Signed in as:
filler@godaddy.com
Signed in as:
filler@godaddy.com
IAA | iaaspace.org
Abstract: Space situational awareness and planetary defense would likely receive additional private and governmental resources if public company disclosures reported extensive space-related risks. This paper analyzes trends and potential omissions in publicly listed company space-related disclosed risks such as space access, solar flares, space debris, terrestrial loss of space-system capabilities, and spectrum conflicts. A partial explanation for underreporting includes reliance on historical precedence for risk identification, materiality, and treatment. As space-related risks are realized in the coming years, corporate disclosure of associated risks may increase in a similar fashion to other risk categories that rapidly grow after a first instance is recognized. Another factor is the perception that cis-lunar space is a global commons and can therefore be misconstrued as costless. As the use of other global commons gain attention, such as carbon emissions in the atmosphere and resource use in international waters, increased scrutiny of space commons risks could occur.
National Academies: National Library of Medicine | ncbi.nlm.nih.gov
Abstract: The COVID-19 pandemic escalated supply chain vulnerabilities that affect almost every sector of the economy. In October and November 2021, the Government-University-Industry Research Roundtable (GUIRR) of the National Academies of Sciences, Engineering, and Medicine convened a number of virtual workshops for its membership and invited guests to discuss opportunities for enhancing U.S. approaches to addressing manufacturing and supply chain challenges through partnerships and cross-sector collaboration. In convening experts and leaders from across sectors and disciplines, GUIRR provided a forum for dialogue on policy priorities for consideration by leaders across the research enterprise. This publication summarizes the presentation and discussion of the workshop series.
AIAA ASCEND | aiaa.org
Abstract: When developing the technical and social governance for permanent space settlement there is a greater requirement for resilience than in even the most complex and long-duration manned space mission to date. There is an enormous body of knowledge and practice in space system risk management including Risk Informed Decision-Making and Continuous Risk Management. However, the complexity and timeframe of permanent space settlements (e.g. Moon Village and manned asteroid mining operations) justifies more than a traditional Risk Management (RM) approach. By incorporating a Resilience Improvement (RI) process in addition to RM a more enduring settlement can be developed. This paper outlines a method to use a combined RM/RI process to maximize safety, cost, schedule, technical, and quality outcomes. RM’s mitigations and RI’s adaptability complement each other. By executing each process in parallel and adjudicating the results based on principles, objectives and costs the results can be balanced between optimization for known scenarios and preparation for unknown situations.
ISC2 Taskforce | ISC2
Abstract: ISC2 convened an international volunteer task force to examine cybersecurity supply chain challenges. A key theme was the challenge around information sharing and how to increase the benefit to wider communities, notably small to medium-sized organizations, which are acutely impacted by the shortage of skilled cybersecurity professionals. The working group adopted NIST’s definition of cyber supply chain risk management (C-SRM), as “the process of identifying, assessing, preventing and mitigating the risks associated with the interconnected nature of Information and Communications Technology product and service supply chains.” This covers the entire lifecycle of ICT, software and information assurance, encompassing traditional supply chain management and security practices.
The task force noted that while there are a variety of resources describing emerging or good practices in supply chain risk management, approaches still vary. There is a lack of established guidance for supply chain risk management with collaborative information sharing included. It’s perhaps self-evident that information sharing is a critical part of supply chain security, but what information should be shared, with whom and how?
IEEE Conference Publication | IEEE Xplore
Abstract: Standard cyber security practices that help to protect data's integrity while at rest, transit, and processing are susceptible to insider threats. In order to resist these insider threat vulnerabilities the data must be verifiable. One way to verify the integrity of Automated Test System (ATS) test results is to use measurement digital watermarking. This method is particularly appropriate to ATS test results because test reports are usually unencrypted when saved and printed. Measurement digital watermarking embeds identifying verification data in available locations within the test result stored data. The identifying verification data is developed using hash functions with dynamic salting. The available locations are found in the insignificant digits of analog measurements. In addition, a method of digitally watermarking test reports consisting of all digital tests by using font variation is described. Using these techniques does not protect test results from tampering but it does allow for detection of tampering and invalid test results. Since ATS results are used in determining avionics airworthiness the integrity of the results is an important component of aviation safety.
IEEE Conference Publication | IEEE Xplore
Abstract: To reap the benefits of prognostic health management, intelligent Test Program Set (TPS) diagnostic reasoning, and remote TPS configuration management Automated Test Systems (ATSs) must be networked in spite of increasing cybersecurity concerns. Traditional cybersecurity tools such as Intrusion Prevention Systems (IPS), firewalls and antivirus software are continuously proven vulnerable to the increasing sophistication of bad actors and insider threats. In addition, these software security appliances and their recurring updates can be burdensome to TPS development and interfere with TPS performance.
IEEE Conference Publication | IEEE Xplore
Abstract: The Cyber Diode uses animated 2D barcodes to create ad hoc mobile networks with data diode and robust error correcting properties. It is displayed on a broadcasting device and read by a physically separated receiving device serving as unidirectional optical communication. Data rate and error correction are evaluated. The communication method has beneficial information assurance properties, is well suited for Augmented Reality, and can reduce the cost of sustaining fleets of systems. Cyber Diode use cases are catalogued (including out of band networking for sustainment, device location concealment, and social media privacy infringement and censorship mitigation) and alternate comparable communication methods are reviewed.
IEEE Conference Publication | IEEE Xplore
Abstract: Automated Test Systems (ATSs) can join the Internet of Things (IoT) at multiple layers and benefit both the overall IoT concept as well as advance the goals of ATSs. Logistics and sustainment are traditionally brought into the IoT conversation through asset tracking, transportation, and Health and Usage Monitoring Systems (HUMS). However the IoT has additional aspects that can be related to logistics information systems and automated test.
ATSs are applicable in all layers of the IoT: sensing, networking / communications, and applications. An ATS can be a sensor in the IoT serving to inform sustaining engineering, product support management, maintenance planning, and supply chain decisions through its test and diagnostic data. In addition, many ATSs consist of a network of instrumentation and measurement devices that can serve as part of the IoT network / communication layer. And finally an automated test and diagnostic application can be used in the IoT to expand the scale of testing beyond standard automated test capability. This paper describes and analyzes the implementation of Automated Test Systems in all three IoT layers.