TECHNOLOGY AREA(S): Info Systems, Human Systems
OBJECTIVE: Design, develop and demonstrate an architecture and cyber threat simulation software that can safely, securely, and realistically degrade critical surface warfare capabilities in support of Fleet mission assurance and Continuity of Operations (COOP) training requirements.
DESCRIPTION: Historically, the primary methods for representing cyber threats in exercises are live red teams and scenario white cards. Live red teams produce realistic results, but are limited in their availability and the scope of what they can accomplish given real-world and exercise constraints. White cards artificially impose a degraded or denied condition on the training audience for a period of time, but offer little or no opportunity for the training audience to realistically experience and respond to the threat. Recent Secretary of Defense  and Chairman of the Joint Chiefs of Staff  requirements and guidance has led to the development of a variety of training technologies that are capable of safely and securely representing cyber effects on operational-level networks, systems and hosts. These technologies are slowly being introduced into battle staff training programs in order to satisfy requirements for Joint mission assurance and COOP [3,4]. Similar capabilities are needed at the tactical level to provide fleet surface warfare operators and leaders the opportunity to develop and practice Concepts of Operations (CONOPS) and Tactics, Techniques, and Procedures (TTP) for "fighting through" degraded and denied conditions. Potential degraded and denied conditions include network performance degradation, data manipulation, and host denial. Degraded Synthetic Training (DST) solutions must be compatible with existing Fleet training architectures including the Navy Continuous Training Environment and the Navy Training Federation and DoD and Navy information assurance requirements as described by the Risk Management Framework. Effective command and control and situational awareness of degraded and denied conditions is also required to ensure effects can be accurately and securely delivered, monitored, and rescinded in accordance with exercise control processes and procedures. DST solutions will improve Fleet readiness by providing opportunities to safely train and exercise in a cyber-contested environment.
PHASE I: Develop a concept and a preliminary architecture and cyber threat simulation software to safely, securely, and realistically incorporate degraded and denied conditions into Fleet synthetic training events. Detail which Navy training architectures, standards, models and simulations, and interfaces need to be updated to include DST effects representations and how those capabilities will be affected by and interfaced to one another. Determine what operational and tactical-level training requirements would be addressed by the implementation of the recommended updates.
PHASE II: Based on the Phase I effort, update the DST concept, develop the detailed design of a DST prototype, and develop a functional DST prototype. The prototype design and implementation must be compatible with the Navy training architectures and standards outlined above. Demonstrate prototype features, including degradation of tactical surface warfare systems, in a representative Fleet synthetic training environment.
PHASE III: Mature and transition the DST architecture and cyber threat simulation software to the Navys Fleet synthetic training program. Employ the architecture and the software in support of Fleet synthetic training and exercises. Ensure the solutions address the full scope of the concept and all required documentation and training material is finalized. Private Sector Commercial Potential: Cyber attacks are occurring at an alarming rate and targets include the private-sector in addition to the DoD. Cyber effects developed in this STTR could be leveraged by the private-sector in training their personnel.
1. Carter, A. (2015). The DoD Cyber Strategy. http://www.defense.gov/Portals/1/features/2015/0415_cyber-strategy/Final_2015_DoD_CYBER_STRATEGY_for_web.pdf
2. Goldfein, D., (2014). CJCSI 3500.01H, Joint Training Policy for the Armed Forces of the United States, http://dtic.mil/cjcs_directives/cdata/unlimit/3500_01.pdf
3. Morse, K., & Drake, D., & Wells, D., & Bryan, D. (2014). Realizing the Cyber Operational Architecture Training System (COATS) Through Standards. 2014 Fall Simulation Interoperability Workshop.
4. Wells, D., & Bryan, D. (2015). Cyber Operational Architecture Training System “ Cyber for All. 2015 I/ITSEC.-
KEYWORDS: Cyber, Mission Assurance, Continuity Of Operations, Modeling And Simulation, Training, System Degradation