I/ITSEC NEWS: Air Force Tackles Cyber Challenges with 'SCARS' Program

iStock photo

ORLANDO, Fla. — The Air Force is working to better protect its fleet of simulators from cyber attacks and intrusions through a new set of key requirements and standards, officials said Nov. 30.

The simulator common architecture requirements and standards, or SCARS, program, is the service's first step in creating an architecture where it can add data guidelines and connectivity across its simulators, said Air Force Maj. Gen. Albert Miller, director of training and readiness, deputy chief of staff for operations.

“If you've looked at the simulators that we've had in the Air Force over the last few decades, it has not been one enterprise approach. It has been [a] very stovepiped, weapon system-centric approach,” he said during remarks at the National Training and Simulation Association’s annual Interservice/Industry Training, Simulation and Education Conference in Orlando, Florida. NTSA is an affiliate of the National Defense Industrial Association.

“They don't talk well together. And when we do network them together, it is very hodgepodge,” he added.

Through SCARS, the Air Force is trying to create an open architecture, he said. That will allow its weapon systems to train together in virtual and synthetic environments.

Col. John Kurian, the Air Force’s senior materiel leader for simulators at the Air Force Life Cycle Management Center, said cybersecurity requirements and standards are the first piece of the program.

“Our first emphasis with SCARS was really cyber,” he said. “We've begun that effort with cyber encrypted resilience [and] rolling off the cyber standards.”

Cyber integration is poised to become an increasingly difficult and complex challenge as companies build new systems with a range of software and hardware components, he noted.

“Industry is always innovating, developing all these great solutions, but there is … a cyber process that we have to go through in order to go adapt it for military application,” Kurian said.

Lt. Col. Drew Frazier, who works at the simulator division at the Air Force Life Cycle Management Center, said SCARS is the next step in the evolution of the training enterprise.

The program will enable the service to more quickly implement cybersecurity improvements and hopefully reduce the cost associated with a major cyber incident, he said.

“The cyber threat is ever-changing. If we can have everyone utilizing SCARS standards, ... we can more rapidly roll-out cyber patches and upgrades across the enterprise," he said.

Through SCARS, companies building new capabilities and applications will be able to design toward a certain standard and will be able to be more rapidly integrate their systems into simulators, Frazier added.

SCARS will offer efficient cybersecurity with centralized cyber maintenance for vulnerability scans, patches and anti-virus systems, according to Frazier’s slide presentation. It will also significantly reduce training system downtime for quicker maintenance and faster authorization to operate, or ATO, decisions.

The Air Force recently stood up a security operations center in support of SCARS in Orlando, he noted. In September, the center conducted its first cyber scan.

“That was a big deal — a very big deal,” he said. "That was years in the making.”

Topics: Air Force News, Training and Simulation