SBIR/STTR Award attributes
Air Force mission systems and IT infrastructure have become complex, software-heavy systems of systems under the stewardship of multiple cooperating parties. Assessing the cybersecurity risks and their impacts for those systems is equally complex, yet an adversary only needs to find the weakest link to jeopardize mission success. The ATC NY team will adapt Trestle, a software tool for building automated cybersecurity models in a distributed, hierarchical format, to meet Air Force needs. Trestle builds upon ATC-NY’s successful Silverline hierarchical security modeling and automated assessment tool, building in interoperability with Air Force system engineering artifacts, as well as the ability to generate data needed for NIST Risk Management Framework (RMF) analysis. Trestle’s hierarchical models allow incremental adoption and incremental increases in model fidelity, starting from top-level concerns such as “100% system availability� and working down to automated conformance tests for individual software or operating system components.
