced and tailored to monitor bus traffic on multiple DoD and Commercial avionics platforms to provide near real time visualization of anomalies and potential mitigation functions.
Why VIBRANT: To ensure the correct use of a platform’s ICD to ensure that all specified messages mirror the ICD and are being loaded correctly including the following:
We intend to provide a foundation for machine learning on a platform/mission level to support anomaly discovery using the following paradigm:
Finally, the foundation will provide for an open SIL, based on actual flight data to improve and increase the speed of trouble shooting and vulnerability mitigation which can also be used to support evidence-based aviation and cyber certification.
Who Cares: Developing in a government approved SIL will provide maximum transition and reuse opportunities for the AF, DOD, and even FedGov agencies. The main beneficiary of VIBRANT is the OSD’s DOT&E, mandated to provide independent and objective assessments so that our soldiers, sailors, airmen, and marines believe in their equipment and weapons, and are confident they are combat ready. Testing early and often is a critical aspect of ensuring warfighters have combat credible systems at the speed of relevance. I am committed to ensuring that testing is relevant to the acquisition process. To that end, DOT&E’s initial focus areas are:
Since VIBRANT is designed to improve resilience of just such life-critical mission functions, it is essential to target the R&D deliverables to this most-critical environment, allowing easy extension to other functions such as combat support and global mobility. The Air Force Research Laboratory will function as the research arm responsible for assuring the technical feasibility of VIBRANT as well as serving as the accreditation intermediary. This affiliation is important as VIBRANT looks to enable the future of Cyber operations while assuring a viable environment for transition to weapon systems within the operational commands (e.g., ACC, AMC, etc.).