A study on the application of RMF for weapon systems in Korea

weapons and security system integration


  • Seungmok Lee Defense Security Support Command




acquisition system, cyber risk, risk-management framework (RMF), reliability, availability, maintenance (RAM), safety


With the advent of the Fourth Revolution, military weapon systems are also being advanced. In particular, as the proportion of software embedded in these weapon systems increases, the cyber vulnerabilities of advanced weapon systems also gradually increase. If cutting-edge weapons stop abruptly or malfunction owing to software defects or cyberattacks, they will adversely affect defense security as well as combat power and economic losses. The U.S. DoD is implementing the risk management framework (RMF) to cope with cyber vulnerabilities and threats. RMF is a risk management (RM)-based framework that classifies the cyber vulnerabilities of weapon systems based on data and evaluates them according to confidentiality, integrity, and availability. The application of RMF to the Korean military's weapon-system acquisition procedure is still in its infancy. In this study, we studied the application of the RMF to weapon acquisition processors in the U.S. DoD and suggested that measures of availability, reliability, and safety that can affect weapon performance should be managed with security, and that security systems should be applied to reliability, availability, and maintenance (RAM).

Author Biography

Seungmok Lee, Defense Security Support Command

(First Author) Defense Security Support Command, The head of the department of information, [email protected], https://orcid.org/0000-0001-6944-541X

example method of assigning security ratings by classification of artillery self-propelled artillery data




How to Cite

Lee, S. (2021). A study on the application of RMF for weapon systems in Korea: weapons and security system integration. Journal of Advances in Military Studies, 4(3), 191-208. https://doi.org/10.37944/jams.v4i3.122