Cyber-Physical Battlefield Platform for Large-Scale Cybersecurity Exercises

2019 11th International Conference on Cyber Conflict (CyCon) Pub Date : 2019-05-01 DOI:10.23919/CYCON.2019.8756901

J. Kim, Kyeongho Kim, Moonsu Jang

{"title":"Cyber-Physical Battlefield Platform for Large-Scale Cybersecurity Exercises","authors":"J. Kim, Kyeongho Kim, Moonsu Jang","doi":"10.23919/CYCON.2019.8756901","DOIUrl":null,"url":null,"abstract":"In this study, we propose a platform upon which a cyber security exercise environment can be built efficiently for national critical infrastructure protection, i.e. a cyber-physical battlefield (CPB), to simulate actual ICS/SCADA systems in operation. Among various design considerations, this paper mainly discusses scalability, mobility, reality, extensibility, consideration of the domain or vendor specificities, and the visualization of physical facilities and their damage as caused by cyber attacks. The main purpose of the study was to develop a platform that can maximize the coverage that encompasses such design considerations. We discuss the construction of the platform through the final design choices. The features of the platform that we attempt to achieve are closely related to the target cyber exercise format. Design choices were made considering the construction of a realistic ICS/SCADA exercise environment that meets the goals and matches the characteristics of the Cyber Conflict Exercise (CCE), an annual national exercise organized by the National Security Research Institute (NSR) of South Korea. CCE is a real-time attack-defense battlefield drill between 10 red teams who try to penetrate a multi-level organization network and 16 blue teams who try to defend the network. The exercise platform provides scalability and a significant degree of freedom in the design of a very large-scale CCE environment. It also allowed us to fuse techniques such as 3D-printing and augmented reality (AR) to achieve the exercise goals. This CPB platform can also be utilized in various ways for different types of cybersecurity exercise. The successful application of this platform in Locked Shields 2018 (LS18) is strong evidence of this; it showed the great potential of this platform to integrate high-level strategic or operational exercises effectively with low-level technical exercises. This paper also discusses several possible improvements of the platform which could be made for better integration, as well as various exercise environments that can be constructed given the scalability and extensibility of the platform.","PeriodicalId":114193,"journal":{"name":"2019 11th International Conference on Cyber Conflict (CyCon)","volume":"55 7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 11th International Conference on Cyber Conflict (CyCon)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/CYCON.2019.8756901","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

In this study, we propose a platform upon which a cyber security exercise environment can be built efficiently for national critical infrastructure protection, i.e. a cyber-physical battlefield (CPB), to simulate actual ICS/SCADA systems in operation. Among various design considerations, this paper mainly discusses scalability, mobility, reality, extensibility, consideration of the domain or vendor specificities, and the visualization of physical facilities and their damage as caused by cyber attacks. The main purpose of the study was to develop a platform that can maximize the coverage that encompasses such design considerations. We discuss the construction of the platform through the final design choices. The features of the platform that we attempt to achieve are closely related to the target cyber exercise format. Design choices were made considering the construction of a realistic ICS/SCADA exercise environment that meets the goals and matches the characteristics of the Cyber Conflict Exercise (CCE), an annual national exercise organized by the National Security Research Institute (NSR) of South Korea. CCE is a real-time attack-defense battlefield drill between 10 red teams who try to penetrate a multi-level organization network and 16 blue teams who try to defend the network. The exercise platform provides scalability and a significant degree of freedom in the design of a very large-scale CCE environment. It also allowed us to fuse techniques such as 3D-printing and augmented reality (AR) to achieve the exercise goals. This CPB platform can also be utilized in various ways for different types of cybersecurity exercise. The successful application of this platform in Locked Shields 2018 (LS18) is strong evidence of this; it showed the great potential of this platform to integrate high-level strategic or operational exercises effectively with low-level technical exercises. This paper also discusses several possible improvements of the platform which could be made for better integration, as well as various exercise environments that can be constructed given the scalability and extensibility of the platform.

查看原文本刊更多论文

大规模网络安全演习的网络物理战场平台

在这项研究中，我们提出了一个平台，可以有效地建立一个网络安全演习环境，以保护国家关键基础设施，即网络物理战场(CPB)，以模拟实际运行的ICS/SCADA系统。在各种设计考虑中，本文主要讨论了可扩展性、移动性、现实性、可扩展性、对领域或供应商特殊性的考虑以及物理设施的可视化及其在网络攻击下造成的损害。这项研究的主要目的是开发一个平台，可以最大限度地覆盖这些设计考虑。我们通过最终的设计选择来讨论平台的构建。我们试图实现的平台特性与目标网络演习格式密切相关。设计选择考虑了现实的ICS/SCADA演习环境的构建，该环境符合韩国国家安全研究所(NSR)组织的年度国家演习“网络冲突演习”(CCE)的目标和特征。CCE是10个试图渗透到多层次组织网络的红队和16个试图防御网络的蓝队之间的实时攻击防御战场演习。练习平台在设计非常大规模的CCE环境时提供了可伸缩性和很大程度的自由度。它还使我们能够融合3d打印和增强现实(AR)等技术来实现锻炼目标。这个CPB平台也可以以各种方式用于不同类型的网络安全演习。该平台在Locked Shields 2018 (LS18)中的成功应用就是强有力的证据;它显示了该平台将高级别战略或作战演习与低级别技术演习有效结合起来的巨大潜力。本文还讨论了为了更好地集成，可以对平台进行的一些改进，以及考虑到平台的可扩展性和可扩展性，可以构建的各种演习环境。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 11th International Conference on Cyber Conflict (CyCon)

自引率

0.00%

发文量