Cyber Situational Awareness Exercises
A US Strategic Command test and experimentation team was chartered to explore how the degree of cyberspace situational awareness integration affects the Joint Force Commander’s ability to make timely and informed C2 decisions of forces in all domains. Located at Offutt Air Force Base near Omaha, Neb., US Strategic Command (US STRATCOM) is one of nine unified commands in the Department of Defense. One of the components of STRATCOM is the US Cyber Command, which is responsible for planning, coordinating, integrating, synchronizing, and directing activities to operate and defend the Department of Defense information networks, and, when directed, conducts full spectrum military cyberspace operations in order to ensure U.S. and allied freedom of action in cyberspace, while denying the same to our adversaries.
SCALABLE is working with STRATCOM in a number of areas, including a cyber warfare training platform where it was essential to create realistic experiments with a conservative budget. SCALABLE’s engineering team needed to replicate a real-world network, system and application geometry, along with realistic cyber behavioral elements, for the experiments without having to create an expensive, unwieldy large-scale physical network infrastructure. The proposed experiments were to be live force-on-force exercises that accurately reflected both observed and expected C2 situations. The majority of players needed to participate in the exercises from remote locations.
EXata was chosen to create a sophisticated virtual network model that was integrated with a range of live equipment and applications via a system-in-the-loop interface. Specific details include:
- Over 300 network nodes and associated network traffic representing Blue Force, Red Force and commercial network infrastructure
- Three base scenarios with nine variations; these were geographically accurate, extending from Hawaii to SE Asia with dynamic platform positions sent in real-time
- Complex network topology (IPv4 and OSPF) with 32 wireless subnets for tactical, cellular, and UHF traffic, plus two “super” wired networks representing Blue Force and public network infrastructure
- The majority of the platform supported both wired and wireless interfaces (up to 16)
- Blue, Red and Gray Forces “cyber terrain” populated with cyber events (DDOS, wireless jamming…) targeting key elements
- Mechanisms to stimulate live network intrusion detection systems (IDS), network management tools and other cyber common operating picture tools (“Cyber COPs”) over the course of the experiment
The experiments were successfully executed over a series of events throughout a week. They hosted over 40 players across four distributed locations in Maryland, Virginia and the United Kingdom. The conclusions reached after an analysis of the data produced from the various scenarios led US STRATCOM to authorize additional experiments in specifically targeted areas.
Based on our previous success, SCALABLE is under contract with STRATCOM to adapt the EXata/Cyber simulation platform to meet some very specific training needs. This cyberwarfare training system will enable users to:
- Build detailed software virtual networks comprised of both standard routers, switches, hubs, wireless access points, base stations, and mobile users, and customized DoD-specific communications equipment
- Control per-layer and per-event animation in 2D and 3D to visualize communications behavior
- Leverage extensible libraries that model encryption, authentication, key distribution and certificate management, wormhole attacks, network intrusion, and other adversaries
- Learn about eavesdropping, radio jamming attacks, and distributed denial of service (DDoS) attack
SCALABLE has continued working with STRATCOM and developed a series of Limited Objective Experiment (LOE) cyber exercises. The Joint Concept for Cyberspace (JCC) link provides background for the LOE work.