As critical infrastructure becomes more sophisticated and complex, it becomes more difficult to defend against cyber threats while ensuring systems work at peak efficiency. Smart cities need to orchestrate autonomous cars and touchless tolls. Power grids are evolving into bi-directional meshes delivering and receiving power from businesses and consumers. Smart buildings need to work with multiple tenants with diverse incompatible utility and security systems. Such critical infrastructure systems are under constant cyber surveillance and overt attacks by sophisticated cyber adversaries.
For a solution, managers of smart cities, power grids, building systems, and other distributed infrastructures can borrow from the US Navyâs playbook, where digital engineering and cloud computing are helping protect the mission-readiness of ships deployed around the globe.
Keeping a surface ship or submarine in fighting shape on the high seas is challenging. Conditions are unforgiving, mission demands are high, and backup or spare equipment can be thousands of miles away. When things go wrong across any of their complex IT or OT systems, the ship must still fulfill its missions. The Navy uses digital engineering to build in and ensure resilience so systems-of-systems can âwork hurt,â continuing to operate during and after physical or cyberattacks.
Digital modeling to identify and mitigate vulnerability risks
The US Navy creates digital twins of their ships and land-based systems through Model-Based Systems Engineering (MBSE). This approach enables the Navy to simulate, analyze, and optimize the performance and maintenance of their systems before and after they are built or modified, ensuring that potential performance or vulnerability issues can be identified and proactively addressed.
Digital twins are virtual replicas of physical systems, created using design data and augmented with sensor data and operational models to mirror the life of their physical counterparts. These models are used today to optimize design and technology insertion, address compatibility issues, improve reliability, and âbake inâ cyber resilience. This provides a complete understanding of how the performance of each shipboard system affects the shipâs entire mission capabilities.
Applying MBSE digital models to infrastructure system-of-systems, like a smart city, would transform urban management. By developing digital twins for interconnected transportation, utilities, public services, and communications systems, city planners and managers could predict how changes in one system can affect another, understand the impacts of potential cyberattacks, and optimize the efficiency and sustainability of the infrastructure.
Moreover, MBSE can facilitate rapid integration of new technologies into the infrastructure, such as IoT devices and sensors, autonomous vehicles, and AI-driven services. An MBSE-enabled approach can help make infrastructure more responsive and adaptive to the changing needs of constituents. The US Navy is using MBSE together with integrated threat intelligence and system vulnerability data and operational thread modeling to help keep ships mission ready in the face of cyberattack. The predictive capabilities of digital twins can also optimize energy use, traffic monitoring and waste management, and emergency response strategies. Simulations of urban technology can enable proactive planning to mitigate cyber-attacks, natural disasters and major system failures.
Cloud-based defense for up-to-date cybersecurity, resource availability
The Navy is several years into an organization-wide push to move computing to the cloud. They are motivated, in part, by the cloudâs cybersecurity advantages and quick deployment of extra resources when needed, coherence across widely dispersed assets, and the ability to quickly deploy the latest protections and fixes across their assets.
The Navy’s cloud computing framework allows for the dynamic allocation of resources to meet varying demands. When faced with a denial-of-service (DoS) attack, the Navy can instantly scale up computational resources without hardware expansion or transparently move computing resources to a cloud data center in a different geographic region. This elasticity is crucial for maintaining operational tempo, maximizing availability, and ensuring that missions are not thwarted.
Moreover, with widespread assets and personnel, a unified computing environment helps make certain that all units can access the same information and tools. Cloud computing facilitates this through centralized repositories of data and applications that can be securely accessed from anywhere. This coherence ensures the coordination of actions. Smart buildings have a parallel need as they coordinate defenses with those in the systems of tenants and third-party service providers.
The cloud also helps maintain the Navyâs cybersecurity by ensuring that updates, patches, and new security protocols can be rolled out quickly and uniformly across the entire network. This ensures that all components of the digital infrastructure are protected against the latest threats, reducing vulnerabilities, and enhancing overall security posture. Upgrade cycles are also implemented to more quickly address obsolescence, bring new capabilities to the infrastructure, and adapt to new threats as they emerge.
For smart cities, the cloud can integrate screens and sensors to allow data collection and management systems to handle large volume data intake, react in real-time to changing conditions, and ensure the security of both digital and physical assets. In the case of power grids, cloud-based solutions can help balance loads, predict demand surges, manage outages more efficiently, and protect against cyber threats.
Moreover, as smart buildings, cities and power grids become more interconnected, cloud computing can offer a unified platform to manage these interdependencies. Real-time data analytics and machine learning models hosted in the cloud can optimize performance and predict system failures before they occur, enhancing reliability and reducing downtime.
More powerful posture monitoring to anticipate, mitigate threats
The Navy is also improving cyber protection by connecting system-wide MBSE models with real-time threat databases. This allows continuous cyber posture monitoring of every system and subsystem to anticipate, identify, and mitigate against potential threats dynamically and proactively. Just as this methodology is being employed across large scale, multi-platform Navy enterprises, smart infrastructure can benefit from sophisticated tools like these.
Automated linkages between digital twins and real-time cyber threat databases can help infrastructure managers visualize how their systems can respond to an actual attack. Simulations of potential breaches enable managers to understand where vulnerabilities exist, and how they can be exploited and mitigated. Advanced warning systems can enable the deployment of defenses and hardening strategies to inoculate the infrastructure against the current threat landscape.
The connected MBSE models and threat databases can be used to train infrastructure personnel through simulations and visualizations of realistic scenarios. Cybersecurity teams can create and run drills informed by real-world data, enhancing their organizationâs readiness and ability to respond to realistic cyber incidents.
The integration of MBSE digital twins with real-time cyber threat databases enables the proactive monitoring and response to cyber threats but also offers tremendous potential for smart infrastructure management. Real-time visualizations of attacks, simulations of breaches, and facilitation of advanced training through realistic scenarios can make MBSE a pivotal tool in the modern infrastructureâs cyber defense arsenal. This dynamic and comprehensive approach fortifies security while also opening the door to explore the full power of MBSE to safeguard our digital world.