national cyber range complex - dau sponsored...2018 national defense strategy - us secretary of...
TRANSCRIPT
1
National Cyber Range Complex 15 May 2019
Christina CrowleyNCRC Director - Patuxent River SiteIntegrated Battlespace Simulation and Test Department (IBST), [email protected](301)-757-3095
2
Cybersecurity Testing – a DOD Imperative
Director, Operational Test and Evaluation FY 2016 Annual Report:“…our threats are increasing their capabilities faster than our test infrastructure…I cannot emphasize enough the need for early, adequate, realistic, and rigorous independent operational testing on all systems to ensure what is being developed will, in fact, provide our Service men and women the capabilities they need in combat.”
“The cyber threat has become as real a threat to U.S. military forces as the missile, artillery, aviation, and electronic warfare threats which have been represented in operational testing for decades.”
“Operational Test Agencies (OTAs) will include cyber threats among the threats to be encountered in operational testing for DOT&E oversight systems with the same rigor as other threats.”
“All oversight systems capable of sending or receiving digital information are required to conduct cybersecurity testing.”
OSD (DOT&E) Apr 2014 Memo Procedures for Operational Test and Evaluation of Cybersecurity in Acquisition Programs:
2018 National Defense Strategy - US Secretary of Defense Jim Mattis
“We will also invest in cyber defense, resilience, and the continued integration of cyber capabilities into the full spectrum of military operations”
3
What is a “Cyber Range”?
The NCRC provides virtualized, high-fidelity representations of cyber-contested environments
▼ Traditional Open Air Ranges Physical Environment
− Weapons Testing− Mission Rehearsal− TTP Development
▼ Cyber Ranges Virtual Environment
− Cyber Capabilities Testing− Mission Rehearsal− TTP Development
4
NCRC at a Glance
Automation Maximizes Utilization of Range Resources
SME Available for Planning, Design, Execution, OPFOR and Analysis
Hi-fidelity Virtualized Representations of Networks, Platforms, C2, etc.
Mission: Improve the resiliency of our nation in the cyber-contested battlespace by conducting testing, training, and mission rehearsal in operationally-representative cyberspace environments
NCRC Key Capabilities
• Rapid emulation of complex, operationally representative network environments
• Automation provides significant efficiencies that enables high OPTEMPO
• Sanitization to restore all exposed systems to a known, clean state
• Support multiple concurrent events at varying classification levels
• Secure connectivity
Typical NCRC Use Cases
• Vulnerability Assessment
• Cyber Mission Force Training
• Product/Solution Evaluations
• Architecture Evaluations
Expanding Capacity to Meet Demand
Existing NCRC Sites
5
NCRC Key Capabilities• Rapid emulation of complex & operationally representative network
environments Red/Blue/Gray networked environments Operational systems (e.g., weapon, C2, business, etc.) Realistic traffic types, flows, & scale Customized instrumentation
• Automation provides significant efficiencies that enables high OPTEMPO Time to deploy environments on the order of hours Minimizes potential for human error and ensures capability to replicate scenarios &
phenomena
• Sanitization to restore all exposed systems to a known, clean state Allows assets to be reused even when they are exposed to the most malicious and
sophisticated uncharacterized code (i.e., “non-destructive” cyber testing)
• Support multiple concurrent tests at varying classification levels Events, users & data are isolated
• Secure connectivity Integration of distributed capabilities (e.g., HWIL, SILs, etc.) Remote user access
Provides customers with a unique set of cybersecurity test, evaluation, and training capabilities
6
NCRC Expansion Program
The Right Team Enabled by the
Right Technology
New NCRC Sites Currently in Development:• Patuxent River, MD (NAWCAD)• Charleston, SC (NIWC)• Eglin AFB, FL (96th Cyberspace Test Group) • Orlando, FL (TRMC New Site) Group)
NCRC Site Buildout Phases• Facility Preparation• NCRC Core Infrastructure Installation• Workforce Acquisition and Training• Initial Operational Capability• Full Operational Capability
VISION: At maturity, the NCRC will consist of an integrated and interoperable constellation of facilities designed to enable the planning and execution of very large-scale, complex, distributed cybersecurity events to satisfy customer requirements in the domains of R&D, S&T, DT&E, OT&E, training, exercises, and mission rehearsal.
7
NCRC Expansion Sites
NCRC
Charleston
PAX River
Orlando
Eglin
8
Cyber Range Facilities
• Accredited SCIF• Classified Data Center
Compute, storage, memory, licensing, etc. Management tools suite Environment Tool suite Security architecture to segregate events
• Integrated Development Environment Small-scale replica of the classified data center Development and refinement of the management tool suite Assessment and integration of new tools and technologies Event staging
• Dedicated Event Rooms Reconfigurable with access to the event environment Onsite user planning, execution and analysis of events
9
Typical National Cyber Range Complex Use Cases
• Vulnerability Assessment How resilient is a System or a System-of-Systems (SoS) to a given set of threats?
What are the external system dependencies that can impact overall cybersecurity posture?
What is the impact to mission effectiveness?
• Cyber Mission Force (CMF) Training Create realistic mission-tailored, unconstrained environments (at scale) to support
training, certification, and exercises
Provide the most realistic training possible from classroom to force-on-force
Enable cyber operators to train from home station
• Product / Solution Evaluations Does adding a new product increase or decrease your security posture?
How well does the product perform in different scenarios?
• Architecture Evaluations Remove lab constraints and evaluate system architectures at scale
10
NCRC Event Planning, Operations & Support(EPOS)
• At each new NCRC site, the key workforce positions will only be partially filled by government personnel from the gaining Service organizations
• Additional contractor personnel will need to be acquired in order for each site to become operational
• The NCRC EPOS contracting strategy will enable the government to satisfy growing requirements in the cyber T&E, training, and mission rehearsal domains.
• EPOS will serve as the government’s mechanism to leverage the industry’s highly skilled workforce to conduct:
– Event planning– Event design & engineering– Event execution– Event analysis & reporting– Range maintenance & supporting activities– Innovation Council
• Promote Competition• Expand the Pool of Qualified
Performers
11
Summary
• The demand for cyber range resources continues to increase The DoD is placing increased emphasis on the need to consistently incorporate realistic
cybersecurity Test and Training at all levels and phases Early identification of system vulnerabilities can make them easier and cheaper to fix TRMC in partnership with the Services is increasing capacity to meet the growing
requirements
• NCRC provides customers with a unique set of cybersecurity Test and Training skills and capabilities Enable the acquisition community to conduct system or System-of-Systems (SoS)
cybersecurity test and evaluation events that are tailored to meet program requirements throughout its acquisition lifecycle
Enable the training community to conduct realistic cybersecurity training in environments that closely replicate the real world