The USAF requires a cybersecurity Risk Management Framework (RMF) accreditation package to be approved by Authorizing Official (AO) to grant an Authority to Operate (ATO) for all instrumentation systems installed on USAF platforms. Vendors can help the USAF obtain an ATO by delivering software and hardware that implements best cybersecurity practices such as delivering software with reduced attack surface, secure delivery of software binaries, and secure methods for installing/validating firmware. Hardware designs can assist the accreditation processes by defining non-volatile memory (NVM) characteristics and reduce the operational issues by isolating NVM. Adding options for logging control-plane and data-plane network traffic is very helpful as instrumentation systems expand the use of connected networks.
展开▼
