DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D....
Transcript of DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D....
![Page 1: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/1.jpg)
1
DoD Executive Agent for Cyber Test Ranges
2019 Cyber Security Workshop:
March 28, 2019
Mr. Chip Ferguson, Deputy EA for Cyber Test
Ranges
![Page 2: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/2.jpg)
2
Agenda
• Authorities
• Vision
• Needs Development
• Investments
![Page 3: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/3.jpg)
3
10 U.S.C. Section 392 / DoDD 5101.19E require the Cyber Range EAs to:
1) Develop the Biennial Integrated Plan which includes:a. Maintaining comprehensive list of cyber test & training capabilities (DoD and non-DoD)
b. Organizing and managing designated test capabilities• Establish priorities
• Develop and Enforce standards
• Guidance to integrate designated capabilities
• Finding cost reductions
• Add or consolidate cyber test capabilities
• Enhance quality and expertise of workforce
• Coordinate with interagency and industry partners
c. Define architectures to:• Meet evolving needs
• Coordinate with interagency and industry partners
• Allows integrated, closed loop testing of cyber and EW capabilities
• Supports S&T, R&D, DT&E, OT&E, etc.
• Connectivity with other existing cyber ranges and other
kinetic range facilities
2) Certify all cyber range investments of the DoD
3) Generate requirements and standards for cyber security test infrastructure.
Cyber Ranges EA Authorities
First Biennial Integrated
Plan completed in 2017
![Page 4: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/4.jpg)
4
EA Update –Cyber Test Range EA Organization
Chief Financial Officer
Chief Operating Officer
Deputy EA for Cyber Test
Ranges
Air Force Range
Oversight
Army Range
Oversight
Defense Wide
Test
Infrastructure
Navy Range
Oversight
Budget
Certification
Deputy Director, T&E Range Oversight
Deputy PM,
CTEIP //
PM, REP
PM, CTEIP
Deputy PM,
T&E/S&T
Director,
TENA SDA
Deputy PM,
JMETC
Director,
NCR Complex
Deputy
Director,
NCR Complex
Deputy Director, Major Initiatives and Technical Analyses
PM, T&E/S&T // PM, JMETC
PM, NCR Complex Expansion
Principal Deputy, TRMC
Ms. Denise De La Cruz (Acting)
Under Secretary of Defense for Research and Engineering
The Honorable Michael D. Griffin
Mr. James Faist
Dir, TRMC
![Page 5: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/5.jpg)
5
The CT&EI is composed of existing non-kinetic Cyber test capabilities integrated with representations of kinetic and C2
systems (e.g., hardware-in-the-loop (HWIL) facilities, system integration labs (SILs), and software-in-the-loop (SWIL)
facilities) via network connectivity, enabling testing those systems in a realistic combat, including cyber and interoperability,
environment. We have to integrate these existing facilities in a cyber environment with low risk of damage.
Cyber T&E Infrastructure (CT&EI) OV-1b
Army
Marine
CorpsAir Force
Army
Cyber
Test
Complex
Navy
Cyber
Test
Complex
Air Force
Cyber Test
Complex
NCRC /
JMN
NavyHWILs
ISTFs
SILs
Test Ranges
Test Ranges
HWILs
ISTFs
SILs
MCCR
(via JIOR/CSR)
HWILs
ISTFs
SILs
Test Ranges
Aligned Capabilities
(as necessary and
coordinated with the
Component)
Work with
Cyber
Training
Range EA to
Achieve
Common
Architecture
and Standards
Other
Designated
Cyber Ranges
C4AD
CSR
JIOR
External Partners:Industry, Non-DoD
Academia, etc.
TRMC Cyber Complex
![Page 6: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/6.jpg)
6
Cyber Test Range Needs Development
FOR OFFICIAL USE ONLY
• Background
– One-time opportunity to jump-start cyber range needs generation process by identifying
initial set of cyber range gaps and priorities. Accomplished through a RAND Study and
validation by the Services and Agencies on the Cyber Test Range Requirements
Working Group (CTRRWG).
• Issues
– Allocation of needs
Initiated RAND Needs Study
RAND completed
Needs Study
CTRRWG & RAND tasked to
independently prioritize
developed needs
Cyber Test Range EA staff combined both list into single
score card
EA for Cyber Test Ranges developing
plan to address needs
![Page 7: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/7.jpg)
7
Cyber Range Needs Study Results
• Number 1 need – People
• Prioritized by the Cyber Test Range Requirements Working
Group and RAND
– High priority list has 31, e.g.,
• Model the effects of cyber attacks to enable the evaluation of risks to mission
• Standards for accrediting and using vulnerability assessment teams not certified
by NSA
• Central database of plans and schedules for events on all cyber ranges
• Capability to generate realistic traffic on networks, both IP and non-IP
• Cyber testing of full-up systems using replicating malware
• System integration/test capability comprised by combination of system
components -- HWIL and virtualized
• Test protocols/TEMPS include early testing to establish mission impacts
• Instrumentation that demonstrates physical damage without actually having to
test-to-failure
![Page 8: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/8.jpg)
9
TRMC Cyber Investment/Demonstration/Transition
Alignment
PTRMC Advanced TechnologyDevelopment (6.3) Cyber Roadmap
PTRMC Central T&E InvestmentProgram (6.4) CTEIP [Cyber]
Technology Transition Plan
Integrated Cyber Range Prioritized Needs
Technology Transition Plan
DoD Cyber Range Infrastructure
![Page 9: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/9.jpg)
10
Cyberspace Test Technology (CTT)6.3 Advanced Technology Domains
• Develop advanced technologies and methodologies to test and
evaluate DoD capabilities and information networks to defend
and conduct full-spectrum military operations across cyberspace
• Three Domains of CTT
![Page 10: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/10.jpg)
11
TRMC Cyberspace Test Technology6.3 Advanced Technology Domains
Cyber Threat Automation & Monitoring (CTAM)
Aircraft Avionics
Attestation
Technologies (A3T)
Automated Cyber Test Tool (ACTT)-VOLTRON
Testing the Behavior of Malware
TMAL
![Page 11: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/11.jpg)
12
Cyber Threat Automation & Monitoring (CTAM)
• Description: Developing
technologies to detect,
monitor, and analyze malware
behavior during cyber attacks
in a virtualized T&E
environment
• Enables
– Fine-grain introspection/data
collection/monitoring
– Deep Machine Learning and
Advanced Cyber Analytics
– Analysis and threat assessment to
understand impacts to systems
under test
![Page 12: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/12.jpg)
13
Aircraft Avionics Attestation Technologies (A3T)
• Description: A capability to
systematically verify
(attest) that all persistent
storage in an aircraft’s
avionics subsystems have
not been altered
• Enables:
– Guarantees that a weapon
system has not been modified
from gold standard by malicious
action or legitimate cyber T&E
activities
![Page 13: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/13.jpg)
14
Automated Cyber Test Tool (ACTT)-VOLTRON
• Description: Developing tools to
discover and remediate weapon
system cyber vulnerabilities
• Enables:
– Evaluation of systems under test using
automated means to find and fix vulnerabilities
otherwise unknown to OEMs and the DoD
![Page 14: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/14.jpg)
15
Testing the Behavior of Malware (TMAL)
Replicate the functionality of malware that
will work in the distributed environments of
the NCR and MRTFB environments. The
malware with beaconing and a dummy
payload will provide the means to track the
exploits behavior safely in a distributed
testing environment.
![Page 15: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/15.jpg)
16
Central Test and Evaluation Investment Program (CTEIP) 6.4
Cyber Tools for Aviation Systems Testing
(CTAST)
Cyber Test Analysis and Simulation
Environment (Cyber TASE)
![Page 16: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/16.jpg)
17
CTIEP: Cyber Test Analysis and Simulation Environment
(Cyber TASE)
• Description: Provides data collection, aggregation, and visualization to enable an analyst to monitor and analyze the cause, effect, and impact of cyber activity on a system under test (SUT)
![Page 17: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/17.jpg)
18
CTEIP: Cyber Tools for Aviation Systems Testing (CTAST)
• Description: Integrated
hardware/software suite
that enables a test
capability to assess
cyber impacts (red and
blue) on the ability of
embedded aviation
systems to perform their
mission in a cyber
contested environment
![Page 18: DoD Executive Agent for Cyber Test Ranges - Home - ITEA · 2019-03-28 · The Honorable Michael D. Griffin Mr. James Faist ... blue) on the ability of embedded aviation systems to](https://reader033.fdocuments.in/reader033/viewer/2022043022/5f3deef5263548047a58cf3f/html5/thumbnails/18.jpg)
19
Points of Contact
Deputy Cyber T&E Range EA: Chip [email protected]
571-372-2697
Dr. Mike Lilienthal
Jeff McNeil
571-372-2707
Westley Moore
Lenny Moskal