In the multi-domain battlefield, our warfighters rely on a geographically dispersed, connected network of sensors, platforms, and weapon systems to prosecute their missions in harsh and contested environments that complicate the detection of compromised communications.
Mission Rehearsal must accurately incorporate evaluation of cyber resilience of missions in a holistic survivability context, based on:
- Realistic tactical environments that reflect intrinsic cyber weaknesses
- An understanding of how the adversary will deploy cyber threats during the multi-domain mission operations
- The impact of the adversary’s mission-specific Tactics, Techniques, and Procedures (TTPs)
It is important to note that every cyber vulnerability is not necessarily a mission or system vulnerability, because the cyber vulnerability may or may not impact the system capability needed to successfully complete the mission. It follows that, from a mission perspective, cyber security is not a computer problem
- Weapon Systems must be assessed differently from Enterprise Networks
- General cybersecurity expertise is not the same as Weapon System Cybersecurity Expertise
In this paper we analyze the critical needs for mission-centrism in our cyber range capabilities and identify main characteristics of a mission-centric cyber range (MCCR) compared to the capabilities of traditional cyber ranges:
- Integration of cyber and kinetic domains, without modification
- Integration with both IP and non-IP communications (e.g., 1553 bus)
- Access to wireless and tactical waveforms and their specific vulnerabilities
- Extensible attack library against network, connected weapon, and C2 subsystems
- Assessments of command and staff to modify and complete operations and network defenders to detect and react to threats
In addition to describing these characteristics, we also provide a use-case of an MCCR using connected weapons as the illustrative example.