Email this Article Email   

CHIPS Articles: MCTSSA ‘good guys’ hack LAV cyber system

MCTSSA ‘good guys’ hack LAV cyber system
By Sky M. Laron, Marine Corps Tactical Systems Support Activity - March 26, 2018
CAMP PENDLETON, Calif.—As the Nation’s preeminent expeditionary force, U.S. Marines are bringing more to the battlefield than overwhelming firepower and a fighting spirit. They are bringing sophisticated command, control, communications, computers and intelligence, or C4I, systems too. /

U.S. Marines with Marine Corps Tactical Systems Support Activity completed the first-ever extensive adversarial cyber testing of the Light Armored Vehicle, or LAV, at MCTSSA headquarters aboard Marine Corps Base Camp Pendleton Feb. 9.

The primary goal of the event was to identify any cyber vulnerabilities in the LAV and assess the potential mission impact of a vulnerability, said Capt. Brian Greunke, MCTSSA network test engineer.

“We looked at how we can disrupt the mission,” said Chim Yee, MCTSSA cyber engineer.

Adversarial cyber testing provides critical information for risk management and vulnerability mitigation, said Yee.

“As vehicle platforms change vehicle control from a purely mechanical form to a digital form, the surface area for attacks increases significantly,” said Greunke.

Greunke cited examples in the commercial sector where hackers gained access to various SUV platforms via wireless or Bluetooth capability. The Hackers planted exploit code into the vehicles’ internal computer network, taking control of physical components like the engine and wheels.

“Vulnerabilities in vehicle systems can have a very immediate, very kinetic impact,” said Greunke. “This differs from historical computer system vulnerabilities, which may have delayed or abstract impacts.”

It does not require much imagination to see the very real threat of enemy forces gaining cyber control of friendly warfighting assets, which is why the work of the MCTSSA cyber team is so relevant.

“Adversarial testing within the developmental phase can more thoroughly assess technical vulnerabilities at a stage where the program office can prioritize and address any discoveries,” said Greunke.

Future events will likely combine aspects of vehicle network analysis with more traditional computer network-based analysis, said Greunke.

“As vehicle platforms add computing power, think a Windows 10 laptop controlling comms or engine diagnostics, the attack surface will include: Windows attacks, vehicle network attacks, and proprietary hardware attacks,” said Greunke.

Test teams will need an understanding of each of these domains and an understanding of how to attack between domains, Greunke said.

The technical assessment was a requirement from the program manager for the Light Armored Vehicle, or PM LAV, at Marine Corps Systems Command.

Using the knowledge base of MCTSSA experts helps ensure LAV systems are not vulnerable to exterior influence, said Maj. Christopher Dell, PM LAV operations officer.

MCTSSA, the only elite full-scale laboratory facility operated by the Marine Corps, is a subordinate command of MCSC. MCTSSA provides test and evaluation, engineering, and deployed technical support for Marine Corps and joint service command, control, computer, communications and intelligence systems throughout all acquisition life-cycle phases.

Marine Corps Tactical Systems Support Activity personnel conduct cyber vulnerability testing of the Light Armored Vehicle, or LAV, at MCTSSA headquarters aboard Marine Corps Base Camp Pendleton, California Jan. 30. From left: Maj. Derek Swenningsen, air fires systems engineering branch head; Maj. Ryan Richter, technical support officer; Chim Yee, cyber engineer; Capt. Brian Greunke, network test engineer.  U.S. Marine Corps photo by Sky M. Laron
Marine Corps Tactical Systems Support Activity personnel conduct cyber vulnerability testing of the Light Armored Vehicle, or LAV, at MCTSSA headquarters aboard Marine Corps Base Camp Pendleton, California Jan. 30. From left: Maj. Derek Swenningsen, air fires systems engineering branch head; Maj. Ryan Richter, technical support officer; Chim Yee, cyber engineer; Capt. Brian Greunke, network test engineer. U.S. Marine Corps photo by Sky M. Laron
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer