IT 2 EC 2020 IT 2 EC Extended Abstract Template Presentation/Panel IT 2 EC 2020 – Cyber Training Architecture, Enabling Digital Twin Environments Amit Kapadia 1 , Rick Osborne 2 , Brian Vermillion 3 1 Chief Engineer, U.S. Army PEO STRI, Orlando, United States 2 Simulation Engineer, The MITRE Corporation, Orlando, United States 3 Simulation Engineer, The MITRE Corporation, Orlando, United States Abstract — In 2019, The U.S. Army Program Executive Officer for Simulation, Training and Instrumentation (PEO STRI) released an initial cyberspace operations training platform prototype called the Persistent Cyber Training Environment (PCTE). The PCTE platform includes tools to rapid ly create ‘Digital Twins’ that replicate cyberspace operational environments in a virtualized platform for the Cyber Mission Force (CMF) to execute realistic training and mission rehearsals. PCTE is laying the groundwork for these virtualized assets to connect to real world physical security assets such as industrial controls systems (ICS) that are otherwise not practical to emulate. To address this challenge, PEO STRI and the larger DoD cyber training community are utilizing an evolutionary architecture to rapidly integrate PCTE with real world physical security assets. This paper introduces evolutionary architecture and discusses the cyber training community’s approach for evolving a cyber training architecture over time while simultaneously delivering capability to the CMF. the approach, enabling the realistic replication of a ‘Digital 1 Introduction Twin’ environment . In 2019, The U.S. Army Program Executive Officer for 2 Evolutionary Architecture Simulation, Training and Instrumentation (PEO STRI) released an initial cyberspace operations training platform prototype called the Persistent Cyber Training In the US Department of Defense (DoD), the failures of Environment (PCTE). The PCTE mission is to solve following waterfall / big design up front (BDUF) significant U.S. Department of Defense (DoD) gaps — development processes are well known [1]. According to specifically, the capability to effectively plan, prepare, and the Standish Group 2018 Chaos Report: execute Cyber Mission Force (CMF) training. Today, CMF training scenarios are manually deployed on a variety of cyber training range resources using varying The results for all projects show that agile projects enjoy a 60% greater chance of success than non-agile technologies that often lack fidelity, interoperability, projects. Looking deeper, we find that “waterfall” reusability, and the ability to scale to support projected projects are three times more likely to fail than agile CMF demands. The PCTE platform addresses these gaps by delivering tools to rapidly create ‘Digital Twins’ that projects. replicate cyberspace operational environments in a virtualized platform for the CMF to execute realistic Eliminating BDUF on an agile project does not mean no training and mission rehearsals. PCTE provides architecture at all. To align with agile, the architecture of virtualized cyber assets, tools, and environments to a system should evolve continuously over time, while manage and deploy them as a service through a web simultaneously supporting the needs of current users. An application accessible anywhere for members of the CMF. evolutionary architecture supports incremental, guided Additionally, PCTE is laying the groundwork for these change as a first principle across multiple dimensions [2]. virtualized assets to connect to real world physical security Here are some of the characteristics of an evolutionary assets such as industrial controls systems (ICS) that are architecture [2]: otherwise not practical to emulate. To address this challenge, PEO STRI and the larger DoD cyber training community are utilizing an evolutionary architecture to Modularity and Coupling : Support for modularity, enables separating components along rapidly integrate PCTE with real world physical security assets. This paper introduces evolutionary architecture well-defined boundaries. and discusses the cyber training community’s approach for evolving a cyber training architecture over time while Organized Around Business Capabilities : simultaneously delivering capability to the CMF. The Components / services implement a single approach allowed the CMF to utilize an ICS asset in a business domain capability, increasing cyber training event a mere 7 months after agreement on modularity
IT 2 EC 2020 Presentation/Panel IT 2 EC Extended Abstract Template 2. Cyber ranges provide high fidelity persistent Experimentation: Allows for several versions of the same service to run at the same time, enabling environments and remote physical assets such as the Virtualized Joint Regional Security Stacks, and ICSs, A/B testing and Canary releases. respectively. PCTE is rapidly adopting a microservice architecture [3] Given the key assumptions, here are the steps for evolving which is an evolutionary architecture that allows for incremental change. The microservices architecture is a the cyber training architecture to integrate PCTE with external cyber assets. design approach that enables rapid releasing of software by developing an application from a collection of loosely coupled services. Each service provides a single business 1. Select Use Case(s) : Define and select a use case (s) capability. Figure 1 depicts the PCTE business that describes the expected user interaction with capabilities which are provided by microservices. For remote cyber asset via PCTE web interface. This example, PCTE has a content repository microservice that activity includes storyboarding as well as writing allows the end users to Discover cyber training content. epics / user stories that articulate the desired functionality. It is important to only select 1-2 use cases to avoid a BDUF and evolve the architecture overtime. Figure 2 depicts the high-level use cases for leveraging an external range asset in a cyber training event. It also depicts the touch points between PCTE and cyber ranges that will likely result in the development of an API to achieve the use case. The cyber training community is using this diagram to identify and select use cases for agile prototyping (i.e. Fig 1. PCTE Business Capabilities Step 2). The remainder of this section describes how PCTE has met the characteristics of an evolutionary architecture. Modularity and Coupling : Each service provides a Well-defined RESTful [4] API to facilitate third party integration. Organized Around Business Capabilities : As mentioned earlier, most services implement a single business capability such as Content Discovery and Scheduling. Fig 2. PCTE Use Cases with External Range Assets Experimentation : The PCTE architecture could 2. Agile Prototyping : PCTE leverages agile support running multiple versions of a service. development process to pilot interoperability efforts PEO STRI is currently adopting OpenShift [5] with a crawl, walk, run approach. This activity (i.e. Kubernetes) to better support A/B testing [6] includes implementing the use cases and supporting and canary releases. Architecture / APIs. 3 Approach Figure 3 is a high-level depiction of the PCTE agile development process, which is based on Scrum [7]. Scrum is a widely used framework for iterative Prior to elaborating the approach for evolving the cyber product development. The use cases selected in step training architecture to create ‘Digital Twins’ , we need to 2 serve as the requirements backlog for building establish two key assumptions. interoperability with remote external range assets. The requirements will be validated and implemented 1. PCTE is the single platform for CMF to conduct all iteratively through an agile integration process led by cyber training. External range assets are leveraged in PEO STRI for PCTE. As shown in Figure 3, this training via PCTE. process focuses on quickly producing demonstrable products between PCTE and external ranges through a sprint, validating the usefulness with the user
Recommend
More recommend
