Sandia researchers completed the development of the Field Device Assessment Methodology (FDAM) in 2017 to support cyber testing on weapons systems and other operational platforms that rely heavily on embedded devices.
FDAM applies to major weapons systems as well as the ships, aircraft, and other platforms that carry them and the equipment needed for their support. The methodology is also well suited to evaluate the security of systems used to control the operation of critical infrastructure such as the electrical grid, refineries, and water utilities. FDAM’s development was sponsored by the Department of Defense (DoD)/Director, Operational Test and Evaluation (DOT&E).
An assessment using FDAM’s framework calls for careful attention to five foundational elements:
- Adversary goals
- Procedures for cyber attack
- Access to the device environment
- Device and system vulnerabilities
- Cyber/physical mitigations
The FDAM process is also marked by two defining features:
Access/Procedure Pairs (APPs) – FDAM narrows the search for potential vulnerabilities using a formal structure based on likely combinations of system access and adversary tactics. These APPs are prioritized, mapped to adversary goals, and used to guide device testing.
Vulnerability Scoring - To prioritize mitigation, FDAM uses a statistical formula that assigns a numerical severity value to each identified risk. This approach adapts the basic structure of the Common Vulnerability Scoring System (CVSS) used by NIST and others for evaluating IT systems. FDAM modifies key elements of the CVSS formula in applying it to the embedded systems used in mission platforms and industrial control systems.