The Department of Defense's original Zero Trust Strategy, released in 2022, was a landmark document. It established that the traditional perimeter-based security model — the assumption that everything inside the network is trusted and everything outside is not — was architecturally incompatible with modern threat environments. Adversaries had demonstrated repeatedly that perimeter defenses could be bypassed, that insider threats were structurally underweighted, and that the implicit trust granted to lateral network movement was a critical vulnerability. The 2022 strategy mandated 91 cybersecurity capability outcomes across DoD IT infrastructure, with a target-level completion deadline of fiscal year 2027.
Zero Trust Strategy 2.0, released in March 2026, extends that framework into territory that the original document deliberately left underdeveloped: operational technology, internet-of-things devices, and — most consequentially — weapon systems and autonomous platforms. The expansion reflects an operational reality that the 2022 strategy acknowledged but did not fully address. Modern weapons are not standalone kinetic systems. They are networked, software-defined platforms that ingest sensor data, communicate with command nodes, execute AI-driven decision algorithms, and generate telemetry that flows back into intelligence and operational planning systems. Securing the IT network that supports these platforms is necessary but not sufficient. The platform itself is a node on the network, and it must be treated as such.
What Zero Trust Means for Autonomous Platforms
The core principles of zero trust — never trust, always verify; assume breach; minimize lateral movement — translate differently when applied to autonomous systems operating at the tactical edge than they do when applied to an enterprise IT environment. An autonomous surface vessel or unmanned aerial system operating in a denied communications environment cannot rely on continuous connectivity to a centralized identity and authentication service. A challenge-response authentication model that requires a round-trip to a cloud-hosted authorization service introduces latency and connectivity dependencies that are operationally unacceptable in contested environments.
Zero Trust Strategy 2.0's 84 new operational technology capability outcomes address this directly by requiring what the document terms "resilient zero trust" — the ability to maintain verified-trust posture and enforce least-privilege access controls in environments where persistent connectivity to centralized security infrastructure cannot be assumed. For autonomous platforms, this means zero trust controls must be resident on the platform itself: cryptographic identity at the device level, on-device policy enforcement for inter-subsystem communication, anomaly detection algorithms that can identify compromise indicators without reference to a remote threat intelligence feed, and air-gap-survivable key management. These are not incremental additions to an existing architecture. They are foundational engineering requirements that must be designed in from the beginning.
The Operational Technology Gap
The expansion of zero trust to operational technology surfaces a compliance challenge that much of the defense industrial base has not fully internalized. Traditional CMMC and RMF compliance frameworks focus primarily on the handling of controlled unclassified information in IT systems — networks, workstations, servers, and cloud environments. A contractor can achieve CMMC Level 3 certification for its corporate IT infrastructure while the embedded systems, firmware, and communication protocols on the platforms it produces remain outside the compliance scope entirely. Zero Trust Strategy 2.0 closes that gap.
Under the updated framework, weapon systems and autonomous platforms are no longer treated as IT-adjacent endpoints. They are subject to zero trust requirements at the system architecture level, including supply chain transparency through software bills of materials, verified firmware integrity chains, authenticated inter-subsystem communication, and behavioral monitoring for anomaly detection during operation. For contractors building autonomous platforms, this means the compliance boundary now extends from the corporate IT environment all the way to the edge hardware running onboard the system. Platform architects who have not built zero trust controls into the system design will face significant re-engineering costs to achieve compliance. Those who built for it from the outset are positioned to meet the new requirements without platform-level redesign.
Building for the Contested Edge
The practical architecture required to satisfy Zero Trust 2.0 for autonomous platforms in DDIL environments is well-defined, even if it remains uncommon in fielded systems. Device-level cryptographic identity using hardware-backed key stores ensures that each platform subsystem can be individually authenticated without central infrastructure. Micro-segmented communication architectures limit the blast radius of compromise by ensuring that a compromised subsystem cannot gain access to adjacent functions without re-authentication. On-device behavioral baselines enable anomaly detection that identifies deviation from expected operational patterns — a proxy for compromise indicators in environments where threat intelligence feeds are unavailable.
For platforms like BRIC, designed from inception for edge-resident AI inference in DDIL environments, these requirements are engineering decisions that were made at the architecture level before Zero Trust 2.0 was published. The compliance framework has caught up to the operational requirement. Autonomous systems that must operate without persistent connectivity in contested environments have always needed trust models that do not depend on that connectivity. Zero Trust Strategy 2.0 makes that a mandate. The defense industrial base now has its roadmap.
