Patent Grant
10323910
Some embodiments relate to missile defense. Some embodiments relate to methods for identifying and exploiting vulnerabilities in missile threats.
Currently-available techniques for missile defense performance assessment focus on kinetic solutions to counter ballistic missile threats. Such techniques are incomplete because they do not account for all available types of countermeasures. Ongoing efforts are directed to improving techniques for missile defense performance enhancement, including techniques that account for all available types of countermeasures.
The following description and the drawings sufficiently illustrate specific embodiments to enable those skilled in the art to practice them. Other embodiments may incorporate structural, logical, electrical, process, and other changes. Portions and features of some embodiments may be included in, or substituted for, those of other embodiments. Embodiments set forth in the claims encompass all available equivalents of those claims.
Current-available analytical techniques for missile defense performance assessment focus on kinetic solutions to counter ballistic missile threats. The term “kinetic” in the context of describing example embodiments refers to actions or countermeasures to threats taken through physical, material means, such as nuclear bombs, rockets, and other munitions. Some available analytical techniques focus on measures of effectiveness (MOE) that include probability of engagement success (Pes), which takes into account multiple kinetic interceptor shots each with a probability of single shot engagement kill (Pssek). Currently-available analytical techniques derive Pssek from measurements or estimations of several factors along the kinetic kill chain. These factors can include reliability of the combat system, communications system, and interceptor and the ability of the interceptor to intercept the re-entry vehicle of the ballistic missile.
However, currently-available methods for determining Pes do not consider non-kinetic means to counter ballistic missile threats and are thus incomplete. Currently-available methods may only consider expensive kinetic actions to be taken starting from a boost phase of a ballistic missile threat, when the ballistic missile threat has already been deployed. Non-kinetic solutions in the context of example embodiments are logical, electromagnetic, or behavioral. One easily-understood example would be a cyber-attack on an enemy computer system. Unlike most kinetic solutions, such non-kinetic solutions are typically used before the boost phase.
Currently available methods may be unable to calculate engagement success for non-kinetic countermeasures. It may be more difficult, relative to kinetic countermeasures, to calculate engagement success for non-kinetic countermeasures because physical measurements for success for these countermeasures may be difficult to define. When a non-kinetic measure is taken against a threat, it may be relatively difficult to ascertain that the non-kinetic measure did, in fact, directly cause a failure of the threat because it may be difficult or impossible to observe the non-kinetic countermeasures taking place inside the enemy system. Calculation of engagement success for non-kinetic countermeasures, therefore, can require calculation of probability of placement, and the probability that the non-kinetic countermeasure can actually be activated, in addition to the probability that the non-kinetic countermeasure will be successful in destroying or disabling the threat. Calculation of engagement success for non-kinetic countermeasures is further complicated by the fact that some non-kinetic countermeasures may be in place for months or years. In contrast, kinetic countermeasures are typically very visible and observable, in a relatively short time frame that can be measured in minutes or even seconds.
Furthermore, currently-available systems may not provide an indication of the level of confidence that operators can have in the predicted success of countermeasures, which can make it difficult for agencies to justify large expenditures for kinetic countermeasures. Finally, available methods do not consider the use of confidence levels in the effectiveness of various techniques in eliminating threats when determining whether to apply those various techniques. Accordingly, it may be difficult to optimize and coordinate usage of multiple countermeasure techniques against enemy vulnerabilities.
Methods, apparatuses, and systems described herein for implementing various embodiments provide more comprehensive ways to provide analytic assessment of missile defense operations, by considering mitigation of ballistic missile threats before launch (e.g., “left of launch”) of such threats, in addition to assessment of certain countermeasures during and after the boost phase of a ballistic missile threat. Embodiments implement a stochastic mathematical model (SMM) for computation of Probability of Ballistic Missile Negation (Pn), for left of launch techniques implemented against missile production, fielding and deployment, and boost vulnerabilities. In addition, systems, methods, and apparatuses of some embodiments can provide a quantifiable indicator of the level of confidence that governmental and military agencies can take in these probability computations.
Some embodiments can consider countermeasures implemented in fielding and deployment phases 120. Such countermeasures can include disrupting launch, further degradation of material integrity, disrupting logistics, inducing failures during hardware and software upgrades, affecting the calibration and maintenance of the threat, etc. Phases 110 and 120 can be understood as being left of launch 130.
Some embodiments can analyze the success of countermeasures implemented in a boost phase 140. Such countermeasures can include disrupting or degrading material integrity, disrupting uplinks 150, initiating self-destruction of missiles, disrupting guidance systems or communication systems 160, etc.
The computer 200 will include a communication interface 210. The communication interface 210 will receive identification information identifying a vulnerability associated with a missile threat. Further, the communication interface 210 will receive identification information identifying a technique for exploiting the vulnerability. The communication interface 210 can retrieve this information from memory 220 or store such received information into memory 220.
The computer 200 includes at least one processor 230. The processor 230 will generate at least one vulnerability-technique (VT) pair based on information received by the communication interface 210.
Column 314 lists various techniques 318 for exploiting and manipulating each vulnerability. Cyber-engineers, electronic warfare experts, or other experts or computer systems can identify these techniques. The techniques 318 can include cyber weapons, directed energy, electronic warfare, etc. Cyber weapons can include digital techniques that can disrupt or destroy hardware or software components of a computerized system or network. Directed energy techniques can include targeted electromagnetic pulse (EMP). Electronic warfare techniques can exploit wireless vulnerabilities. The multiple techniques 318 may be independent such that the desired effect is achieved if one or more of the techniques 318 are successfully implemented. Conversely, the multiple techniques 318 may only result in the desire effect when all of the techniques 318 are successfully implemented.
Subject matter experts (SMEs) can then identify one or more VT pairs 316. SMEs can assign a score (not shown in
The processor 230 will apply an SMM to generate a negation value Pn that represents the probability that techniques 318 of respective VT pairs 316 will eliminate the threat by exploiting the respective vulnerability 304.
The negation value Pn can be decomposed into several components as described below with reference to Equations (1)-(30). In embodiments, the negation value Pn will include four components, but other embodiments can include more or fewer components. There is no theoretical limit on the number of components used, but computational time will typically be faster when the negation value Pn includes fewer, rather than more, components. Confidence levels in results may be higher, however, when the negation value Pn includes more, rather than fewer, components.
Each component represents a different criterion or combination of criteria for estimating the probability that implementation of the respective technique 318 will eliminate the missile threat. These criteria can be selected from a list including, but not limited to: a placement criterion to represent whether an instrumentality for executing the technique 318 can be placed in a manner to exploit the vulnerability 304; an activation criterion to represent whether the technique 318 can be activated subsequent to placement of the instrumentality for executing the technique 318; a success criterion to represent whether implementation of the technique 318 can exploit the corresponding vulnerability 304; and a severity criterion to represent the severity with which the vulnerability 304 affects operation of the missile threat.
Success is defined in the context of example embodiments to refer to a measure of whether the technique 318 performed as the technique 318 was designed to perform. Severity is defined in the context of example embodiments to refer to a measure of whether the technique 318 had a significant impact on threat performance. For example, a first technique 318 when successful may have the effect of changing the color of a piece of hardware, whereas a second technique 318 when successful causes the hardware to break apart under acoustic loads. Even if the probability of success for each of the first technique 318 and the second technique 318 were the same, the probability of being severe is much higher for the second technique 318 than for the first technique 318. Accordingly, given the same probability of success for each technique 318, the probability of effectiveness would be higher for the second technique 318 than for the first technique 318.
In embodiments, the processor 230 will decompose the negation value Pn according to at least the following equations and principles.
First, it will be appreciated that, in order to eliminate a threat, a VT pair 316 must be both deployed and effective:
Pn=P(e,d) (1)
where P(e,d) is the probability of a technique 318 being both deployed d and effective e against a given vulnerability 304. If a technique 318 is not deployed or not effective, then the missile will not be negated.
Also, since a technique 318 cannot be effective if it is not deployed:
P(e|˜d)=0 (2)
Likewise:
P(˜e|d)=1 (3)
Therefore:
P(e,˜d)=P(e|˜d)P(d)=0 (4)
Likewise:
P(˜e,˜d)=P(˜e|˜d)P(˜d)=P(˜d)=1−P(d) (5)
Based on the law of total probability, for a given VT pair, ViTj:
P(d)=P(e,d)+P(˜e,d) (6)
P(˜d)=P(e,˜d)+P(˜e,˜d)=1−P(d) (7)
P(e)=P(e,d)+P(e,˜d)=P(e,d)=Pn(ViTj) (8)
P(˜e)=P(˜e,d)+P(˜e,˜d)=1−P(e) (9)
Applying Bayes' theorem gives:
P(e,d)=P(e|d)×P(d) (10)
In turn, for a VT pair 316 to be effective, the technique 318 must be successful su and severe sv:
P(e|d)=P(sv,su) (11)
Equation (11) signifies that if a VT pair 316 is not successful or not severe, then the VT pair 316 will not be effective given it is deployed.
Also, since a VT pair 316 cannot be severe if it is not successful:
P(sv|˜su)=0 (12)
Likewise:
P(˜sv|˜su)=1 (13)
Therefore:
P(˜su,sv)=P(sv|˜su)P(˜su)=0 (14)
Likewise,
P(˜su,˜sv)=P(˜sv|˜su)P(˜su)=P(˜su)=1−P(su) (15)
Based on the law of total probability:
P(su)=P(su,sv)+P(su,˜sv) (16)
P(˜su)=P(˜su,sv)+P(˜su,˜sv)=1−P(su) (17)
P(sv)=P(su,sv)+P(˜su,sv)=P(su,sv)=P(e|d) (18)
P(˜sv)=P(su,˜sv)+P(˜su,˜sv)=P(su)−P(su,sv)+1−P(su)=1−P(su,sv) (19)
Applying Bayes' theorem gives:
P(e|d)=P(sv|su)×P(su) (20)
Equation (20) signifies that the processor 230 will receive inputs representative of the probability of a VT pair 316 being severe given that it is successful (e.g., P(sv|su)), and the probability of a VT pair 316 being successful (e.g., P(su)). The processor 230 will receive inputs of these probabilities from an SME, for example, or a computer system, as described in more detail herein with reference to
Finally, in order for a VT pair 316 to be deployed d, the VT pair 316 must be placed pl and activated a:
P(d)=P(a,pl) (21)
where P(a,pl) is the probability of a VT pair 316 being both placed and activated, and therefore deployed.
If a VT pair 316 is not placed or not activated, then the VT pair 316 will not be deployed. Also, since a VT pair 316 cannot be activated if it is not placed:
P(a|˜pl)=0 (22)
Likewise:
P(˜a|˜pl)=1 (23)
Therefore,
P(a,˜pl)=P(a|˜pl)P(˜pl)=0 (24)
Likewise,
P(˜a,˜pl)=P(˜a|˜pl)P(˜pl)=P(˜pl)=1−P(pl) (25)
Based on the law of total probability,
P(a)=P(a,pl)+P(a,˜pl)=P(a,pl)=P(d) (26)
P(˜a)=P(˜a,pl)+P(˜a,˜pl)=1−P(a)=1−P(d) (27)
P(pl)=P(a,pl)+P(˜a,pl) (28)
P(˜pl)=P(a,˜pl)+P(˜a,˜pl)=1−P(pl) (29)
Applying Bayes' theorem gives:
P(d)=P(a|pl)×P(pl) (30)
Equation (30) signifies that the processor 230 will receive inputs representative of the probability of a VT pair 316 being activated given that it is placed (e.g., P(a|pl)) and the probability of a VT pair 316 being placed (e.g., P(pl)). The processor 230 will receive inputs of these probabilities from an SME, for example, or a computer system, as described in more detail herein with reference to
By combining Equations (10), (20), and (30) for each technique Tj against vulnerability Vi, the probability of negation Pn for VT pair ViTj can be written:
Pn(ViTj)=P(svij|suij)P(suij)×P(aij|plij)P(plij) (31)
The processor 230 will treat each component of Equation (31) as a random variable, with probability distribution functions (PDFs) provided by user input or through automated systems. For example, the processor 230 can treat a first component of Equation (31) as a random variable RV1:
RV1=svij|suij (32)
A PDF for RV1 can be expressed as:
f1(svij|suij) (33)
The processor 230 can treat a second component of Equation (31) as a random variable RV2:
RV1=suij (34)
A PDF for RV2 can be expressed as:
f2(suij) (35)
The processor 230 can treat a third component of Equation (31) as a random variable RV3:
RV3=aij|plij (36)
A PDF for RV3 can be expressed as:
f3(aij|plij) (37)
The processor 230 can treat a fourth component of Equation (31) as a random variable RV4:
RV4=plij (38)
A PDF for RV4 can be expressed as:
f4(plij) (39)
The computer 200 further includes a user display 245 to display graphical representations of the PDFs given by Equations (33), (35), (37) and (39).
As shown in
In the illustrative example, the SME is ambivalent as to whether the corresponding technique 318 (
The processor 230 can generate any number of negation values Pn based on any number of corresponding VT pairs 316. The processor 230 may combine the negation values Pn in several ways to compute the probability that execution of at least one of the techniques 318 of the plurality of VT pairs 316 will successfully exploit the vulnerability 304 to eliminate the threat. For example, in some embodiments, several techniques, T1, T2, . . . , Tm, can be deployed to exploit a single vulnerability, Vi. These techniques may be independent of each other, that is, any one of them, if effective, will negate the missile. Likewise, the techniques may be highly dependent on one another, that is, the missile will only be negated if all of the techniques are effective.
The processor 230 can calculate a composite technique, Tj that includes m techniques applied to the vulnerability Vi, under the assumption that all of the techniques are independent of one other. Then the composite probability of negation is the probability that all m techniques will not be ineffective, or the probability of at least one technique will be effective:
Pn(Vi)=1−Πs=1m(1−Pn(ViTs)) (40)
The processor 230 can also calculate a composite technique, Tj, comprised of m techniques applied to the vulnerability Vi, under the assumption that all of the techniques are dependent on one other. Then the composite probability of negation is the probability that all m techniques are effective:
Pn(Vi)=Πs=1mPn(ViTs) (41)
Likewise, if techniques against q different vulnerabilities must be effective to negate the missile, then the processor 230 calculates the overall probability of negation according to:
Pn=Πt=1qPn(Vt) (42)
Finally, if techniques against q different vulnerabilities are deployed such that any one of them can negate the missile, then the processor 230 calculates the overall probability of negation according to:
Pn=1−Πt=1q(1−Pn(Vt)) (43)
In each of Equations (41)-(43), Pn(ViTs) is calculated using Eq 31.
In reality, the actual case could be a combination of dependent and independent techniques against a single vulnerability and several dependent and independent vulnerabilities against a certain missile.
Once the processor 230 has received the appropriate PDFs for each outcome for each VT pair 316, the processor 230 or other system such as simulator, can model a “kill chain,” where a kill chain defines each step of the missile life cycle where the threat may be negated (i.e., “killed”). For example, the kill chain could include the following steps: system engineering design, supply chain, manufacturing, quality assurance, operations and maintenance, fielding and deployment, and flight (e.g., boost, mid-course, terminal), or any other steps. The processor 230 can use the model to determine the correct composite form for Equations (31) and (41)-(43) for a specific missile under attack and specific VT pairs 316. The processor 230 can execute the model using random numbers or other values from the PDFs that were provided to the processor 230. The processor 230 can combine PDFs to determine probability of eliminating the missile threat using the corresponding technique, wherein the combining can include performing a logical AND operation, a logical OR operation, or both a logical AND and a logical OR operation. The processor 230 can combine the PDFs using at least two combination methods, each of the at least two combination methods including different combinations of logical operations, and the processor 230 can provide a sensitivity analysis that compares probabilities using at least two combination methods.
The processor 230 can calculate various values or generate other data, for example the processor 230 can calculate the mean and confidence interval for Pn, as well as the PDF for Pn. The processor 230 can determine which parameters are driving Pn to determine the sensitivity of each element on Pn. Operators or governmental agencies can use the models, data, and calculations generated using methods and apparatuses in accordance with various embodiments to make a determination to perform additional research into vulnerabilities, techniques, etc.
While some embodiments are described with respect to input devices, some embodiments allow for selection to be performed in an automated fashion by the processor 230, instead of or in addition to being performed through a user input. The selection provides an indication of the confidence level associated with the corresponding component to generate a set of selected PDFs. The processor 230 will combine selected PDFs to determine probability of eliminating the missile threat using the corresponding technique. The processor 230 may perform this combination according to various methods, including by performing a logical AND operation, a logical OR operation, or both a logical AND and a logical OR operation, although embodiments are not limited thereto. In some embodiments, the processor 230 may combine the PDFs using at least two combination methods, each of the at least two combination methods including different combinations of logical operations, to perform a sensitivity analysis to compare probabilities using each of the at least two combination methods.
The computer 200 includes memory 220. In one embodiment, the memory 220 includes, but is not limited to, random access memory (RAM), dynamic RAM (DRAM), static RAM (SRAM), synchronous DRAM (SDRAM), double data rate (DDR) SDRAM (DDR-SDRAM), or any device capable of supporting high-speed buffering of data. The memory 220 can store, for example, accumulated images and at least a subset of frames of the video data.
The computer 200 can include computer instructions 240 that, when implemented on the computer 200, cause the computer 200 to implement functionality in accordance with example embodiments. The instructions 240 can be stored on a computer-readable storage device, which can be read and executed by at least one processor 230 to perform the operations described herein. In some embodiments, the instructions 240 are stored on the processor 230 or the memory 220 such that the processor 230 or the memory 220 acts as computer-readable media. A computer-readable storage device can include any non-transitory mechanism for storing information in a form readable by a machine (e.g., a computer). For example, a computer-readable storage device can include ROM, RAM, magnetic disk storage media, optical storage media, flash-memory devices, and other storage devices and media.
The instructions 240 can, when executed on the computer 200, cause the computer 200 to identify a vulnerability 304 (
In operation 510, the processor 230 identifies a vulnerability 304 associated with the missile threat. As described earlier with reference to
In operation 520, the processor 230 identifies a technique 318 for exploiting the vulnerability 304 to generate a VT pair 316, as described earlier herein with reference to
In operation 530, the processor 230 applies an SMM to generate a negation value Pn. The negation value Pn may represent a probability that the technique 318 of the respective VT pair 316 will eliminate the threat by exploiting the vulnerability 304. The negation value Pn may be generated as described earlier herein with reference to Equations (1)-(7) and can include a plurality of components.
The processor 230 will generate a set of PDFs for each of the plurality of components. Each PDF in one set will represent a different confidence level associated with the corresponding component. The processor 230 will provide graphical representations for each set of PDFs. The graphical representations may be similar to those described earlier herein with reference to
In operation 540, the processor 230 provides a recommendation for implementing the technique 318 to eliminate the missile threat responsive to receiving a selection of the technique 318. The selection may be selected based on the generated negation value Pn.
The Abstract is provided to comply with 37 C.F.R. Section 1.72(b) requiring an abstract that will allow the reader to ascertain the nature and gist of the technical disclosure. It is submitted with the understanding that it will not be used to limit or interpret the scope or meaning of the claims. The following claims are hereby incorporated into the detailed description, with each claim standing on its own as a separate embodiment.
| Number | Name | Date | Kind |
|---|---|---|---|
| 8489522 | Hirsch | Jul 2013 | B1 |
| 9544326 | Hershey | Jan 2017 | B2 |
| 20040138935 | Johnson | Jul 2004 | A1 |
| 20050033710 | Cochran | Feb 2005 | A1 |
| 20120000349 | Couronneau | Jan 2012 | A1 |
| 20130234864 | Herman | Sep 2013 | A1 |
| 20160269378 | Ye | Sep 2016 | A1 |
| Entry |
|---|
| Guzie, G. Integrated Survivability Assessment [online], Apr. 2004 [retrieved on Dec. 16, 2016]. Retrieved from the Internet: <URL: http://www.dtic.mil/dtic/tr/fulltext/u2/a422333.pdf>. |
| Guzie, G. Vulnerability Risk Assessment [online], Jun. 2000 [retrieved on Dec. 16, 2016]. Retrieved from the Internet: <URL: http://www.dtic.mil/dtic/tr/fulltext/u2/a378836.pdf>. |
| Serfozo, R. Basics of Applied Stochastic Processes [online]. Springer Berlin Heidelberg, 2009 [retrieved on Dec. 21, 2016]. Retrieved from: STIC Catalog. Accession No. stic.221127. Preface, p. vii, ISBN-978-3-540-89332-5. |
| Oracle Crystal Ball, Fusion Edition: User's Guide. Selecting Probability Distributions [online], Release 11.1.1.3.00. 2009 [retrieved Aug. 14, 2017]. Retrieved from the Internet <https://docs.oracle.com/cd/E12825_01/epm.111/cb_user/frameset.htm?ch01s04.html>. |
| Richard Maher, The Covert War Against Iran's Nuclear Program: An Effective Counterproliferation Strategy?, 2012, European University Institute Badia Fiesolana I-50014 San Domenico di Fiesole (FI), 1-14 (Year: 2012). |
| Number | Date | Country | |
|---|---|---|---|
| 20160070674 A1 | Mar 2016 | US |
