C4ISR system architectures are built on top of industry-standard interfaces (ethernet, video, CAN, USB and serial data) and open standards middleware technologies that enable a wide range of services, such as tactical (disruption-tolerant) voice and networking services, distribution of data and so on.
In this presentation, we review the ever-growing threats and advanced protection means, including the post-quantum cryptography for public-key algorithms. Moreover, we outline the specific assurance requirements, in order to ensure a sufficient confidence that the system’s security features are reliably implemented. For a classified C4ISR system architecture in active duty within NATO, it is expected to achieve a Common Criteria Evaluation Assurance Level (EAL) 5+, i.e. semi-formally (or formally) designed (verified) and tested.