Duration: 2 Days
Dec 7–8, 2016
Location: San Antonio, TX

Department of Defense weapon systems have become increasingly sophisticated and technologically advanced. The intricacies associated with advanced technology, however, introduce complexity that makes it difficult to discern vulnerabilities that may exist due to underlying functionality, interconnections, associated subsystems and weaknesses in hardware/software. Although Department of Defense operations are dependent on proper functionality and the integrity of weapon systems, there is a lack of understanding concerning associated cyber-based threats.

This course is designed to introduce students to the threats that exists for DoD weapon systems and provides the foundation for developing mitigation strategies. The course utilizes real-world examples to walk students through how an attacker can exploit weapon systems via subcomponents and supporting infrastructure. Students will learn the fundamentals of cyber security as applied to DoD weapon systems along with supply chain risks, system weaknesses, operational implications and how an adversary can target weapon systems.

An understanding of the concepts discussed in this class is critical for anyone involved in the design, test, evaluation, assessment, command and/or operation of DoD weapon systems. Students will gain insight into the threats associated with the critical systems and learn how to apply the concepts in order to reduce an adversary’s capabilities to impact military operations. This course serves as the foundation for anyone interested in cyber security for DoD weapon systems.

Course Learning Objectives

Attendees will understand the following concepts:

  • How weapon systems cyber security is different than traditional IT systems
  • Fundamentals of cyber security as applied to DoD weapon systems
  • The common threats/risks and how adversaries target weapon systems
  • Risks to weapon systems associated with supply chain, system weaknesses and the operational implications
  • Approaches to developing a strategy associated with prevention, mitigation, response, test and evaluation for cyber-based risks for weapon systems

What Students Will Receive:

  • Student manual containing all lecture slides and notes
  • Template documents for stakeholder identification documentation
  • Template documents for planning document
  • Template documents for technical out brief
  • Template documents for executive out brief
  • Template documents for mitigation strategy documentation

Course Outline (2 day course):


Weapon system cyber security vs traditional IT security

  • Operational requirements
  • Emerging technologies and legacy technologies
  • Interdependency of complex systems
  • Mission dependency
  • Direct kinetic effects
  • Availability of evaluation environment
  • Technical skill-set requirements
  • Intel and targeting
  • Safety systems and safeguards
  • Prioritization of assets and sub-systems


  • Real-world examples
  • Common security weaknesses
  • Threat considerations
  • Supply chain risks
  • Primary security concerns
  • Adversary attack vectors
  • Differing attack types and effects

Typical stakeholders and their roles

  • Identifying stakeholders
  • Acquisition
  • Manufacturers
  • Test and evaluation
  • Operators
  • Intel
  • Maintainers
  • Commanding officers
  • Information flow

Evaluating cyber security risks

  • Coordination
  • Discovery
  • Execution
  • Risk analysis
  • Developing mitigation strategies
  • Documentation


  • Identify sub-systems and evaluation criteria
  • Define ROEs
  • Identify skill-set and personnel
  • Coordination of controls


  • Perform discovery for each sub-system
  • Identify system inputs and outputs
  • Identify system functionality and characteristics
  • Develop the planning document
  • Study types
    • Passive study
    • Active study
    • Informational study
  • Obtain approval authority to execute


  • Independent sub-system evaluation
  • Holistic system evaluation
  • Coordinated effects

Risk analysis

  • Vulnerability
  • Likelihood
  • Consequence

Developing mitigation strategies

  • DTOMLPF considerations
  • Cyber Security Essentials for DoD Weapon Systems
  • Software changes
  • Software validation and integrity
  • Configuration management validation
  • Monitoring capabilities
  • Information assurance principles
  • Extending the security perimeter
  • Information protection
  • Surveillance


  • Coordination
  • Classification
  • Technical out briefs
  • Executive out briefs

Instructor(s): Dr. Johnathan Butts and Billy Rios

We developed DoDWS-301: Cyber Security Essentials for DoD Weapon Systems to meet a growing demand for trained personnel with expertise in DoD weapon systems. There is a significant shortage in the cyber security workforce of individuals that have the skill-sets to evaluate, assess and understand the cyber threats to DoD weapon systems. Some of the most critical systems that our national security relies on, however, are dependent on the ability to operate securely. As weapon systems continue to evolve and expand their cyber footprint, it is imperative that security professionals are adequately trained and have the knowledge and skill-sets to stay ahead of the threats.

Assessment and vulnerability analysis for traditional information technology systems rely greatly on pre-packaged security tools and common implementation schemes. Weapon systems, however, are different in the fact that applications are typically focused on specific functionalities and vary widely. Although security tools assist in weapon systems reviews, it is a firm understanding of the fundamentals relating to hardware, firmware and application software that is critical. As such, as designed this course around the principles associated with security assessments and vulnerability analysis for weapon systems – from the ground up. Individuals attending this training will gain a fundamental understanding of how to evaluate weapon systems, the operational implications associated with weapon systems cyber security, and will build the foundations for exploring this critical area.

We have learned first hand – through many years of performing assessments on critical systems, evaluating embedded device security, vulnerability research and training/educating individuals in this area – the importance of understanding the fundamental principles. Once an individual understands the core concepts presented in this class, they will be able to apply the skills to evaluate complex systems-of-systems.