NATIONAL CYBER RANGE - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

NATIONAL CYBER RANGE

Description:

Emulate human activity across a variety of network components. technology needed to emulate social engineering (manipulation) and dynamic ... – PowerPoint PPT presentation

Number of Views:1150
Avg rating:3.0/5.0
Slides: 14
Provided by: drmichael5
Category:
Tags: cyber | national | range

less

Transcript and Presenter's Notes

Title: NATIONAL CYBER RANGE


1
NATIONAL CYBER RANGE
  • s

Cyber test environment supporting the
Comprehensive National Cybersecurity Initiative
(CNCI)
Barbara McQuiston Office Director Michael
VanPutte, Ph.D.Program Manager
UNCLASSIFIED Distribution Statement A (Approved
for Public Release, Distribution Unlimited)
2
What is the Comprehensive National Cybersecurity
Initiative (CNCI)
  • On January 8, 2008, President Bush issued
    National Security Presidential Directive
    54/Homeland Security Presidential Directive 23
  • Formalized the Comprehensive National
    Cybersecurity Initiative
  • Instituted a series of continuous efforts to
    further safeguard our federal government systems
    from cyber threats and attacks
  • The CNCI is focused on three key areas
  • Establish a frontline defense (reducing current
    vulnerabilities and preventing intrusions)
  • Defend against the full spectrum of threats by
    using intelligence and strengthening supply chain
    security and
  • Shape the future environment by enhancing our
    research, development, and education as well as
    investing in leap-ahead technologies.

3
What is the cyber threat?
  • There has been increased malicious cyber activity
    directed at the U.S. Government over the past few
    years
  • This activity is growing more sophisticated, more
    targeted, and more prevalent
  • Cyber threats don't come in one variety
  • A single individual acting as a hacker
  • An organized criminal group stealing personal or
    financial information to exploit for ill-gotten
    gain
  • A hacker trying to breach a system simply in
    order to show that he or she can do it
  • Nation states engaged in cyber espionage against
    governments and businesses
  • Terrorist group seeking to cause very real damage
    to our systems and to our country
  • Malicious attacks are often used to
  • Steal information
  • Disrupt, deny access to, degrade or destroy
    critical federal information systems
  • These attacks have the potential to prevent the
    efficient operations of vital systems
  • Because of the interdependence of our society
    economy on information systems, a cyber attack
    would have cascading effects across the country
    and across the world

4
Why cant we defend against these threats today?
  • Many of the commercial systems we rely on today
    were designed for use in home and small
    businesses, and were not designed from the
    bottom-up to operate in hostile environments.
  • With increased Internet connectivity, there is
    more access from more places, which offer an ever
    increasing number of malicious actors access to
    the Nations interconnected information systems
    on which we rely at home and at work.
  • Cyber adversaries can adapt rapidly to an
    ever-changing environment, and are able to attack
    at the time and place of their choosing.
  • The information on which we rely is more and more
    complex, interconnected, and interdependent, and
    increasing technological complexity increases the
    difficulty in securing that same technology.

5
National Cyber Range
Adaptable, multi-dimensional, heterogeneous cyber
test environment The Nations environment for
cyber research
The National Cyber Range is the measurement
capability providing a realistic quantifiable
assessment of the Nations cyber research and
development technologies, enabling a revolution
in national cyber capabilities and accelerate
transition of these technologies
Leap-ahead research and quantifiable assessment
of cyber tools, processes, and architectures
facilitates
The National Cyber Range will allow classified
and unclassified researchers to measure their
progress in either a classified or
unclassified environment, against
appropriate threats with sufficient timeliness
and accuracy, to allow corrections and
needed new capabilities to be determined.
Revolution in national cyber capabilities
Rapid technology development Accelerated
deployment
6
What is the National Cyber Range?
A dedicated cyber testbed to enhance the
Nations ability to defend against cyber attacks
  • The National Cyber Range will
  • Provide a dedicated test bed to produce
    qualitative and quantitative assessments of the
    security of cyber technologies and scenarios.
  • Provide a revolutionary, safe, instrumented
    environment for our national cyber security
    research organizations to test the security of
    information systems. 
  • Revolutionize the state of the art of cyber
    security testing.
  • A cyber test center to
  • Enable leap-ahead advances to defend and exploit
    the cyber realm
  • Enable revolutionary cyber testing

Facilitates consistent, realistic, verifiable
testing
UNCLASSIFIED Distribution Statement A (Approved
for Public Release, Distribution Unlimited)
7
National Cyber Range
8
NCR Infrastructure
Performer-Provided, Holistic Testing Environment
  • Range Infrastructure
  • Facilities
  • Power, HVAC
  • Physical and Logical Security
  • Personnel and Administration
  • Facility and Systems Administration
  • Test Scheduling and Management
  • On-Site Test Technical Support
  • CONOPs Development and Execution
  • Certification and Accreditation
  • Range Resources
  • Large Pool of Heterogeneous Systems
  • Ability to Easily Integrate New Systems
  • Ability to Connect to Existing Cyber
    Ranges/Resources
  • OPFOR as a Service
  • Provide Realistic Cyber Adversaries

Providing the environment to solve the Nations
Cyber problems Unconstrained cyber research
environment supporting the CNCI UNCLASSIFIED
Distribution Statement A (Approved for Public
Release, Distribution Unlimited)
9
NCR Technical Advancements
Revolutionizing State-of-the-Art of Cyber Testing
  • Automated Range Resource and Test Management
  • Revolutionize test technologies, science, and
    repeatability
  • Rapidly design, configure, analyze, and release
    tests
  • Advanced Virtual Machines and Networks
  • Facilitate large scale, heterogeneous
    environments
  • Multi-Spectrum Integration
  • Wireless and MANET (radio/satellite/maritime/tacti
    cal)
  • Critical Infrastructures - SCADA/Control Systems
  • Accelerate and/or Decelerate Test Time
  • Revolutionary testing technologies
  • Responsive Traffic Generators and Program
    Activators
  • Emulate human activity across a variety of
    network components
  • technology needed to emulate social engineering
    (manipulation) and dynamic nature of cyber realm
  • Simulate mobile computing (cyber cafes, PDAs,
    cell phones)

Providing the environment to solve the
Nations Cyber problems Unconstrained cyber
research environment supporting the
CNCI UNCLASSIFIED Distribution Statement A
(Approved for Public Release, Distribution
Unlimited)
10
Program Timeline
ICD
Go/No-Go PDR
6 Mo
Go/No-Go CDR Demonstration
2 Mo
Go/No-Go
IOC - 1 Dec 09
FOC Determination
  • Deliverables
  • Detailed Engr Plan
  • System Demo Plan
  • CONOPS
  • Phase II Proposal
  • Revised OCI Plan
  • Deliverables
  • Phase III Proposal
  • Phase IV Proposal
  • Phase III SDP
  • Develop Prototype
  • Prototype Demonstration
  • Deliverables
  • Build NCR
  • NCR Testing

Operations Phase
ICD - Initial Conceptual Design PDR - Preliminary
Design Review CDR - Critical Design Review FOC-
Full Operational Capability
11
NCR Program Progress
  • Interim Progress Reviews (IPRs)
  • IPR1 March 9 13, 2009 March 23 27, 2009
  • IPR2 May 18 22, 2009 May 26 29, 2009
  • Seedlings/Studies
  • Quantifying Computer Security December 2008
  • NCR Transition May 2009
  • Government Working Groups
  • Security Accreditation Working Group April 7,
    2009
  • Joint Working Group April 8, 2009
  • Documents Published
  • NCR Intellectual Property Guidance February 27,
    2009
  • Updated Security Classification Guidance (SCG)
    April 3, 2009
  • Contracting Officer Guidance April 22, 2009
  • Phase 1 Performer Deliverables July 13, 2009

12
NCR Team
As of Feb 09
13
Technical Correspondence
  • DARPA Program Manager -- Dr. Michael VanPutte
  • michael.vanputte_at_darpa.mil
  • DARPA/STO
  • ATTN STO Dr Michael VanPutte/BAA08-43
  • 3701 North Fairfax Drive
  • Arlington, VA 22203-1714
  • Phone (unclassified and classified) (703)
    526-4721
  • Unclassified fax (703) 248-1800
  • Program Website http//www.darpa.mil/sto/ia/ncr.
    html
Write a Comment
User Comments (0)
About PowerShow.com