Threat Modeling for Eglin AFB Test Range

Identify critical assets: This includes physical infrastructure (radar systems, launch pads, command centers), communication networks, data centers, and research and development facilities.

Determine threat sources: Consider both internal and external threats, such as:

• Internal: Malicious insiders, accidental errors, human factors, and supply chain vulnerabilities.
• External: Hackers, nation-state actors, cybercriminals, physical attacks, natural disasters, and espionage.

Establish clear objectives:

• Identify and prioritize vulnerabilities.
• Develop mitigation strategies.
• Measure and monitor the effectiveness of security controls.
• Comply with relevant security regulations and standards (e.g., NIST, DoD).

• STRIDE: This methodology focuses on six key security threats:
  • Spoofing: Unauthorized impersonation.
  • Tampering: Unauthorized modification of data or systems.
  • Repudiation: Denial of responsibility for actions.
  • Information Disclosure: Unauthorized release of sensitive information.
  • Denial of Service: Disruption of system availability.
  • Elevation of Privilege: Gaining unauthorized access to resources.
• VAST (Vulnerability Assessment and Security Testing): A comprehensive approach involving vulnerability scanning, penetration testing, and code reviews.
• DREAD (Damage Potential, Reproducibility, Exploitability, Affected Users, Discoverability): A qualitative risk assessment method that helps prioritize threats based on their potential impact.

• Prioritize threats: Based on the severity of the impact and the likelihood of occurrence.
• Develop and implement mitigation controls:
  • Technical controls: Firewalls, intrusion detection systems (IDS), encryption, access control lists (ACLs), and vulnerability management systems.
  • Administrative controls: Security policies, procedures, training, and awareness programs.
  • Physical controls: Physical security measures, such as surveillance systems, perimeter fences, and controlled access.
• Document findings and mitigation plans: Create a comprehensive threat register and maintain detailed records of all security assessments and remediation activities.

• Regularly review and update threat models: As the threat landscape evolves, the threat model must be continuously updated to reflect new vulnerabilities and emerging threats.
• Conduct ongoing security assessments and penetration tests: To identify and address any new or evolving security risks.
• Monitor security logs and incident response systems: To detect and respond to security incidents in a timely and effective manner.
• Continuously improve security awareness and training programs: To educate personnel about cybersecurity best practices and the importance of following security procedures.

• Data sensitivity: Protect highly classified military data, research data, and operational information.
• Critical infrastructure protection: Ensure the availability and reliability of critical systems and infrastructure.
• Supply chain security: Address vulnerabilities within the supply chain, including hardware, software, and third-party vendors.
• Compliance with regulations: Adhere to strict Department of Defense (DoD) cybersecurity requirements and regulations.