SDL/08-341A Cyber Security
Transcript of SDL/08-341A Cyber Security
SDL and consortium team members recently developed
CyberSMART, the Cyber Scenario Modeling and Reporting Tool.
This web-based application allows a widely dispersed team of
scenario developers to e�ciently collaborate and capture the
information necessary to plan complex cyber incident
preparedness exercises. These exercises help to examine an
organization’s capability to prepare for, protect from, and
respond to potential cyber-attacks, thereby strengthening their
security, readiness, and incident response capabilities.
The CyberSMART™ Exercise Execution Engine is used to carry
out cyber exercises to provide participants with exercise injects
from the Master Scenario Events List (MSEL) generated in the
planning phase. It enables an Exercise Controller to manage the
MSEL and the exercise by controlling scenario time and
dynamically changing the MSEL injects as necessary. By design,
when an MSEL inject is ready for execution, it is delivered to the
speci�ed target organizations. These injects arrive in player
dashboards via an intuitive, email-like interface where players
may view the observable e�ects of the inject and respond
accordingly. The inject delivery system supports multiple media
types to allow for an engaging atmosphere. Players use this
email-like system to respond to the injected event for
after-action review and to communicate with other
participants.
As a founding member of the Cyber Con�ict Research
Consortium, the Space Dynamics Laboratory (SDL) works in
collaboration with leading universities and policy research
institutions nationwide to support the Department of
Homeland Security and military customers with cyber security
exercise planning tools and expertise.
CYBER SCENARIO PLANNING, MODELING, & EXECUTIONCYBER SCENARIO PLANNING, MODELING, & EXECUTION
SDL/11-486C
Cyber Security
1695 North Research Park Way • North Logan, Utah 84341 • Phone 435.713.3568 • www.sdl.usu.edu
SDL helps develop tools used during scenario-based cyber security exercises that determine an organization’s capability to respond to potential cyber-attacks
S C E N A R I O M O D E L I N G & R E P O R T I N G T O O L
A system-wide instant chat window is also available to allow for
communication between participants. CyberSMART™ is an
easily scalable tool, allowing for the planning and execution of
both small and large exercises. SDL is continuing research and
development of CyberSMART and expanding its capabilities to
support full scale exercises.
Editable CyberSMART MSEL timeline broken down by problem sets, event threads, and individual events
DECIDE-FS provides a multi-user/role environment to simulate and assess cyber-attack e�ects
1695 North Research Park Way • North Logan, Utah 84341 • Phone 435.713.3500 • www.sdl.usu.edu
SDL is also working with the consortium to develop a multi-user
simulation tool to assess the impact of cyber-attacks on
organizations and enterprises within critical infrastructure
sectors. DECIDE-FS™ (Distributed Environment for Critical
Infrastructure Decision-making Exercises-Financial Sector™) is a
highly �exible, user-friendly product that enables enterprise risk
managers and business professionals to collaboratively (through
multi-party exercises) and individually (through internal use)
assess the impact of potentially catastrophic disruptions to large
portions of their value chain or sector-wide events.
DECIDE allows users to simulate critical electronic transactions
across systems, routes, and organizations that can mirror their
real life counterparts. Large time spans of data are simulated
over a short time to allow decision makers to quickly see
the e�ects of their decisions over time. Their decisions and
performance, like in the real world, a�ect the decisions and
performance of their peers in the simulation. DECIDE allows
decision and policy makers to unite to make decisions that
mitigate losses.
DECIDE makes available a large array of scenario injects,
or attacks, to the scenario development team. This allows
participants to develop and experience a wide range of
unique scenarios resulting in varying levels of critical response
knowledge relative to their sector.
The DECIDE tool is currently being used in a series of exercises
to assess and improve operational risk management, crisis
planning, and recovery planning in the banking and �nance
sector.
DECIDE-FS™ FEATURES· Provides a distributed simulation environment to support
multiple players· Creates a new kind of immersive infrastructure protection
exercise to facilitate discovery· Simulates transaction data through systems, routes, &
organizations· Simulates data corruption, latency, availability, & market
integrity issues· Supports the natural decision cycle with “closed loop” exercises
CYBER SCENARIO PLANNING, MODELING, & EXECUTION