LVC Environment to Support System-of-System Cyber Testing
(Room S320B)
30 Nov 17
11:30 AM
-
12:00 PM
Much of the cyber simulation investment has been focused on the training community. The goal of the cyber training environments is to present the training audience with the effects of cyber-attacks. This is often done by white carding the effects or by using simulations to model the effects. This approach does not work well for testing cyber-attacks against systems. Testing requires actual cyber-attacks. Penetration testing is performed against individual systems and can be used to find many attack surfaces. However, another set of attack vectors can be uncovered when the systems are operated in an operationally realistic environment. Creating a cyber systems-of-systems test environment requires simulation of multiple data feeds to the systems under test. These data feeds must be consistent with each other and at the correct scale to provide a realistic load on the system. This can be done with a mixture of tactical systems and simulations. The other challenge is to establish networks and processes that allow the introduction of live cyber-attacks. A group of organizations located at Redstone Arsenal teamed together to create an environment for cyber testing systems developed by the team using a LVC distributed systems-of-systems approach. This required creating a set of processes to allow collaboration across the different organizations to document and plan the cyber test activities. The organizations had to standup a new network that allowed for the introduction of cyber-attacks. Additionally, the team integrated a set of simulations to stimulate the systems under test with the required tactical information exchanges. To prove out the concept the organizations created a verification event to test the environment. This paper will document the challenges and solutions the team encountered in the development of the test environment as well as the results from the event.