Sec. 1559. Assessments of weapons systems vulnerabilities to radio-frequency enabled cyber attacks
436 words·~2 min read·
/bill/117/hr/7776/eah/section-1559·A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
The Secretary of Defense shall ensure that the activities required by and conducted pursuant to section 1647 of the National Defense Authorization Act for Fiscal Year 2016 ( Public Law 114–92 ; 129 Stat. 1118), section 1637 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 ( Public Law 115–232 ; 10 U.S.C. 221 note), and the amendments made by section 1712 of the William M.
(Mac)Thornberry National Defense Authorization Act for Fiscal Year 2021 ( Public Law 116–283 ; 134 Stat. 4087) include regular assessments of the vulnerabilities to and mission risks presented by radio-frequency enabled cyber attacks with respect to the operational technology embedded in weapons systems, aircraft, ships, ground vehicles, space systems, sensors, and datalink networks of the Department of Defense. The assessments under subsection
(a)with respect to vulnerabilities and risks described in such subsection shall include— identification of such vulnerabilities and risks; ranking of vulnerability, severity, and priority; development and selection of options, with associated costs and schedule, to correct such vulnerabilities, including installation of intrusion detection capabilities; an evaluation of the cybersecurity sufficiency for Military Standard 1553; and development of integrated risk-based plans to implement the corrective actions selected. In developing corrective actions under subsection (b)(3), the assessments under subsection
(a)shall— consider the missions supported by the assessed weapons systems, aircraft, ships, ground vehicles, space systems, sensors, or datalink networks, as the case may be, to ensure that the corrective actions focus on the vulnerabilities that create the greatest risks to the missions; be shared and coordinated with the principal staff assistant with primary responsibility for the strategic cybersecurity program; and address requirements for deployed and nondeployed members of the Armed Forces to analyze data collected on the weapons systems and respond to attacks. The assessments under subsection
(a)shall be informed by intelligence, if available, and technical judgment regarding potential threats to embedded operational technology during operations of the Armed Forces. The assessments under subsection
(a)shall be fully coordinated and integrated with activities described in such subsection. The Secretary shall ensure that the organizations conducting the assessments under subsection
(a)in the military departments, the United States Special Operations Command, and the Defense Agencies coordinate with each other and share best practices, vulnerability analyses, and technical solutions with the principal staff assistant with primary responsibility for the Strategic Cybersecurity Program. Not later than one year after the date of the enactment of this Act, the Secretary shall provide to the congressional defense committees briefings from the organizations specified under subsection (e)(2), as appropriate, on the activities and plans required under this section.
Connectionstraces to 4
Traces to 4 documents
public-private-law
2 references not yet in our index
- 129 Stat. 1118
- 134 Stat. 4087
Citation graph
cites case law
Sec. 1559
Assessments of weapons systems vulnerabilities to radio-frequency enabled cyber attacks
Stat.129 Stat. 1118
Stat.134 Stat. 4087
Cites 6Cited by 0 across 0 sources