Leonardo: Successfully completed cyber assessment on the OTO 76 / 62 SR naval tower

(To Leonardo)
13/03/18

Leonardo has successfully completed a "cyber assessment" conducted on the OTO 76/62 Super Rapid (SR) naval turret. The system has demonstrated high resilience to the threat of cyber attacks. The announcement was made public during DIMDEX (Doha International Maritime Defense Exhibition & Conference).

Evaluation is part of a process carried out by Leonardo to ensure that its products and systems are protected against possible hostile cyber attacks. Updates to the OTO 76 / 62 SR defense system have made it ever more efficient and effective, on the one hand optimizing its use, but on the other increasing its potential exposure to cyber danger. The aim of the assessment was therefore to identify possible threats and implement specific countermeasures.

Starting from the technology adopted for the OTO 76 / 62 SR and using a series of "best practices" in terms of computer security, it was possible to identify the scenarios of computer vulnerability that could arise from deliberate or accidental actions. These include malware and viruses on removable devices or incorrect behavior in terms of cyber security.

The main component of the 76 / 62 SR OTO is its control console, from which all other parts of the system are managed. Depending on the system configuration, this could include the STRALES (for example a steering system for the DART system), the VULCANO ammunition, as well as the Multi Feeding (MF) device for the automatic management of the ammunition. Starting from the control console and subsequently considering the entire weapon system, the assessment made it possible to identify potential weaknesses and set up a series of security measures to reduce the levels of risk associated with identified vulnerabilities.

In addition to meeting the stringent cyber security policies of Leonardo, the assessment showed that the OTO 76 / 62 SR meets a variety of safety requirements, specifically the NIST SP800-53, ISO 15408 and ISO 27002 standards.