Using network digital twins to improve cyber resilience of missions

IF 1 Q3 ENGINEERING, MULTIDISCIPLINARY

Journal of Defense Modeling and Simulation-Applications Methodology Technology-JDMS Pub Date : 2022-10-11 DOI:10.1177/15485129221131226

R. Bagrodia

{"title":"Using network digital twins to improve cyber resilience of missions","authors":"R. Bagrodia","doi":"10.1177/15485129221131226","DOIUrl":null,"url":null,"abstract":"The need to secure information and weapon systems against cyber threats is a critical objective for the US Department of Defense and its allied partners. Understanding the end-to-end performance of such systems under realistic operational conditions, including cyber disruptions, is critical for achieving mission goals. Identifying and mitigating shortfalls in operational performance under adverse operational conditions can provide significant value to our defense capabilities and directly save lives. As an illustrative example, we consider the Joint All Domain Command and Control (JADC2) system. JADC2 fundamentally relies on communications and networks to contain, extract, and disseminate time-sensitive, missionrelevant information to win decisively against opposing forces. Future conflicts are likely to involve attempts to disrupt information systems that are critical for JADC2 communication and for assured operation of highly sophisticated weapons systems. Disruption is already a capability of potential adversary forces and will spread to secondary threats allied to them. The complexity of a JADC2 combined cyber and kinetic battlefield requires the training, analysis, test, and evaluation communities to adequately account for potential impacts of degraded network operations and/or exploitation of cyber vulnerabilities on overall mission outcomes. This has motivated a significant amount of ongoing research and development into tools, techniques, and methodologies to assess cyber resiliency of military systems in general, and combat systems in particular. The complexity and interdependencies among combat systems and connections among them complicate current resiliency analysis methods. For example, a risk associated with a single point of failure in a network could be mitigated with redundant components, assuming that the failure is a random hardware failure. However, an unmitigated cyber vulnerability could result in identical failures in redundant components as well. Even if there is no vulnerability in the component itself, an attack that succeeds in interfering with timing of data exchanges, for example by loading a data bus, could result in degraded combat system performance. Similarly, establishing communication links through delayed, intermittently connected, low-bandwidth environments may require the relaying of information using multiple hops, which increases susceptibility to man-in-the-middle attacks. It is also the case that a cyber vulnerability in a weapon system is not necessarily a mission vulnerability, as exploiting that vulnerability may or may not impact the overall system capabilities needed to achieve mission objectives. To assure a mission against cyber threats, cyber resilience of the weapon system must be assessed in a realistic tactical environment, so as to:","PeriodicalId":44661,"journal":{"name":"Journal of Defense Modeling and Simulation-Applications Methodology Technology-JDMS","volume":"45 1","pages":"97 - 106"},"PeriodicalIF":1.0000,"publicationDate":"2022-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Defense Modeling and Simulation-Applications Methodology Technology-JDMS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1177/15485129221131226","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

Abstract

The need to secure information and weapon systems against cyber threats is a critical objective for the US Department of Defense and its allied partners. Understanding the end-to-end performance of such systems under realistic operational conditions, including cyber disruptions, is critical for achieving mission goals. Identifying and mitigating shortfalls in operational performance under adverse operational conditions can provide significant value to our defense capabilities and directly save lives. As an illustrative example, we consider the Joint All Domain Command and Control (JADC2) system. JADC2 fundamentally relies on communications and networks to contain, extract, and disseminate time-sensitive, missionrelevant information to win decisively against opposing forces. Future conflicts are likely to involve attempts to disrupt information systems that are critical for JADC2 communication and for assured operation of highly sophisticated weapons systems. Disruption is already a capability of potential adversary forces and will spread to secondary threats allied to them. The complexity of a JADC2 combined cyber and kinetic battlefield requires the training, analysis, test, and evaluation communities to adequately account for potential impacts of degraded network operations and/or exploitation of cyber vulnerabilities on overall mission outcomes. This has motivated a significant amount of ongoing research and development into tools, techniques, and methodologies to assess cyber resiliency of military systems in general, and combat systems in particular. The complexity and interdependencies among combat systems and connections among them complicate current resiliency analysis methods. For example, a risk associated with a single point of failure in a network could be mitigated with redundant components, assuming that the failure is a random hardware failure. However, an unmitigated cyber vulnerability could result in identical failures in redundant components as well. Even if there is no vulnerability in the component itself, an attack that succeeds in interfering with timing of data exchanges, for example by loading a data bus, could result in degraded combat system performance. Similarly, establishing communication links through delayed, intermittently connected, low-bandwidth environments may require the relaying of information using multiple hops, which increases susceptibility to man-in-the-middle attacks. It is also the case that a cyber vulnerability in a weapon system is not necessarily a mission vulnerability, as exploiting that vulnerability may or may not impact the overall system capabilities needed to achieve mission objectives. To assure a mission against cyber threats, cyber resilience of the weapon system must be assessed in a realistic tactical environment, so as to:

查看原文本刊更多论文

利用网络数字孪生提高任务的网络弹性

保护信息和武器系统免受网络威胁的需求是美国国防部及其盟友的关键目标。了解此类系统在实际操作条件下的端到端性能，包括网络中断，对于实现任务目标至关重要。在不利的作战条件下，识别和减轻作战性能的不足可以为我们的防御能力提供重要价值，并直接挽救生命。作为一个说明性的例子，我们考虑了联合全域指挥与控制(JADC2)系统。JADC2从根本上依赖于通信和网络来包含、提取和传播时间敏感的、与任务相关的信息，以决定性地赢得对对方部队的胜利。未来的冲突可能涉及试图破坏对JADC2通信和确保高度复杂武器系统的操作至关重要的信息系统。破坏已经是潜在对手力量的一种能力，并将扩散到与他们结盟的次要威胁。JADC2联合网络和动态战场的复杂性要求训练、分析、测试和评估团体充分考虑网络作战退化和/或利用网络漏洞对整体任务结果的潜在影响。这激发了大量正在进行的工具、技术和方法的研究和开发，以评估军事系统，特别是作战系统的网络弹性。作战系统之间的复杂性和相互依赖性以及它们之间的联系使现有的弹性分析方法复杂化。例如，假设故障是随机硬件故障，可以使用冗余组件减轻与网络中单点故障相关的风险。然而，一个未缓解的网络漏洞也可能导致冗余组件出现相同的故障。即使组件本身没有漏洞，成功干扰数据交换时间的攻击，例如通过加载数据总线，也可能导致作战系统性能下降。类似地，通过延迟、间歇连接、低带宽环境建立通信链接可能需要使用多跳中继信息，这增加了对中间人攻击的敏感性。此外，武器系统中的网络漏洞不一定是任务漏洞，因为利用该漏洞可能会或可能不会影响实现任务目标所需的整体系统能力。为了确保应对网络威胁的任务，必须在现实战术环境中评估武器系统的网络弹性，以便:

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Defense Modeling and Simulation-Applications Methodology Technology-JDMS ENGINEERING, MULTIDISCIPLINARY-

CiteScore

2.80

自引率

12.50%

发文量