Despite the fact that the World Economic Forum declared that cybersecurity is one of the top five global risks to watch in 2011, little has been done to date to organize the defense community to prepare for the effective utilization of modeling and simulation of cyber theft, cyber espionage, cyber war, or cyber terrorism. Recently, the technologies associated with computer network operations have grown dramatically, with an associated increased emphasis and capability across academia, industry and government organizations. In order to secure the future of cyberspace, it is necessary to develop a modeling and simulation interoperability standard for cybersecurity that will enable many organizations to bring forth their best threat models, network simulations, and attack and exploitation analyses so that they may work together on cyber ranges.
The history of other M&S interoperability standards is well known; the Distributed Interactive Simulation (DIS) and the High Level Architecture (HLA) standards were both born out of the need for interoperability among models and simulations. For battlefield simulations, for instance, the organization that knew the most about a particular platform could also build that model, and expect it to operate within the bounds of a simulation that adhered to the standard. The research shows that no one has yet successfully implemented a cybersecurity interoperability standard using the DIS or HLA framework, including their extensions. This paper also proposes the top level organization of a new cybersecurity interoperability standard, suggests a concept of operations for building and maintaining this standard, and recommends stakeholders that should be involved in the balloting for the standard.