In January, Shift5 announced it was awarded a multiple-award ID/IQ contract to compete for orders under a $950,000,000 ceiling to enable the Department of Defense’s (DOD) Joint All Domain Command and Control (JADC2) with its OT cybersecurity solution.
The innovative acquisition program, spearheaded by The Advanced Battle Management System (ABMS), is designed to enable “Air Force and Space Force to operate together and as part of a joint team – connecting sensors, decision makers and weapons through a secure data network enabling rapid decision making and all-domain command and control,” according to the Air Force.
Acquisitions made by DOD agencies through ABMS – like Shift5 – are designed to bring cutting edge technology to warfighters. Such modernization efforts will enable JADC2 to exceed the pace of evolution from military adversaries.
For more on why Shift5 pursued the AMBS ID/IQ award and what it will contribute, read this Q&A with Shift5 co-founder and CEO Josh Lospinoso (JL):
Q1: What capabilities will Shift5 bring to ABMS?
JL: In a nutshell, Shift5 will bring observability and resilience to DoD weapon systems through access to operational technology (OT) data.
The intent of the Air Force’s ABMS program is to collect sensor data across the battlefield in all domains, and centralize it to speed up the timeline in which a commander can make a data-informed decision. This type of capability brings advantages to troops on the ground and has been an all-but-futuristic wish list item, until now.
Before I explain, I want to address a few facts about weapon systems:
-
Onboard OT generates mountains of data. Tanks, fighter jets, unmanned aerial systems, and other weapon systems contain thousands of OT components. Widgets like GPS, engine and transmission controllers, onboard diagnostic units, and weapon system controls constantly emit real-time data. Taken together, OT components on weapon systems create vast swaths of data.
-
Operators have traditionally been locked out of onboard OT data. Lacking the ability to see the data that flows through onboard OT networks means that weapon systems operators can’t tell when systems are running as desired, if there’s a maintenance issue, or if there is a more nefarious cyber incident unfolding.
-
Onboard OT data tells an actionable story. When an operator has logged enough hours of OT data, they can develop a baseline that indicates “normal” operations. At the appearance of an “abnormal” event, an operator is armed with information to determine if action should be taken to mitigate potentially harmful consequences. This data can be collected and transformed into useful real-time intelligence.
OT data can give weapon system operators a wealth of information about the operational and cybersecurity health of their fleet assets. Without access to OT data, operators lack situational awareness that would allow them to make effective decisions to keep weapon systems secure and reliable. Shift5 brings the following capabilities to any ID/IQ contract under ABMS:
-
Capture all OT data: Shift5 captures all data crossing onboard serial bus networks and detects anomalies in real-time, directly on the vehicle.
-
Detect anomalies: We layer rules-based detection for known attacks with advanced machine learning and analytics-based methods to find anomalies for new attacks that lack a specific fingerprint. Shift5 increases detection rates by continually writing signatures and rules for observed attacks. The more data Shift5 collects, the better it defends.
-
Centralize data: Data collected from vehicles across the fleet is centralized for analysis that can support threat hunting, operational efficiency, or incident response.
-
Hunt threats and identify suspicious behavior: Armed with large amounts of weapon system network data collected over time, threat researchers can model, test, and proactively hunt for new threats before they do damage.
-
Create new intelligence: Intelligence created through analysis of the aggregated fleet data is fed back to the vehicles so anomaly detection is continuously improved.
Shift5 unlocks data from the OT layer that controls planes, tanks, and other weapon systems. With access to OT data, weapon systems operators can gain visibility, detect threats, and maintain resilience of their weapon systems. Situational awareness at the OT level allows operators to make rapid decisions about their most expensive assets, at the speed of relevancy.
Q2: Why is ABMS prioritizing OT visibility for weapon systems today?
JL: In February, CISA issued an alert advising that Russian state-sponsored actors targeted and obtained sensitive data on U.S. weapons platforms. This is shocking, but unsurprising news. The digital blueprint of a weapon system reveals useful intelligence to an adversary, including the types of OT components in a system, the layers of cybersecurity protection it contains, and digital strengths and weaknesses in the asset. Weapon systems are so interconnected that we can think of them as larger-than-life computers, constantly generating and producing useful data.
Gaining visibility into weapon systems at the OT layer enables operators to improve cybersecurity and increase operational efficiency. Weapon systems have a long lifecycle, and the length of their change cycles means that any insecurities in the OT layer create a long window of exposure and vulnerability. Many operators are locked out of the data flowing through the OT layer of their weapon systems. Without visibility into OT, a malicious actor could penetrate a network, manipulate data, prevent components or systems from operating as desired, all without knowledge of the operator. This is a risk no weapon system operator should accept. In an era where malicious actors see OT as an increasingly attractive attack surface, it’s imperative that operators have full visibility and control over their OT.
Q3: Why pursue an ID/IQ contract through ABMS?
JL: The ABMS contract is central to how the DOD develops a unified operating system across all domains: air; land; sea; space; cyber; and electromagnetic spectrum. Pursuing an indefinite-delivery/indefinite-quantity (ID/IQ) contract gives us the ability to scale with demand. Shift5 is a dual-use company, and we improve our technology with every commercial and federal contract. The ID/IQ contract through ABMS gives us a route to navigate the federal contract process with more ease, avoiding The Valley of Death many startups face. Our recent work to bring visibility and security capabilities to the federal government, includes our work with DOD, and gives a snapshot into the momentum Shift5 will continue to gain in the federal space.
Q4: What is Shift5’s ultimate goal in participating in ABMS?
JL: At Shift5, our mission is to defend the world’s fleets from cyberattack. Bolstering national security is the steel thread running through the formation of Shift5 to the decisions we make as a company today. Participating in ABMS allows us to get a step closer to fulfilling our mission and allows us to empower military defenders with the tools they need to take informed action at the speed of relevance. Shift5’s technology helps solve a hard national security problem, and we’re excited that we have the opportunity to make an impact.
Shift5 provides real-time visibility and detection for onboard networks that power tanks, helicopters, drones, and other weapon systems to deliver comprehensive protection for today’s military platforms. DoD weapon systems run smarter, safer, and more efficiently with less risk from cyber attack with Shift5. For more information about Shift5’s technology and operational intelligence for weapon systems, visit Shift5 for Defense. Follow Shift5 on Twitter and LinkedIn, and sign up for our newsletter for the latest in Shift5 news.