Lub Pentagon txoj kev tawm tsam kom ntseeg tau tias software ruaj ntseg yuav tsis yooj yim dua
NurPhoto ntawm Getty Images
Hauv kev tiv thaiv hauv tebchaws, kev xa khoom yuam kev, thaum pom tias lig dhau lawm, tuaj yeem loj heev thiab nyuaj rau kov yeej. Thiab tseem, Pentagon tsis txaus siab heev los siv ntau qhov kev tshawb nrhiav pom, cov txheej txheem kim kim ntawm kev soj ntsuam cov neeg cog lus lees paub.
Tab sis qhov tsis muaj "kev ceev faj ceev faj" tuaj yeem muaj tus nqi loj. Hauv kev tsim cov nkoj, cov hlau tsis muaj qhov tshwj xeeb - cov khoom tseem ceeb - tau siv rau hauv US Navy submarines rau ob xyoo lawm ua ntej Pentagon paub txog cov teeb meem. Tsis ntev los no, tawm-ntawm-kev qhia tshwj xeeb shafting nyob rau ntawm ntug dej hiav txwv Guard's Offshore Patrol Cutter yuav tsum tau ntsia thiab tshem tawm-Qhov kev txaj muag khib nyiab ntawm lub sijhawm thiab nyiaj txiag rau ob tus neeg cog lus thiab tsoomfwv cov neeg siv khoom.
Yog tias cov teeb meem no raug ntes tau ntxov, lub sij hawm luv luv rau cov txiaj ntsig lossis lub sijhawm yuav muaj ntau dua li kev puas tsuaj loj ntawm kev ua haujlwm tsis zoo thiab lub sijhawm ntev ntawm cov saw hlau tsis ua haujlwm.
Muab lwm txoj hauv kev, cov neeg xa khoom tuaj yeem tau txais txiaj ntsig los ntawm kev sim sab nraud thiab nruj dua - lossis txawm tias tsis sib xws - kev sim ua raws.
Fortress Information Security tus tsim Peter Kassabov, hais lus ntawm a Kev Tiv Thaiv thiab Aerospace Report podcast Ua ntej lub xyoo no, tau sau tseg tias tus cwj pwm hloov pauv thiab ntau tus thawj coj tiv thaiv zoo li yuav pib saib "ntawm cov khoom siv khoom siv tsis yog tsuas yog ua kom muaj txiaj ntsig xwb, tab sis kuj yog qhov muaj feem pheej hmoo."
Txoj cai tiv thaiv tseem tab tom tsim. Tab sis kom tau txais cov tuam txhab los ua qhov kev soj ntsuam cov khoom lag luam tseem ceeb dua, cov tuam txhab yuav ntsib kev txhawb siab ntau dua, kev nplua loj dua - lossis tej zaum txawm tias qhov yuav tsum tau ua kom cov thawj coj ntawm cov neeg cog lus tseem ceeb yuav tsum tau them tus kheej rau kev puas tsuaj.
Nws yog ib qho nyuaj txaus los xyuas kom meej cov khoom ruaj khov. Software kev ncaj ncees yog even.harer.
Copyright 2022 The Associated Press. Tag nrho cov cai
Kev Ua Raws Li Txoj Cai Qub Ua Raws Li Cov Hom Phiaj Qub
Dab tsi ntxiv yog tias Pentagon cov khoom siv sib txuas ua raws li lub hauv paus, xws li nws yog, tseem tsom ntsoov rau kev ua kom lub cev muaj kev ncaj ncees ntawm cov khoom siv hauv paus. Thiab thaum lub sijhawm Pentagon qhov kev tswj xyuas zoo tam sim no tsis tshua muaj peev xwm ntes tau pob zeb, teeb meem ntawm lub cev, Pentagon yeej tawm tsam los tswj hwm tam sim no Lub Tsev Haujlwm Saib Xyuas Kev Tiv Thaiv Kev Ncaj Ncees rau cov khoom siv hluav taws xob thiab software.
Qhov nyuaj ntawm kev ntsuas hluav taws xob thiab software kev ncaj ncees yog qhov teeb meem loj. Niaj hnub no, cov iav thiab software siv hauv tub rog "lub thawv dub" yog qhov tseem ceeb dua. Raws li ib tug Air Force General piav qhia hauv 2013, "B-52 nyob thiab tuag ntawm qhov zoo ntawm nws cov ntawv hlau. Niaj hnub no peb lub dav hlau yuav nyob lossis tuag ntawm peb cov software zoo. "
Kassabov hais txog qhov kev txhawj xeeb no, ceeb toom tias "lub ntiaj teb hloov pauv thiab peb yuav tsum hloov peb txoj kev tiv thaiv."
Muaj tseeb tiag, thaum "laus-fashioned" bolt-thiab-fastener specifications tseem yog ib qho tseem ceeb, software yog tiag tiag nyob rau hauv lub hauv paus ntawm yuav luag txhua niaj hnub riam phom tus nqi proposition. Rau F-35, riam phom hluav taws xob thiab cov ntaub ntawv tseem ceeb ntawm kev sib ntaus sib tua thiab kev sib txuas lus rooj vag, Pentagon yuav tsum tau ua kom zoo dua rau Suav, Lavxias lossis lwm qhov kev koom tes tsis zoo rau software tseem ceeb tshaj li qhov nws yuav muaj nyob rau hauv kev tshawb pom ntawm qee cov khoom siv hauv Suav teb.
Tsis yog hais tias lub teb chaws cov ntsiab lus ntawm cov yam ntxwv yam tsis muaj qhov tseem ceeb, tab sis raws li software formulation ua complex, txhawb los ntawm ubiquitous modular subroutines thiab qhib-qhov tsev blocks, lub peev xwm rau mischief loj hlob. Muab lwm txoj hauv kev, cov khoom siv suav nrog Suav yuav tsis nqa lub dav hlau los ntawm nws tus kheej, tab sis tsis ncaj ncees, Suav-sourced software tau qhia nyob rau theem ntxov hauv subsystem ntau lawm.
Cov lus nug yog tsim nyog nug. Yog tias cov neeg muag khoom ntawm Asmeskas cov cuab yeej tseem ceeb tshaj plaws tau saib xyuas qee yam yooj yim xws li steel thiab shafting specifications, dab tsi yuav ua rau muaj kev phom sij, tsis muaj kev qhia tshwj xeeb software yog tsis txhob txwm ua rau muaj kev ntxhov siab?
Electronics thiab software yog qhov txuas ntxiv ntawm kev ruaj ntseg ntawm cov saw hlau
Getty Dluab
Software xav tau kev tshuaj xyuas ntxiv
Cov ceg txheem ntseeg siab. Xyoo tas los, lub kev tshaj qhia txhua xyoo los ntawm Pentagon cov neeg sim riam phom ntawm Lub Chaw Haujlwm Tus Thawj Coj, Kev Ntsuas Kev Ua Haujlwm thiab Kev Ntsuam Xyuas (DOT&E) tau ceeb toom tias "feem ntau ntawm DOD systems yog software-intensive. Software zoo, thiab lub kaw lus tag nrho cybersecurity, feem ntau yog cov yam ntxwv uas txiav txim siab ua haujlwm tau zoo thiab muaj sia nyob, thiab qee zaum ua rau tuag. "
"Qhov tseem ceeb tshaj plaws uas peb tuaj yeem ruaj ntseg yog software uas tso cai rau cov tshuab no, hais tias Kassabov. "Cov neeg muab kev tiv thaiv tsis tuaj yeem tsuas yog tsom thiab xyuas kom meej tias lub kaw lus tsis tuaj ntawm Russia lossis los ntawm Tuam Tshoj. Nws yog ib qho tseem ceeb dua kom nkag siab tias yog dab tsi yog software sab hauv ntawm lub kaw lus no thiab yuav ua li cas thaum kawg cov software no muaj kev cuam tshuam. "
Tab sis cov neeg sim yuav tsis muaj cov cuab yeej tsim nyog los ntsuas kev pheej hmoo ua haujlwm. Raws li DOT&E, cov neeg ua haujlwm tau thov rau ib tus neeg ntawm Pentagon kom "qhia rau lawv tias qhov kev pheej hmoo ntawm cybersecurity, thiab lawv cov txiaj ntsig yuav tshwm sim, yog, thiab pab lawv tsim kev txo qis los tawm tsam los ntawm kev tsis muaj peev xwm."
Txhawm rau pab ua qhov no, tsoomfwv Meskas tso siab rau cov chaw tseem ceeb uas tsis muaj npe zoo li cov Lub koom haum National of Standards thiab Technology, los yog NIST, los tsim cov qauv thiab lwm yam kev ua raws li cov cuab yeej tsim nyog rau kev ruaj ntseg software. Tab sis nyiaj txiag tsuas yog tsis muaj. Mark Montgomery, tus thawj coj ntawm Cyberspace Solarium Commission, tau tsis khoom ceeb toom tias NIST yuav nyuaj rau ua tej yam xws li tshaj tawm cov lus qhia txog kev ntsuas kev nyab xeeb rau software tseem ceeb, tsim cov qauv yam tsawg kawg nkaus rau kev sim software, lossis qhia cov saw hlau ruaj ntseg "ntawm cov peev nyiaj uas tau ntau xyoo dhau los ntawm qis dua $ 80 lab."
Tsis muaj kev daws teeb meem yooj yim yog pom. NIST qhov "rov qab-chaw ua haujlwm" kev taw qhia, ua ke nrog kev ua raws li kev nruj kev tsiv, tuaj yeem pab tau, tab sis Pentagon yuav tsum tau txav mus deb ntawm qhov qub "reactive" txoj hauv kev los muab cov saw hlau ncaj ncees. Muaj tseeb tiag, thaum nws yog qhov zoo los ntes qhov ua tsis tiav, nws yog qhov zoo dua yog tias kev siv zog ua haujlwm los tswj cov khoom lag luam kev ncaj ncees ncaws pob hauv kev tiv thaiv tus neeg ua haujlwm thib ob thawj zaug pib tsim cov cai tiv thaiv.
Tau qhov twg los: https://www.forbes.com/sites/craighooper/2022/11/01/embedding-proactive-vigilance-into-the-pentagon-high-tech-supply-chain/