Title: NATIONAL CYBER RANGE
1NATIONAL CYBER RANGE
Cyber test environment supporting the
Comprehensive National Cybersecurity Initiative
(CNCI)
Barbara McQuiston Office Director Michael
VanPutte, Ph.D.Program Manager
UNCLASSIFIED Distribution Statement A (Approved
for Public Release, Distribution Unlimited)
2What is the Comprehensive National Cybersecurity
Initiative (CNCI)
- On January 8, 2008, President Bush issued
National Security Presidential Directive
54/Homeland Security Presidential Directive 23 - Formalized the Comprehensive National
Cybersecurity Initiative - Instituted a series of continuous efforts to
further safeguard our federal government systems
from cyber threats and attacks - The CNCI is focused on three key areas
- Establish a frontline defense (reducing current
vulnerabilities and preventing intrusions) - Defend against the full spectrum of threats by
using intelligence and strengthening supply chain
security and - Shape the future environment by enhancing our
research, development, and education as well as
investing in leap-ahead technologies.
3What is the cyber threat?
- There has been increased malicious cyber activity
directed at the U.S. Government over the past few
years - This activity is growing more sophisticated, more
targeted, and more prevalent - Cyber threats don't come in one variety
- A single individual acting as a hacker
- An organized criminal group stealing personal or
financial information to exploit for ill-gotten
gain - A hacker trying to breach a system simply in
order to show that he or she can do it - Nation states engaged in cyber espionage against
governments and businesses - Terrorist group seeking to cause very real damage
to our systems and to our country - Malicious attacks are often used to
- Steal information
- Disrupt, deny access to, degrade or destroy
critical federal information systems - These attacks have the potential to prevent the
efficient operations of vital systems - Because of the interdependence of our society
economy on information systems, a cyber attack
would have cascading effects across the country
and across the world
4Why cant we defend against these threats today?
- Many of the commercial systems we rely on today
were designed for use in home and small
businesses, and were not designed from the
bottom-up to operate in hostile environments. - With increased Internet connectivity, there is
more access from more places, which offer an ever
increasing number of malicious actors access to
the Nations interconnected information systems
on which we rely at home and at work. - Cyber adversaries can adapt rapidly to an
ever-changing environment, and are able to attack
at the time and place of their choosing. - The information on which we rely is more and more
complex, interconnected, and interdependent, and
increasing technological complexity increases the
difficulty in securing that same technology.
5National Cyber Range
Adaptable, multi-dimensional, heterogeneous cyber
test environment The Nations environment for
cyber research
The National Cyber Range is the measurement
capability providing a realistic quantifiable
assessment of the Nations cyber research and
development technologies, enabling a revolution
in national cyber capabilities and accelerate
transition of these technologies
Leap-ahead research and quantifiable assessment
of cyber tools, processes, and architectures
facilitates
The National Cyber Range will allow classified
and unclassified researchers to measure their
progress in either a classified or
unclassified environment, against
appropriate threats with sufficient timeliness
and accuracy, to allow corrections and
needed new capabilities to be determined.
Revolution in national cyber capabilities
Rapid technology development Accelerated
deployment
6What is the National Cyber Range?
A dedicated cyber testbed to enhance the
Nations ability to defend against cyber attacks
- The National Cyber Range will
- Provide a dedicated test bed to produce
qualitative and quantitative assessments of the
security of cyber technologies and scenarios. - Provide a revolutionary, safe, instrumented
environment for our national cyber security
research organizations to test the security of
information systems. - Revolutionize the state of the art of cyber
security testing.
- A cyber test center to
- Enable leap-ahead advances to defend and exploit
the cyber realm - Enable revolutionary cyber testing
Facilitates consistent, realistic, verifiable
testing
UNCLASSIFIED Distribution Statement A (Approved
for Public Release, Distribution Unlimited)
7National Cyber Range
8NCR Infrastructure
Performer-Provided, Holistic Testing Environment
- Range Infrastructure
- Facilities
- Power, HVAC
- Physical and Logical Security
- Personnel and Administration
- Facility and Systems Administration
- Test Scheduling and Management
- On-Site Test Technical Support
- CONOPs Development and Execution
- Certification and Accreditation
- Range Resources
- Large Pool of Heterogeneous Systems
- Ability to Easily Integrate New Systems
- Ability to Connect to Existing Cyber
Ranges/Resources - OPFOR as a Service
- Provide Realistic Cyber Adversaries
Providing the environment to solve the Nations
Cyber problems Unconstrained cyber research
environment supporting the CNCI UNCLASSIFIED
Distribution Statement A (Approved for Public
Release, Distribution Unlimited)
9NCR Technical Advancements
Revolutionizing State-of-the-Art of Cyber Testing
- Automated Range Resource and Test Management
- Revolutionize test technologies, science, and
repeatability - Rapidly design, configure, analyze, and release
tests - Advanced Virtual Machines and Networks
- Facilitate large scale, heterogeneous
environments - Multi-Spectrum Integration
- Wireless and MANET (radio/satellite/maritime/tacti
cal) - Critical Infrastructures - SCADA/Control Systems
- Accelerate and/or Decelerate Test Time
- Revolutionary testing technologies
- Responsive Traffic Generators and Program
Activators - Emulate human activity across a variety of
network components - technology needed to emulate social engineering
(manipulation) and dynamic nature of cyber realm - Simulate mobile computing (cyber cafes, PDAs,
cell phones)
Providing the environment to solve the
Nations Cyber problems Unconstrained cyber
research environment supporting the
CNCI UNCLASSIFIED Distribution Statement A
(Approved for Public Release, Distribution
Unlimited)
10Program Timeline
ICD
Go/No-Go PDR
6 Mo
Go/No-Go CDR Demonstration
2 Mo
Go/No-Go
IOC - 1 Dec 09
FOC Determination
- Deliverables
- Detailed Engr Plan
- System Demo Plan
- CONOPS
- Phase II Proposal
- Revised OCI Plan
- Deliverables
- Phase III Proposal
- Phase IV Proposal
- Phase III SDP
- Develop Prototype
- Prototype Demonstration
- Deliverables
- Build NCR
- NCR Testing
Operations Phase
ICD - Initial Conceptual Design PDR - Preliminary
Design Review CDR - Critical Design Review FOC-
Full Operational Capability
11NCR Program Progress
- Interim Progress Reviews (IPRs)
- IPR1 March 9 13, 2009 March 23 27, 2009
- IPR2 May 18 22, 2009 May 26 29, 2009
- Seedlings/Studies
- Quantifying Computer Security December 2008
- NCR Transition May 2009
- Government Working Groups
- Security Accreditation Working Group April 7,
2009 - Joint Working Group April 8, 2009
- Documents Published
- NCR Intellectual Property Guidance February 27,
2009 - Updated Security Classification Guidance (SCG)
April 3, 2009 - Contracting Officer Guidance April 22, 2009
- Phase 1 Performer Deliverables July 13, 2009
12NCR Team
As of Feb 09
13Technical Correspondence
-
- DARPA Program Manager -- Dr. Michael VanPutte
- michael.vanputte_at_darpa.mil
- DARPA/STO
- ATTN STO Dr Michael VanPutte/BAA08-43
- 3701 North Fairfax Drive
- Arlington, VA 22203-1714
- Phone (unclassified and classified) (703)
526-4721 - Unclassified fax (703) 248-1800
- Program Website http//www.darpa.mil/sto/ia/ncr.
html