| “We have to understand that cyberspace can be shaped,
but it cannot be dominated – because we don’t know most
of it,” says Lt. Gen. William Lord, CIO of the Office
of the Secretary of the Air Force speaking to a meeting
of the AFCEA Northern Virginia chapter on September
18, 2009. “It’s a commercial enterprise, not a military
enterprise.” Within this environment of rapid change,
the US DoD’s pursuit of cyber superiority has spurned
a number of new US defense initiatives that are blurring
the lines between the military services and their traditional
roles. “We will never fight alone by service again.”
Lord said.
The ability to rigorously vet net-centric communication
systems, particularly the most vulnerable domain of
mobile wireless communications, is where a new class
of advanced network simulation and emulation tools called
software virtual networks (SVNs) are coming into play.
Virtual Networks, Real Behavior
First introduced in 2008 by Scalable Network Technologies
of Los Angeles, CA, SVNs are poised to enable the massive
cyber security development efforts that are in the pipeline.
SVNs are exact digital replicas of physical networks
in virtual space – indistinguishable from a real network.
Unlike traditional modeling and simulation technology,
SVNs are based on emulation, and have the ability to
interoperate with applications, devices, management
tools, and people – at real time speed. SVNs emulate
all layers of complex networks that may involve thousands
of nodes, providing cyber security planners and sleuths
high fidelity results that are comparable to physical
testing. But unlike physical test beds, the synthetic
networks offer advantages of greater flexibility, immediacy
and much lower cost.
The underlying technology of SVN’s is a kernel design
that allows these synthetic networks to operate on every
generation of parallel computer architecture from multi-core
PCs to supercomputers. Thus, for the first time, emulators
can scale to the size and complexity of existing and
future networks – providing real time speed and fidelity.
This advancement is analogous to the revolutionary
advance that Google™ brought to the search engine world.
Correctly anticipating the growth of the World Wide
Web, Google designed its search engine to be inherently
scalable through the power of clusters and farms of
computers. In the same way, SNT predicted that the complexity
of on-the-move communication networks would increase
at a much greater rate than the speed of computing power,
and strategically leveraged the power of parallel computing
for their network emulation.
Fast and Realistic Answers
Cyberwarfare is about stealth and speed. Because the
volley of attacks and countermeasures takes place between
invisible adversaries, capability development must focus
on a number of fronts: configuring networks for maximum
security; packaging it so that non-experts can use it
on the battlefield; and training deployed personnel
to rapidly defend & restore networks and shut down
intruders. “What keeps me up at night are poor browser
and SQL database configurations,” says Ray Letteer,
head of the Marine Corps’ Information Assurance Division
in the Office of the Director, C4/DON Deputy CIO. “My
blue teams that do operational tests keep finding issues,
pointing to peer-to-peer operating systems, people failing
to follow policies, and the reliance on passwords as
some of the many ways systems are easily breached.”
Cyberwarfare goes beyond secure software and devices.
Cyberattacks are conducted and understood by relatively
few, so developing skilled personnel that are capable
of detecting and defending cyber threats is a crucial
need. SVNs accelerate the time-to-solution to these
kinds of operational and training challenges by stress-testing
software under real-world attack scenarios. These finding
can then support continuous training and skills upgrades
as well as development of new tactics, techniques and
procedures (TT&Ps) as systems evolve.
Stress-Testing Applications
The interactivity and realism of SVNs extends to software.
For example, a command and control application that
will be deployed over an on-the-move network can be
run on top of the SVN so that a warfighter will have
the same experience with that application as they would
in the field. Urban, rural, and mixed environments can
be emulated, exposing warfighters and commanders to
realistic encounters in advance. Threats can be injected
into the SVN to stress the application for vulnerabilities,
pinpointing code that must be re-written to close security
gaps.
Some progress has already been made in this type of
application testing. An Aviation Week article published
in May 2009 described several future attack devices
being built in a U.S. cyber warfare attack laboratory.
Capabilities include software for finding digital weaknesses
in virtually any form of wireless network that combines
cyber sleuthing, technology analysis, and tracking of
information flow. These devices also suggest how best
to mount an attack and report results. A by-product
of the project is that it jumpstarts the weaponizing
of cyber attack for the non-cyberspecialist military
user.
Pre-Deployment Training
SVNs can also serve as laboratories in which to train
people to use new cyber war technology prior to deployment.
The long-term vision for cyber war readiness includes
creating decision-support tools that provide situational
awareness and training for warfighters who aren’t networking
experts.
For example, an actual ground/air/SATCOM network with
Link 16 and NET connectivity can interoperate with an
SVN that is delivering a war-gaming application, simulated
network intrusions such as wormholes, blind denial of
service, simulated RF jamming attackers, and the new
cyberwar application and/or device. This level of comprehensive
and realistic training experience enables the honing
of individual proficiency and the refining of cyberwar
TT&P’s.
Keeping Ahead of Enemies
As “assets” and “targets” move rapidly to the cyber
domain, the very nature of warfare is being redefined.
Superior development technology is the pre-requisite
to staying a step ahead of highly adaptable adversaries. |
