The U.S. Air Force asked RAND Project AIR FORCE to determine where it is most fruitful to focus effort in making changes to tactics, techniques, and procedures to improve an airman's ability to detect, evaluate, and mitigate significant corruption of logistics data. The goal is to respond to errors in data before they have a significant negative effect on combat operations.
Download
Download eBook for Free
Full Document
| Format | File Size | Notes |
|---|---|---|
| PDF file | 1.3 MB | Use Adobe Acrobat Reader version 10 or higher for the best experience. |
تحقيق المتانة والمرونة في العمليات اللوجيستية ضمن بيئة معلومات متدهورة
Arabic language version
| Format | File Size | Notes |
|---|---|---|
| PDF file | 1.5 MB | Use Adobe Acrobat Reader version 10 or higher for the best experience. |
Purchase
Purchase Print Copy
| Format | List Price | Price | |
|---|---|---|---|
| Add to Cart | Paperback66 pages | $21.00 | $16.80 20% Web Discount |
Research Question
- What can the Air Force logistics community do to better detect, evaluate, report, and prioritize the response to corrupt data in order to satisfactorily continue operations in the event of significant data corruption?
Logistics operations depend on accurate information. Even relatively small errors in support systems can, in some circumstances, have large effects on operations. But errors are inevitable, so logistics operations should be robust to errors, whether they are a random occurrence or the result of a deliberate, targeted cyber attack. The U.S. Air Force asked RAND Project AIR FORCE to determine where it is most fruitful to focus effort in making changes to tactics, techniques, and procedures to improve an airman's ability to detect, evaluate, and mitigate significant corruption of logistics data. The goal is to respond to errors in data before they have a significant negative effect on combat operations.
Highly automated processes — in which humans do not see the data during normal operations — present a significant challenge for detection. Detection of corrupted data is most critical during wartime, yet anomalies are less evident during wartime than during peacetime because wartime itself is an anomaly. Therefore, mechanisms are needed to adjust detection mechanisms from peacetime to wartime conditions. For workers (airmen, civilians, and contractors) to detect anomalous data, they all must be trained to understand the expected baseline and must be continuously vigilant when examining data. Leadership must also create an environment that encourages workers to report suspected anomalous data.
Recommendations include defining, within logistics policy, what measures the logistics community should take in response to each information operations condition level and creating a new central body (perhaps within an existing organization) — the Global Data Integrity Cell — that would receive all reports of suspected data anomalies to enable enterprise-wide situational awareness.
Key Findings
Critical Areas in Which to Enhance the Ability to Detect Corrupted Data
- The detection must be sufficiently prompt. Promptness results from a combination of individuals detecting and reporting corrupted data quickly and detecting corrupted data early in the chain of custody.
- Highly automated processes — in which humans do not see the data during normal operations — present a significant challenge for detection. Automation requires special mechanisms to assist in detecting corruption.
- Detection of corrupted data is most critical during wartime, yet anomalies are less evident during wartime than during peacetime because wartime itself is an anomaly. Mechanisms are needed to adjust detection mechanisms from peacetime to wartime conditions.
- For workers (airmen, civilians, and contractors) to detect anomalous data, they all need to be trained to understand the expected baseline and need to be continuously vigilant when examining data.
- Leadership must create an environment that encourages workers to report suspected anomalous data.
Recommendations
- Define, within logistics policy, what measures the logistics community should take in response to each information operations condition level. This action is the most likely to yield positive, tangible results with the least expenditure of resources.
- Adopt simple methods to detect data corruption in fully automated processes that are routinely used in fraud detection (such as Benford's Law).
- Enhance the education and training of all members of the enterprise about the threat to operations from data corruption (and cyber attack more generally).
- Supplement current reporting mechanisms and assessments.
- Create a new central body (perhaps within an existing organization) — the Global Data Integrity Cell — that would receive all reports of suspected data anomalies to enable enterprise-wide situational awareness.
- For optimal response, enact strategies to prioritize proactive mitigations and specific reported incidents. Assign a time frame for assessment of each incident and potential mitigation.
Table of Contents
Chapter One
Approaching the Problem
Chapter Two
The Challenges of Detection
Chapter Three
Recommendations for Improving Detection
Chapter Four
Evaluation
Chapter Five
Prioritizing the Effort
Chapter Six
Discussion and Conclusions
Research conducted by
The research described in this report was sponsored by the Director of Resource Integration under the Air Force Deputy Chief of Staff, Logistics, Engineering, and Force Protection and co-sponsored by the Director, Logistics, Engineering, and Force Protection, Air Force Global Strike Command and conducted by the Resource Management Program within RAND Project AIR FORCE.
This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.