[ppt]wss.apan.org quest 2016/cq 2016 cwg2... · web view0900welcome dale white, dep dir, cbl. 0915...

UNCLASSIFIEDUNCLASSIFIED

UNCLASSIFIED

UNCLASSIFIED1

15 -17 Mar 2016

Cyber Quest 2016

Cyber Quest 2016 Coordinated Working Group (CWG) #2

UNCLASSIFIED//FOR OFFICAL USE ONLY

UNCLASSIFIED//FOR OFFICAL USE ONLY


UNCLASSIFIED

UNCLASSIFIED2

0900 Welcome Dale White, Dep Dir, CBL

0915 Introduction, Agenda, Objectives, Video MAJ Roberts

0930 Cyber Quest Update, Timeline, Road to War MAJ Roberts

1000 User Defined Operational Picture/Data Sources Review/Update Mike Jones

1100 Data Integration Introduction Mr. Andersen

1200 LUNCH ALL

1330 Lower Tactical Network Introduction Horace Carney

1430 Upper Tactical Network Introduction (WIN-T) Joe Collette

1530 Training Requirements Greg Wells

1600 Overview of 16 March Agenda/Release MAJ Stannard 1800 NO HOST SOCIAL (CAROLINA ALE HOUSE)

Location: U.S. Army Reserve CenterRoom 122-124

Participation: All Cyber Quest 2016 Participants

CWG #2 Agenda – 15 Mar 2016


UNCLASSIFIED

UNCLASSIFIED3

0900 Welcome Back MAJ Roberts

0915 EW Sensor Technology Sponsor Breakout - 122 0915 – 1205 Data Integration Breakout - 124

0915 - 0945 Harris Corporation Data Sources - SA

0950 - 1020 L3 WIN-T NMS

1025 - 1055 Phaser

1100 - 1130 Rockwell Collins

1135 - 1205 Thales

1205 LUNCH \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ALL

1330 CTI 1330 Lower Tactical Network

1400 EITC 1430 Upper Tactical Network (WIN-T)

1430 General Dynamics

1500 GTRI





UNCLASSIFIED

UNCLASSIFIED4

0900 Welcome Back MAJ Roberts

0915 Breakout Session Opportunity (As needed) - 122 0915 Cyber Quest 2017 Objectives- 124

1015 Academia Participation1130 CWG 2 Out-brief to Technology Sponsors

1205 CWG 2 ENDS





UNCLASSIFIED

UNCLASSIFIED

Working Group Objectives

• To review all documentation/administrative requirements;

• To highlight key experiment dates, events, and milestones;

• Delineate roles and responsibilities for all participants;

• To produce a draft network design document and identify resource shortfalls;

• To produce a draft DODAF document identifying data systems integration requirements;

• To develop a draft Cyber Quest 2016 Technology Integration Schedule;

• To document technology training requirements;

• To address Cyber Quest 2016 vignette/simulation requirements;


UNCLASSIFIED

UNCLASSIFIED6

6

park

ing

parking

Signal Towers

Cyber Battle Lab

Directions


UNCLASSIFIED

UNCLASSIFIED7

Army Expeditionary Warrior Experiment (AEWE)

VIDEO


UNCLASSIFIED

UNCLASSIFIED8

EXPERIMENT UPDATE, TIMELINE, MILESTONES, EXPECTATIONS


UNCLASSIFIED

UNCLASSIFIED

Initiation

Selection

Integration

Execution

Cyber Quest 2016 Timeline and Milestones

CWG 3 - MAY 2016

Final Report SEP 2016

TechNet CQ Briefing 2 AUG 2016

Excursions Assessments JUN 2016

Technology Selection 8 – 11 DEC 2015

Experimentation Event 11 – 29 JUL 2016

CWG 2 - MAR 2016CWG 1 - JAN 2016

Integration Orders APR 2016

Results: Tech Pre-Select 20 NOV 2015Tech Pre-Selection Panel 17 – 19 NOV 2015

Tech Call Deadline 13 NOV 2015

Proposal Consolidation SEP 2015

Proposal Engagement (Wide) SEP 2015

Proposal Selection (Core) 8 SEP 2015

Cyber Quest 2016 Initiation AUG 2015

2016Framework

11 Month Cycle9

Army Cyber Council

Council of Colonels 21 SEP 2015

ACC Brief OCT 2015

CARR Brief SEP 9 2015

Industry Briefing Day 4 NOV 2015Tech Call – Industry BAA 22 OCT 2015


UNCLASSIFIED

UNCLASSIFIED

Execution

• Execution Duration (3 weeks)

• Location (CBL, FOB Ready, Ft Gordon and SRS)

• Focused at Infantry BCT TOC Unified COP/CPCE v2

– Live, Constructed, Virtual Environment

– Cyber Range Connectivity

– Phase 3 to 4 operational transition

• Notional SIPR Networks (Unclassified)

• Battle Rhythm (6hr scenario day + real world)

• 4x 12hr plays

• Requires an Experimentation Force (EXFOR)

– Blue Force, Red Team, Green Cell, White Cell

• No Fear of Failure (Sandbox) Reporting

10


UNCLASSIFIED

UNCLASSIFIED

Cyber Quest Operational View

11

Experimental Focus Areas

Integrate Cyber and Electronic Warfare Situational Awareness (SA) capabilities- Converge Cyber/ EW User Defined Operational Pictures (UDOPs)

- Tactical radios as sensors with input to Cyber SA tool.

- DOTMLPF implications of using a Cyber SA tool;

- TTPs for the CEMA cell;

Demo tactical radios as Electronic Warfare solutions;- Tactical hand held radios 200 – 2500 MHz range;- Tactical radios with anti-jamming capabilities;

Scenario•JTF (V/C) transitioning from MCO (PH III) to stability operations (PH IV) while reacting to red force kinetic and non-kinetic attacks

•Focus on an At-The-Halt (ATH) IBCT CP (Live) controlling an ATH Infantry Battalion CP and OTM Infantry Companies (V/C)

•Red Forces will use a variety of Offensive Cyber and Electronic Warfare (EW) attacks to stimulate Defensive Cyber Operations and EW Response Actions

•Intent: Focus on the BCT; Fully populate BCT TOC systems

•Leverage outputs for Cyber and EW SA capabilities

Red Forces

IBCT CP (Live)

CEMA

IN BN CP (V/C)

EWO

JTF / ExCSE (V/C)

CEMA

CPT

DIV TAC CP (V/C)

EW

National Asset (V/C)

CEMACSSB (V/C)ISB


UNCLASSIFIED

UNCLASSIFIED

Cyber Quest – Operational Flow

Outputs to inform: Best Practices & White Papers-System Vulnerabilities -Enemy Methodology-Force Design -System Integration-Process Improvements-Lessons Learned-Team Dynamics-Key Performance Parameters (KPP)-Tactics, Techniques, and Procedures (TTPs)

X

Submit Cyber Effects Request Form (CERF)

Provides CPT Experience in:-Remediation-Reporting-DCO (Defense in Depth)-Incident Response Handlers (IRH)

“CERF”

IBCT (select staff)(255S Provides

Cybersecurity Capability)

Provides:-Team Building-Tool Validation-Training Synergy

AMDWS/TAIS/CPOF

EWPMT/Cyber SA Tool

AFATDS/BCS3

Cyber Event

JFHQ-CCyber Protection Brigade (CPB)

Tasking

Battle Lab EW/S2/6

LEGENDLOS

CABLEREQUEST

LIVE

Army Cyber Operations

Integration Center (ACOIC)

Red Cell (Threat)

CPT(DST) CPT

(DST) CPT(DST)

Blue Cell (Friendly)

Action – Reaction – Counteraction

Regional Hub Node

(RHN)

Cyber SA Display in TOC

CEMA Cell

12



UNCLASSIFIED

UNCLASSIFIED 13

Feeds

Feeds Feeds

BCT TOC

E W

Cyber SA Display in CEMA Cell

AMDWS/TAIS/CPOF

AFATDS/BCS3/DCGS-A

EW

Emplaced sensors intercepts emitters

Monitoring Social Media

Battle Lab

M&S Branch

Simulation Interface

MC Systems

• OneSAF• FIRESIM• EMANE

Battle Lab

FEB Branch

Scenario Stimulation

• OPORD/Annex• Graphics• Vignettes/Storyboard• Scenario Products• Facilitation

EWPMT/Cyber SA Tool (Vendor Provided)

(Virtual)(Live)

(Live)

(Constructive)

Cyber Quest – Execution Operational View

(Live/Constructive)

Red Cell (Threat)

Blue Cell (Friendly)


Cyber Event

(Constructive)


UNCLASSIFIED

UNCLASSIFIED 14

Cyber Quest Calendar – March 2016

Sunday Monday Tuesday Wednesday Thursday Friday Saturday

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29 30 31

CQ Coordination Working Group #2

UC 16.1 GAMEX (Fort Leavenworth KS) (FEB)

UC 16.1 GAMEX (Fort Leavenworth KS) (FEB)

ABCT Seminar Wargame (Fort Benning GA) (FEB)

UC 16.1 Analysis Scrum (Fort Lee VA) (FEB)

Live Experimentation Branch

Futures Experimentation Branch

M&S Branch

Vendor Specific

OneSAF Build (Includes STARTEX positions/Movement Tracks (Battle)

End to End Thread Testing (Triggers, Timing, & Step Validation) (FEB All)

RMF Support

TBD

TBD

TBD

Scenario/Script review with ARCYBER (FEB All)

Scenario Orders/Road to War Refinement (Battle/Collins)

Scenario Orders/Road to War (Battle)


UNCLASSIFIED

UNCLASSIFIED 15

Cyber Quest Calendar – April 2016


1 2

3 4 5 6 7 8 9

10 11 12 13 14 15 16

17 18 19 20 21 22 23

24 25 26 27 28 29 30

Integration: Scenario Orders / Admin Instructions

Masters Week (Augusta area Schools Spring Break)

ExCIS Software Training (Austin TX) (FEB All)



M&S Branch

Vendor Specific

UC 16.1 Analysis Scrum

Scenario V&V(Battle)

TBD

Block Leave (FEB All)

Mission Command System Configuration & Testing

COMMEX (Includes HICON/LOCON Interaction) (FEB All)

RMF Support

TBD


UNCLASSIFIED

UNCLASSIFIED 16

Cyber Quest Calendar – May 2016


1 2 3 4 5 6 7

8 9 10 11 12 13 14

15 16 17 18 19 20 21

22 23 24 25 26 27 28

29 30 31

CQ Coordination Working Group #3



M&S Branch

Vendor Specific

TBD

TBD

TBD

TBD

SWLock

Develop System Specific Data Products

Develop System Specific Data Products

Threat/EXCON/HICON/LOCON Synchronization & Rehearsals

Threat/EXCON/HICON/LOCON Synchronization & Rehearsals

ATEC SRsCOMPLETED


UNCLASSIFIED

UNCLASSIFIED 17

Cyber Quest Calendar – June 2016


1 2 3 4

5 6 7 8 9 10 11

12 13 14 15 16 17 18

19 20 21 22 23 24 25

26 27 28 29 30

Vendor System Testing

Environment Build

Complete

Network / Vendor System IntegrationTBD

TBDFunctional Testing

End-to-End Thread Testing

TBD

Create & Load Data Products / Radio Config Files



M&S Branch

Vendor Specific

TBD

TBD

Full up Dress Rehearsals




UNCLASSIFIED

UNCLASSIFIED 18

Cyber Quest Calendar – July 2016


1 2

3 4 5 6 7 8 9

10 11 12 13 14 15 16

17 18 19 20 21 22 23

24 25 26 27 28 29 30

31

CQ Rotation 1

CQ Rotation 2 CQ Rotation 3 CQ Rotation 4

CQ Rotation 5 VIP Day / Demo AAR

PACEXCQ Build / Train

COMMEXVALEX

Instrumentation V&V

4th of July Weekend (DONSA)

4th of July Weekend (DONSA)



M&S Branch

Vendor Specific

Military Role Player Training and Integration


UNCLASSIFIED

UNCLASSIFIED

US Army Cyber Center of Excellence (Cyber CoE)

Cyber SA

Notional Dashboard

Focus Areas to Inform

Cyber Quest

Cyber Support Element-Ft. Leavenworth, KS.

All diagrams are pre-decisional and could be changed at the discretion of the CSE-FLKS


UNCLASSIFIED

UNCLASSIFIED

Cyber SA Planning and Management Tool (PMT)

Emitters / OB Planning Threat Activity EMS Interference Social Media

Cyber SIGACTs Network Status Cyber-EW Ops Mission ImpactCyber OverlayMaps

Unknown Actor, Cyber, Redirected URL, Unmitigated

Known Actor, Cyber, Unmitigated



Known Actor, Cyber, Unmitigated


Last 24 hoursQuery

< < < < < <

< < < < <

Focus Area 1: Cyber SIGACTS

Notional Display


UNCLASSIFIED

UNCLASSIFIED


Cyber SIGACTs Network Status Cyber-EW Ops Mission Impact

Emitters & OB Planning Threat Activity EMS Interference Social Media

Cyber OverlayMaps < < < < < <

< < < < <Create

Export to COP

Focus Area 2: Cyber Overlay

Notional Display


UNCLASSIFIED

UNCLASSIFIED



Cyber SIGACTs Network Status Cyber-EW Ops Mission ImpactCyber OverlayMaps < < < < < <

< < < < <Friendly

EnemyUnknown

NeutralAsset ComplianceForce Prot Cond.

Focus Area 3: Network Status - Friendly

Notional Display


UNCLASSIFIED

UNCLASSIFIED




< < < < <Friendly

EnemyUnknown

NeutralAsset ComplianceForce Prot Cond.

Focus Area 4: Network Status - Enemy

Notional Display


UNCLASSIFIED

UNCLASSIFIED


Active Tracking

Early Warning

Early Warning

Early Warning



< < < < <FILTERS

GSM

3G

4G

WiFi

Radar

OB

CTR MTR/RCKT

CTR MTR/RCKT

CTR MTR/RCKT

UnknownNeutralEnemy

Friendly

Focus Area 5: Emitters & Order of Battle

Notional Display


UNCLASSIFIED

UNCLASSIFIED


Emitters / OB Planning Threat Activity EMS Interference Social Media


< < < < <Intrusion Alerts

VulnerabilityNetwork Health

Focus Area 6: Mission Impact

Notional Display


UNCLASSIFIED

UNCLASSIFIED




< < < < <

TrendsAlerts

Web Search

Focus Area 7: Social Media

Notional Display


UNCLASSIFIED

UNCLASSIFIED

CyberQuestLower/Upper Tactical Network

Introduction

2016/03/15

Horace Carney/Joe ColetteCTR Support, Cyber Battle Lab

US Army Cyber Center of Excellence & Fort Gordon


UNCLASSIFIED

UNCLASSIFIED

Red Forces

IBCT CP (Live)

Operational Environment OV-1 (LVC)

EW

BlueForces

WIN-T Inc 2NOSC-B

EW

UCDEWPMT

CPOF BCCS DCGS-A AFATDS

Cyber Battle Lab

WIN-T Inc 2NOSC-B

ICOE

TSMO

Peer vs Near-peerTactical Radios and EW Sensors

WIN-T Inc 2SNE

WIN-T Inc 2SNE

SA Vendor

1-4SA

Vendor1-4

SA Vendor

1-4SA

Vendor1-4

DCO-IDM Feeds

Sensor improvement

– C2 Data ingest- Remote sensor

triggering- Cyber effects

Cyber Red vs Blue

- Visualization- Triggering- Queuing

WIN-T/DCO Cyber data

- Determine utility- Refine

TTPs/CONOPS

Effect Decision

Data Ingest

Data processing

EW/CYBER SA- Drive CEMA cell

response actions/planning

- Drive commander decisions

- Drive Cyber vs EW response actions

Big Data

SensorVendor

1-5

SensorVendor

1-5


UNCLASSIFIED

UNCLASSIFIED2929

Proposed Lower Tactical Architecture for Cyber Quest

Platoon SRW network

Company SRW network

FT HUACHUCA

1.Thales: Special EW Mission Module (EW module)

2.Phaser Corporation: (Wifi/4G LTE sensor)

3.Rockwell Collins: Handheld dismounted RF sensing capability/TTNT mesh network

4. Harris RF sensor5. L3 DF Capability

1/A/1-29 INFANTRY

PSG

A-TL B-TL

1-SL AN/PRC 154A

AN/PRC 15A

AN/PRC 154A

CO XO

A/1-29 INFANTRY CO (HEADQUARTERS)

OPS NCO

AN/PR 54A A-TL B-TL

2-SLAN/PRC 154A

AN/PRC 154A AN/PRC 154A

BN SNE

CO HQ

1-29 INFANTRY BN

SIDEHAT X 2

CO SRW/ SATCOM

WIN-T INC 2NETWORK Classification:

Notional SECRET


UNCLASSIFIED

UNCLASSIFIED30

UPPER TI ARCHITECTURE

30

STT (INC 1)

RHN-E CYBER BATTLE LAB

NOSC-B

BCT CP, FOB READY, FORT GORDON

COMPANY CP, TA-??

TCN (MAIN)

SSSV4

CPP(RADIO NETS ONLY)

LOWER TILEGEND

442ND ASSETS NOT IN CQ

CABLE LINK

SATELLITE LINK

TCN (X4)

NODES IN RESERVE

SNE (X4)POP (X4)

TA-6TCN (TAC)STT (MAIN)

INC 1

TA-26

TA-21

SNE(CNRI)

POP

POP

SNE SNE

RHN

TA-17

Classification:Notional SECRET


UNCLASSIFIED

UNCLASSIFIED

Joe [email protected]: (706)791-8806DSN: 780-8806FAX: (706)791-3799


UNCLASSIFIED

UNCLASSIFIED

CyberQuestData Architecture

Introduction

2016/03/15

Ken GroombridgeCTR Support, Cyber Battle Lab

US Army Cyber Center of Excellence & Fort Gordon


UNCLASSIFIED

UNCLASSIFIED33

GDGTRI

Raytheon

CTITHUNDERSTORM

THALES MMR

L3AN/PRD-

13HARRISROCKWE

LL

DCGS

DDS

CPOF

AFATDS

OneSAF FIRESIM ExCIS

NETTWARRIOR

Message Types

From To

PLI OneSAF DDS

PosRPT

GEO

LOB

ENSIT

STATUS

PLI

PLIK05.1

EITCIRONHIDE

Sensor Data

Sensor Data

Sensor Data

Sensor Data

PHASER

EITC

EWPMT

Vendor SA capabilities

Sensor Data

CPOF DB


UNCLASSIFIED

UNCLASSIFIED

Ft. Huachuca

OneSAF Systems

BCCS Stack

DDS CPOF Services

DSGS-A

MC Adapter

OneSAF SystemsOneSAF

SystemsOneSAF SystemsOneSAF

SystemsOneSAF Systems

FireSim ExCIS

Workstation

CPOF Client

MI COP (Ft.

Huachuca)

Google Earth /

Browser

Operational Architecture

AFATDS Client

DSGS-A Client

EWPMT

EWPMT

Enterprise Services

(MS EXCH,SP, SCCM, ETC.)


UNCLASSIFIED

UNCLASSIFIED35

DTSS

GRAPHICS:AFATDS POS-RPTGRAPHICS:AMDPCS POS-RPTGRAPHICS:ASAS-L ENEMY-SIT:GRAPHICS:BCS3 POS-RPTPOS-RPT/*:FBCB2 OBS-POSGEO-REF:FBCB2POS-RPT:GCCS-A GRAPHICS:WEATHER:IMETS GRAPHICS:MCSPOS-RPT:MCS OBS-POSGRAPHICS:MIP POS-RPTGEO-REF:MIP OBS-POSGRAPHICS:TAIS SIGACT:CPOF

CMDS-INTENT:CPOF

(none)

GRAPHICSPOS-RPTTARGET

GRAPHICS:AMDPC SPOS-RPTGRAPHICS:ASAS-L ENEMY-SITGRAPHICS:BCS3 POS-RPTPOS-RPT/*:FBCB2 GRAPHICSPOS-RPT:GCCS-A GRAPHICSGRAPHICS:MCS POS-RPTGRAPHICS:TAIS

AFATDS

DDS Publish

Subscribe

SYNCH

TGS

ENEMY-SIT:POS-RPTGRAPHICS

UAV-VIDEOMTIGROUND-TRACKS

Publish TMC WS

GRAPHICS:AFATDS POS-RPT TARGET:AFATDS AIR-TRK:AMDPCSGRAPHICS:AMDPCS POS-RPTGRAPHICS:ASAS-L ENEMY-SITIND-WARN:ASAS-L CTFPGRAPHICS:BCS3 POS-RPTOPORD:BCS3 COMBAT-PWRTASK-ORG:BCS3 POS-RPT/*:FBCB2OBS-POS:FBCB2 GEO-REFPOS-RPT:GCCS-A GRAPHICSWEATHER:IMETS GRAPHICS:MIP POS-RPTOPORD:MIP ORG-STATTASK-ORG:MIP GEO-REFOBS-POS:MIP IND-WARNGRAPHICS:TAIS ACOUAV-VIDEO:CGS GROUND-TRACKSMTI:CGS SIGACT:CPOF

GRAPHICS POS-RPTOPORD ORG-STATTASK-ORG OBS-POSM-AEXCH

Publish

BFTOBS-POS GEO-REFPOS-RPT/EPLRS POS-RPT/LBANDPOS-RPT/MTS

POS-RPT:AFATDS TARGET:AFATDSPOS-RPT:CBFSA POS-RPT:GCCS-APOS-RPT:MCS

IMETS

GRAPHICS:AFATDS POS-RPTAIR-TRK:AMDPCS GRAPHICSPOS-RPT:AMDPCS GRAPHICS:ASAS-L ENEMY-SITGRAPHICS:BCS3 POS-RPTPOS-RPT/*:FBCB2POS-RPT:GCCS-A WEATHER:IMETSGRAPHICS:MCS POS-RPTOPORD:MCS GRAPHICS:TAIS OBS-POS:CPOF TASK-ORG SIGACT:CPOF CMD-INTENT GRAPHICS:CPOF

WEATHER

SYNCH

S2MC POS-RPT/DTRACS POS-RPT/PANATRACS POS-RPT/STS POS-RPT/VSSTAR POS-RPT/DYNAFLEET POS-RPT/GDMS GRAPHIC OPORD TASK-ORG POS-RPT

GRAPHICS:AFATDS POS-RPTENEMY-SIT:ASAS-L POS-RPT:FBCB2POS-RPT:GCCS-A GRAPHICS:MCSPOS-RPT:MCS OPORDTASK-ORG

Publ

ish

Subs

crib

e

TAIS

GRAPHICS:AFATDS POS-RPTTARGET:AFATDS AIR-TRK:AMDPCSGRAPHICS:AMDPCS POS-RPTGRAPHICS:ASAS-L ENEMY-SITIND-WARN:ASAS-L CTFPGRAPHICS:BCS3 POS-RPTOPORD:BCS3 TASK-ORGPOS-RPT/*:FBCB2 POS-RPT:GCCS-AWEATHER:IMETS GRAPHICS:MCSPOS-RPT:MCS OPORDORG-STAT:MCS TASK-ORGSIGACT:CPOF CMDS-INTENTOBS-POS:CPOF TASK-ORGSIGACT:CPOF CMD-INTENTGRAPHICS:CPOF

GRAPHICS ACO

Publish

Publish

Publish

Publish

PublishSu

bSubscribe

AMDWSAIR-TRK MISSIONGRAPHICS SA-UNITSPOS-RPT SA-SENSORSSA-WEAPONS C-RAMSA-GEOMETRIES

GRAPHICS:AFATDS ACO:TAISPOS-RPT:AFATDS WEATHER:IMETSGRAPHICS:ASAS-L IND-WARN:ASAS-LENEMY-SIT:ASAS-L OPORD:MCSPOS-RPT:BCS3 TASK-ORG:MCSTASK-ORG:BCS3 POS-RPT/*:FBCB2GRAPHICS:GCCS-A POS-RPT:MCSGRAPHICS:MCS GRAPHICS:TAIS

Subscribe

SYNCHPublish

Subscribe

POS-RPT

GRAPHICS

GRAPHICS:AFATDS POS-RPTGRAPHICS:AMDPCS POS-RPTGRAPHICS:ASAS-LENEMY-SITGRAPHICS:BCS3GRAPHICS:MCS POS-RPT:MCS OBS-POS:MCSGRAPHICS:MIP POS-RPT:MIPGRAPHICS:TAIS POS-RPT/*:FBCB2 OBS-POS:MIP OBS-POS:FBCB2 Only non-hostile tracks

GCCS-A

Publish

Subscribe

Subscrib

e or S

ync

CPOF

GRAPHICS:AFATDS POS -RPT:AFATDSTARGET:AFATDS AIR-TRK:AMDPCSGRAPHICS:AMDPCS POS -RPT:AMDPCSGRAPHICS:ASAS -L ENEMY -SIT:ASAS -LGRAPHICS:BCS3 POS -RPT:BCS3

OBS -POS:FBCB2 POS -RPT/*:FBCB2 POS -RPT:GCCS -A

GRAPHICS:GCCS -A GRAPHICS:TAIS ACO:TAIS GRAPHICS:MCS POS -RPT:MCS TASK -ORG:MCS OBS -POS:MCS FSCM:AFATDS

PLANS/ORDERS:AFATDSSALUTE:AFATDS SITREP:AFATDSSPOTREP:AFATDS SALUTE:AMDPCSPLANS/ORDERS:AMDPCSSITREP:AMDPCS SPOTREP:AMDPCSAIR ROUTES:AMPS PRAHICS:AMPSPLANS/ORDERS:AMPSHVT/HPT:ASAS PLANS/ORDERS:ASAS

PLANS/ORDERS:BCS3 SUPPLY STAT:BCS3POSS -RPT:BFT GRAPHICS:BFT

SITREP:BFT SPOTREP:BFTGRAPHICS:DTSS SITREP:FBCB2SPOTREP:FBCB2 GRAPHICS:FBCB2PLANS/ORDERS:FBCB2SALUTE:FBCB2 SITREP:FBCB2SPOTREP:FBCB2 MDMP:GCCS -APLANS/ORDERS:GCCS -ASITREP:GCCS -A GRAPHICS:ISYSCON

PLANS/ORDERS:ISYSCONPOS -RPT:JTCW GRAPHICS:JTCW

PLANS/ORDERS:JTCWSALUTE:JTCW SITREP:JTCWSPOTREP:JTCW PLANS/ORDERS:MCSPLANS/ORDERS:TAIS

OBS -POS:CPOF TASK -ORG:CPOFSIGACT:CPOF CMD-INTENT:CPOFGRAPHICS:CPOF FSCM:CPOFPLANS/ORDERS:CPOFSITREP:CPOF SPOTREP:CPOFPOS -RPT:CPOF MDMP PRODUCTS:CPOF

POS -RPT : FBCB2, MCSOBS -POS : FBCB2

SIGACT : CPOFMTI : CGSGround -Tracks : CGS

UAV VIDEO : CGSTARGET : AFATDSWEATHER2 : IMETSGRAPHICS : MCS, BCS3

DDS Node DCGS-A

ENEMY-SIT (BCS3, AMPS, AMDWS , MCS, TAIS, AFATDS, DTSS )

GRAPHICS ( AMDWS, MCS, AFATDS, CGS, TAIS, DTSS, BCS3

Indications and Warnings ( ? )

Subscribe


UNCLASSIFIED

UNCLASSIFIED36

GRAPHICSPOS-RPTTARGET

GRAPHICS:AMDPC SPOS-RPTGRAPHICS:ASAS-L ENEMY-SITGRAPHICS:BCS3 POS-RPTPOS-RPT/*:FBCB2 GRAPHICSPOS-RPT:GCCS-A GRAPHICSGRAPHICS:MCS POS-RPTGRAPHICS:TAIS

AFATDS

DDS Publish

Subscribe

TMC WS

GRAPHICS:AFATDS POS-RPT TARGET:AFATDS AIR-TRK:AMDPCSGRAPHICS:AMDPCS POS-RPTGRAPHICS:ASAS-L ENEMY-SITIND-WARN:ASAS-L CTFPGRAPHICS:BCS3 POS-RPTOPORD:BCS3 COMBAT-PWRTASK-ORG:BCS3 POS-RPT/*:FBCB2OBS-POS:FBCB2 GEO-REFPOS-RPT:GCCS-A GRAPHICSWEATHER:IMETS GRAPHICS:MIP POS-RPTOPORD:MIP ORG-STATTASK-ORG:MIP GEO-REFOBS-POS:MIP IND-WARNGRAPHICS:TAIS ACOUAV-VIDEO:CGS GROUND-TRACKSMTI:CGS SIGACT:CPOF

GRAPHICS POS-RPTOPORD ORG-STATTASK-ORG OBS-POSM-AEXCH

Publish

BFTOBS-POS GEO-REFPOS-RPT/EPLRS POS-RPT/LBANDPOS-RPT/MTS

POS-RPT:AFATDS TARGET:AFATDSPOS-RPT:CBFSA POS-RPT:GCCS-APOS-RPT:MCS

Publish

Publish

PublishSu

b

Subscribe

Subscrib

e or S

ync

CPOF

GRAPHICS:AFATDS POS -RPT:AFATDSTARGET:AFATDS AIR-TRK:AMDPCSGRAPHICS:AMDPCS POS -RPT:AMDPCSGRAPHICS:ASAS -L ENEMY -SIT:ASAS -LGRAPHICS:BCS3 POS -RPT:BCS3

OBS -POS:FBCB2 POS -RPT/*:FBCB2 POS -RPT:GCCS -A

GRAPHICS:GCCS -A GRAPHICS:TAIS ACO:TAIS GRAPHICS:MCS POS -RPT:MCS TASK -ORG:MCS OBS -POS:MCS FSCM:AFATDS

PLANS/ORDERS:AFATDSSALUTE:AFATDS SITREP:AFATDSSPOTREP:AFATDS SALUTE:AMDPCSPLANS/ORDERS:AMDPCSSITREP:AMDPCS SPOTREP:AMDPCSAIR ROUTES:AMPS PRAHICS:AMPSPLANS/ORDERS:AMPSHVT/HPT:ASAS PLANS/ORDERS:ASAS

PLANS/ORDERS:BCS3 SUPPLY STAT:BCS3POSS -RPT:BFT GRAPHICS:BFT

SITREP:BFT SPOTREP:BFTGRAPHICS:DTSS SITREP:FBCB2SPOTREP:FBCB2 GRAPHICS:FBCB2PLANS/ORDERS:FBCB2SALUTE:FBCB2 SITREP:FBCB2SPOTREP:FBCB2 MDMP:GCCS -APLANS/ORDERS:GCCS -ASITREP:GCCS -A GRAPHICS:ISYSCON

PLANS/ORDERS:ISYSCONPOS -RPT:JTCW GRAPHICS:JTCW

PLANS/ORDERS:JTCWSALUTE:JTCW SITREP:JTCWSPOTREP:JTCW PLANS/ORDERS:MCSPLANS/ORDERS:TAIS

OBS -POS:CPOF TASK -ORG:CPOFSIGACT:CPOF CMD-INTENT:CPOFGRAPHICS:CPOF FSCM:CPOFPLANS/ORDERS:CPOFSITREP:CPOF SPOTREP:CPOFPOS -RPT:CPOF MDMP PRODUCTS:CPOF

POS -RPT : FBCB2, MCSOBS -POS : FBCB2

SIGACT : CPOFMTI : CGSGround -Tracks : CGS

UAV VIDEO : CGSTARGET : AFATDSWEATHER2 : IMETSGRAPHICS : MCS, BCS3

DDS Node DCGS-A

ENEMY-SIT (BCS3, AMPS, AMDWS , MCS, TAIS, AFATDS, DTSS )

GRAPHICS ( AMDWS, MCS, AFATDS, CGS, TAIS, DTSS, BCS3

Indications and Warnings ( ? )

Subscribe


UNCLASSIFIED

UNCLASSIFIED

CyberQuestCyberspace Threat Emulation

(AKA Red Teaming)

2016/03/17Ken Groombridge

CTR Support, Cyber Battle LabUS Army Cyber Center of Excellence & Fort Gordon


UNCLASSIFIED

UNCLASSIFIED

CyberQuest Threat Emulation

Cyberspace Threat Emulation is required to stimulate the sensors in order for them to produce output which in turn is ingested and reported by cyberspace situational awareness tools.


UNCLASSIFIED

UNCLASSIFIED


Goal:

Introduce a plethora of realistic events on the network to stimulate the sensors as to ascertain the information provided by cyberspace situational awareness tools


UNCLASSIFIED

UNCLASSIFIED


Not the Goal:

Determine the security posture of programs of record, sensors, or cyberspace situational awareness tools

Cyberspace situational awareness tools will not be in the scope of the exercise; however, these tools should be programmed with security in mind


UNCLASSIFIED

UNCLASSIFIED


How will this be accomplished:

There will be representative client systems (physical/virtual/both) on the network which will be within scope

Traffic will be sent to and from these systems in order to provide stimulus for sensors


UNCLASSIFIED

UNCLASSIFIED


Event Generation:

Threat emulation events will be preconfigured/scripted so that they can be accurately repeated for each scenario


UNCLASSIFIED

UNCLASSIFIED


Ken [email protected]: (706)791-5245DSN: 780-5245FAX: (706)791-3799


UNCLASSIFIED

UNCLASSIFIED

TRAININGSoldier- Time needed to train one soldier to use your technology

- Number of personnel requiring training to properly demonstrate technology- Equipment available for training- Number of trainers available to conduct training- Training location requirements (computer for power point, indoors, outdoors, tables, etc.)

Soldiers- Special equipment needed to use technology- Equipment available for operations- Number of technicians available for support during the exercise- Operational restrictions (not shock protected, not water proof, etc.)

Execution

CBL Staff - Special equipment needed to support technology (RF white noise needed, SRW network required, etc.)

- Interoperability requirements (specific feeds or networks needed to pass data, etc.)

[ppt]wss.apan.org quest 2016/cq 2016 cwg2... · web view0900welcome dale white, dep dir, cbl. 0915...

Documents