The CCDCOE’s project on the exploring the cybersecurity of weapon systems has culminated with the publication of the paper “Cybersecurity of weapon systems: international law requirements and technical standards” in the prestigious Journal of Cybersecurity. The paper analyzes existing international law, national strategies, and technical standards to explore the current status of the integration of cybersecurity requirements to the use of military equipment. In addition, a survey amongst the CCDCOE member nations shed light to the approaches utilized by states in regard to cybersecurity when procuring, testing, or utilizing weapon systems.
Many weapons operate within complex computerized systems and are integrated with sensors and platforms. Armed forces rely extensively on digital battlefield management and decision support systems. Exploitation of vulnerabilities in such systems can render them unreliable or unusable, which can adversely affect national security and lead to losses of human life. The paper seeks to establish, first, whether states have an obligation under international law to take cybersecurity measures with respect to weapon systems. Second, the paper examines whether states have, to comply with their legal obligations or otherwise, set cybersecurity requirements, standards, or guidelines that apply to weapon systems, either by articulating them or referring to previously existing standards that apply to cyber–physical systems.
You can read the full paper here.