Sec. 1506. Cybersecurity of military standards for data
505 words·~2 min read·
/bill/117/hr/7900/pcs/section-1506·A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
No later than 270 days after enactment of this act, the principal staff assistant designated with primary responsibility for the Strategic Cybersecurity Program of the Department of Defense pursuant to paragraph
(2)of section 1640(c) of the National Defense Authorization Act for Fiscal Year 2018 ( Public Law 115–91 ; 10 U.S.C. 2224 note), as amended by section 1502 of this Act, shall conduct a comprehensive review of Military Standard 1553 (in this section referred to as MIL–STD–1553 ). At the discretion of the Secretary of Defense, the review required under this subsection may include reviews of additional serial data standards beyond MIL–STD–1553. The review required under subsection
(a)shall include the following elements: An identification of programs and weapon systems currently employing MIL–STD–1553 and other serial data standards, as appropriate, across the Department of Defense, the military departments, and components, with notations for any programs previously assessed by the Strategic Cybersecurity Program. An evaluation of, and inventory for, the vulnerabilities to MIL–STD–1553 and other serial data standards, as appropriate. An inventory of potential commercial- and Government-sourced mitigations and solutions, either in use or available to program offices. An assessment of potential changes to address identified vulnerabilities to MIL–STD–1553 and other serial data standards, as appropriate. Based on the findings of the review required under subsection (a), the Secretary of Defense shall determine whether to revise or update MIL–STD–1553 and other serial data standards, as appropriate. Subsequent to the completion of the review required under subsection (a), the head of the Strategic Cybersecurity Program shall issue guidance across the Department for program managers involved in procuring weapon systems that use MIL–STD–1553 and other serial data standards, as appropriate. The guidance shall include information related to the potential threats to MIL–STD–1553, available mitigations and solutions, and technical resources for program managers to use in addressing issues with MIL–STD–1553 and other data serial standards, as appropriate. Subject to the findings for the review required under subsection (a), the senior official identified pursuant to section 1647(j) of the National Defense Authorization Act for Fiscal Year 2016 ( Public Law 114–92 ) for a military department and the service acquisition executive (as such term is defined in section 101(10) of title 10, United States Code) shall, if applicable, issue a certification that mitigations identified by the Strategic Cybersecurity Program for assessed weapons systems have been applied and corrected. Not later than one year after the date of the enactment of this Act, such senior official and the service acquisition executive shall submit to the congressional defense committees such assessment. The Director of Operational Test and Evaluation may include evaluations of MIL–STD–1553 and other serial data standards, as appropriate, in reports required to be provided to the congressional defense committees pursuant to law. Not later than 45 days after completion of the review required under subsection (a), the head of the Strategic Cybersecurity Program shall submit to the congressional defense committees— a report on the review required under subsection (a); and a copy of the guidance required under subsection (d).
Connectionstraces to 3
Traces to 3 documents
Citation graph
cites case law
Sec. 1506
Cybersecurity of military standards for data
Cites 3Cited by 0 across 0 sources