You are here

Simulated Cyber Opposing Force (OPFOR) for Live Virtual Constructive & Gaming (LVC&G) Training Simulations

Description:

TECHNOLOGY AREA(S): Human Systems 

OBJECTIVE: Develop innovative methods and software tools that simulate a Cyber OPFOR within the architectures used by the Army’s current LVC&G Simulation Systems. The OPFOR should be able to both offensively attack and defensively counter Blue Force (BLUFOR) attacks. 

DESCRIPTION: As the Army continually develops a force capable of meeting the challenges of 2025 and beyond, the domain of Cyberspace is exponentially important. The U.S. Army Operating Concept states, “Enemies and adversaries collaborate as contests in space and cyberspace extend to and affect tactical operations.” The realization that Cyberspace is a warfighting domain has simulation and training program managers struggling to identify the best solution to implement cyber warfare effects into the training domain. Current training simulations among the LVC&G domains lack a cyber implementation. Some prototypes that provide basic cyber effects in LVC&G simulations exist, but they lack the ability to represent an OPFOR that can both attack and defend in the cyber environment. The Combat Training Centers leverage Army Cyber expertise to execute cyber training pilots that integrate cyber effects into the operational environment, largely for and/or against Brigade Combat Teams. These exercises use actual cyber or electronic warfare systems to demonstrate potential BLUFOR Mission Command System (MCS) compromise or provide the BLUFOR with offensive and defensive cyber capabilities. These scenarios are groundbreaking in that they force trainees to recognize system compromise while simultaneously planning defensive and offensive operations of their own. However, Army LVC&G systems lack a simulated training environment of this nature at all echelons. This includes the ability of an intelligent OPFOR that can both attack and defend providing a robust training event. A common mantra in our research is a desire for a BLUFOR trainee who is the subject of a cyberattack to have the ability to react, make decisions to affect the effects of the attack, and, in certain scenarios, conduct a counter attack to affect the OPFOR. The focus of this SBIR topic is to research innovative approaches to implement OPFOR cyber effects (both offensive and defensive) in training simulations with the goal of being part of an overall architecture and strategy that the Army’s various LVC&G training simulations could follow. An initial starting point could be current work that is taking place on operational system cyber testing and how these approaches could become more flexible and scalable to accommodate new training missions within the existing training system architectures. The potential scope of this research includes tactical OPFOR cyber effects on MCS, kinetic effects of Computer Network Attacks , Electronic Warfare Attacks, and cellular/satellite networks. Currently, none of the Army’s major Constructive and Virtual simulations have an approach or strategy to implement a Cyber OPFOR across their systems. Another great challenge of the cyber simulation area is that the training requirements of different training audiences are either not defined or sketchy at best. This makes it impossible for the major LVC&G programs to move forward in adding the Cyber environment. It is probable that the cyber learning requirements/goals will vary by user; leaders in Constructive simulations may want training to identify the basic effect of attacks and delegate orders to develop contingencies whereas Live operators may want to directly train on range equipment. The system should allow the detection, response, and recovery processes to cyberattacks to be effectively practiced/rehearsed by the trainees. The goal of this SBIR’s prototype is to provide a Cyber Operations (CyberOps) training capability to the Army training community that shows them the potential methods to incorporate the injection of CyberOps effects via an intelligent Cyber OPFOR into their training solutions so that the trainees can recognize cyber-attacks and make recovery decisions accordingly. Cyber range events often compromise Information Assurance (IA) requirements. However, the proposed system must maintain the IA compliance requirements necessary for training systems. 

PHASE I: Conduct an analysis of current Army LVC&G simulations and architectures and determine innovative solutions to create a simulated OPFOR that can conduct offensive and defensive CyberOps against the BLUFOR. Identify the training audience in the simulation and mission related events. This design will allow the trainees to make proper decisions to maximize the scenario’s outcome. Select an LVC&G system to be the focus of your prototypes. Determine how cyber events can be effectively trained on the selected LVC&G systems you have selected to focus on. Look at current Red Team strategies in the systems development and develop a concept to replicate them in your prototype. Develop a system design that includes requirements, specifications, operational training concept, interface designs, and graphical interfaces. Provide a report on design approach and overall system design. 

PHASE II: Develop a prototype of the OPFOR cyber simulation design. Test and verify its usability to add cyber training effects to the selected LVC&G simulation. Metrics include the system’s ability to conduct OPFOR cyber operations and simulate a training audience’s wide variety of possible cyberattacks (e.g. malware attack, EW jamming, hacking, social engineering, insider threat, kinetic attack etc.) providing realistic effects to a training audience so they can determine the nature of the attack and react/counterattack as appropriate. The OPFOR should react in a intelligent manner. Show how the prototype design could have the ability to be a training architecture that would allow for simulated OPFOR cyber effects across the LVC&G training domains. 

PHASE III: This research has enormous dual use potential. Commercial organizations could potentially use many of the cyber simulations to training their cyber and management teams to protect from cyberattacks. They all need a red teaming strategy that provides trainees with a robust training environment. Presently, there is a large market need for training commercial sector systems operators in cyber-related activities. Depending on the approaches taken, the models and simulations generated by this effort have the potential to meet the needs of this market. 

REFERENCES: 

1: TC 7-100.2 Opposing Force Tactics, December 2011, Headquarters Department of the Army, Chapter 7 Informational Warfare.

2:  Shakarian, P et al, "Introduction to Cyber-Warfare" A Multidisciplinary Approach", Syngress/Elsevier, 2013

3:  Marshall, H et.al. "Development of a Cyber Warfare Training Prototype for Current Simulations" Simulation Interoperability Workshop, Fall 2014

4:  PEO STRI Public website http://www.peostri.army.mil/

KEYWORDS: Cyber, Cyber Warfare, Cyber Offense, Cyber Battlefield Operating Systems (BOS), Cyber Defense, Computer Network Attack (CAN, Training, Mission Command Systems (MCS), Live–Virtual-Constructive (LVC) 

CONTACT(S): 

Henry Marshall 

(407) 384-3820 

henry.a.marshall.civ@mail.mil 

Nathan Vey 

(407) 208-3392 

US Flag An Official Website of the United States Government