You are here

Cyber Health and Status Data Collection



TECHNOLOGY AREA(S): Information Systems

OBJECTIVE: Develop new and novel methods that not only collect the correct cyber data from modeling and simulation (M&S) federated and non-federated simulations, but help identify what data should be collected and how it should be collected for analysis and protection requirements.

DESCRIPTION: There is a need to better understand the health and status of M&S systems that connect to larger M&S systems. Most models focus on the object of representation and little technical rigor and planning is conducted for many of the cybersecurity risks. Government M&S needs a novel method for automatically collecting and analyzing the health and status of cybersecurity data for individual models and simulations that can also be used in a large federated or integrated system-level simulation. A key aspect of this technology needs to focus on data protection and making the cybersecurity data collected easily accessible yet secure. A new approach to cyber operations is a key to success. This effort should focus on the awareness aspect of that approach involving automated systems and processes to provide a complete, accurate, real-time understanding of the health and status of the network(s). The maturity of the cyber model should be “Information Enabled” and indicate that the organization(s) within the community are all aware of the issues related to security and have the processes and mechanisms in place to identify security relevant events. The goal at this level is to improve upon the information sharing mechanisms within the community to enable the community to effectively correlate seemingly disparate pieces of information, especially information relevant to cybersecurity.

PHASE I: Develop a proof of concept design/study and a concept of operations. Identify designs/models, and conduct a feasibility assessment for the proposed mathematical technique, model, and/or methods. Work should clearly validate the viability of the proposed solution with a clear concept-of-operation document. The contractor should identify the strengths/weaknesses associated with different solutions, methods, and concepts.

PHASE II: Based on the results and findings of Phase I, develop and refine the proposed solution. Validate the feasibility of the Phase I concept by development and demonstrations that will be tested to ensure performance objectives are met. Validation would include, but is not limited to, system simulations, operation in test-beds, or operation in a demonstration subsystem. This phase should result in a prototype with substantial commercialization potential. This prototype design will be used to form the development and implementation of a mature, full-scale capability in Phase III.

PHASE III DUAL USE APPLICATIONS: The contractor will apply the innovations demonstrated in the first two phases to one or more missile defense applications. The objective is to demonstrate the scalability of the developed technology, transition the component technology to the missile defense M&S Enterprise, mature it for insertion, and demonstrate the technology in M&S environments.

The contractor will pursue commercialization of the various technologies and models developed in Phase II for potential commercial uses in cybersecurity. Scale-up the capability from the prototype utilizing the new hardware and/or software technologies developed in Phase II into a mature, field-able capability


  • B. Van Leeuwen, V. Urias, J. Eldridge, C. Villamarin, and R. Olsberg. October 31 – November 3, 2010. "Performing cyber security analysis using a live, virtual, and constructive (LVC) testbed." Military Communications Conference 2010. 1806-1811.
  • M. Djekic. November 25, 2015. “How Mature is Your Cyber Security Model?” Australian Science. Retrieved from

KEYWORDS: system of systems simulations, cybersecurity, enterprise, modeling and simulation, software development testing, simulation testing, automation

US Flag An Official Website of the United States Government