Suzanne Genc

The acquisition process for a new weapon system begins with development of technical requirements to ensure that the system produced provides the needed operational capability within budget and schedule constraints. Oversights during this process can result in cost or schedule overruns, unsuitable operational performance, or outright cancellation. This report describes a systems-based approach to help improve this process.

Cyber mission thread analysis (CMTA), which identifies mission-critical systems in a cyber threat environment, requires a disciplined, well-planned process for its execution. This report provides a proposed planning and implementation guide (1) to perform CMTA expeditiously while still giving results good enough to make decisions about mission criticality, and (2) to analyze multiple missions concurrently.

Air Force activities to ensure resiliency to adversarial cyber operations are somewhat fractionated, with blurred lines of authority and no overall coordinating mechanisms to ensure that all related activities are identified, tasked, and implemented and act in concert to achieve enterprise objectives. The authors recommend better ways to manage, at the enterprise level, efforts to ensure resiliency of missions to adversarial cyber operations.

This report presents a framework for the development of metrics--and a method for scoring them--that indicates how well a U.S. Air Force mission or system is expected to perform in a cyber-contested environment. There are two types of cyber metrics: working-level metrics to counter an adversary's cyber operations and institutional-level metrics to capture any cyber-related organizational deficiencies.