National Cyber Range Prototype to Be Developed; APL Chosen As One of the Prime Contractors

By George Berkheimer, STAFF WRITER

The Johns Hopkins University Applied Physics Laboratory (APL) in Laurel was recently chosen as one of two prime contractors that will enter the second phase of the Defense Advanced Research Projects Agency (DARPA)'s National Cyber Range (NCR) project.
The cyber range project is DARPA's contribution to the new federal Comprehensive National Cyber Initiative (CNCI) that aims to safeguard federal government information systems from cyber threats and attacks.
The goal of the NCR program is to revolutionize the state-of-the-art of the nation's cyber testing technology to develop a computer systems test bed. That would enable cyber scenarios to be evaluated simultaneously to provide comprehensive, qualitative and quantitative assessment of the security of information and automated control systems that are under development.
Ultimately, the NCR will provide a safe, fully-automated and instrumented environment for national cyber security research organizations to evaluate leap-ahead research, accelerate technology transition and provide a dedicated place to conduct cyber security experiments.
In Phase I of the NCR program, DARPA oversaw the creation of initial conceptual designs, concepts of operation, and detailed engineering and system demonstration plans.
Phase II calls for the agency and its contractors to build and evaluate prototype ranges and their corresponding technology. In January, DARPA awarded a $24.7 million contract to APL and a $30.8 million contract to Lockheed Martin Simulations, Training & Support of Orlando, Fla., to continue their work.

Crucial Technology
"APL has already built several dedicated cyber test beds for specific experimentation needs of the Department of Defense," said Peter Dinsmore, APL's principal investigator for the project. "The National Cyber Range is the next generation of technology for our cyber experimentation portfolio and will allow us to better serve the research and development community."
Tim Galpin, APL's business area executive for Infocentric Operations, said the second phase of the DARPA National Cyber Range effort is closely aligned with APL's strategic initiatives to enable the development of national cyberspace operational and warfighting capabilities.
"In our view, measurement and analysis are crucial elements of ensuring the success of the cyberspace mission," Galpin said.
Andy Thompson, APL's program manager for the project, said that the 11-member APL National Cyber Range team is prepared to meet DARPA's national program objectives.
In Phase II, which commenced in early January, CenGen and Drakontas joined the APL team that, in Phase I, included Raytheon BBN Technologies, OPNET Technologies, Applied Visions Secure Decisions Division, Verizon Business Federal Network Systems, Skaion Corp., the Idaho National Laboratory, Sandia National Laboratories and the University of Utah.
"The National Cyber Range will revolutionize the nation's ability to evaluate the security of our research programs," said DARPA Program Manager Michael van Putte. "The NCR program is developing revolutionary capabilities for cyber experimentation including a fully-automated, secure range to validate leap-ahead cyber research technologies and systems, as well as provide vision for iterative and new computer security research directions for the community."

Assessing the Threat
According to DARPA spokesperson Johanna Jones, neither DARPA nor its contractors are discussing the details and scope of the NCR program or the nature of the cyber threat at this time.
However, a fact sheet posted on DARPA's web site does provide more detail. According to this information, malicious cyber activity directed at the United States government is growing more sophisticated, more targeted and more prevalent. Threats range from solitary hackers to organized criminal groups looking to profit from fraud and nation states engaged in cyber espionage against governments and businesses.
Malicious attacks are often used to steal information/to disrupt, deny access to, degrade or destroy critical federal information systems and could have a cascading effect across the country and across the world.
The prospect of terrorist groups seeking to highjack and exploit the Internet to cause damage to our nation and its infrastructure is also a growing threat.
The fact sheet goes on to note that most commercial information systems used by home and small businesses were not designed to operate in hostile environments.
Moreover, increased Internet connectivity has enabled more access from more places, increasing the number of malicious actors who can adapt rapidly and attack at the time and place of their choosing.

Overcoming Limits
DARPA's fact sheet notes that large-scale cyber testing is currently limited in realism and scale due to numerous technical challenges, while testing is manpower-intensive, reducing the range of tests that can be conducted and increasing the costs.
Although automated experimental systems do exist, they lack the scale and capabilities needed for the NCR.
By creating an automated, interactive process to design, configure, monitor, analyze and release tests, and a vast library of system configuration plans, DARPA's goal is for researchers to be more efficient with limited resources and be able to conduct more tests and more realistic tests.
Additional research thrusts of the project are designed as high-risk, high-payoff research areas that have the potential to push the nation's cyber test technology base, including the ability to accelerate and decelerate test time.
The NCR's capabilities will range from testing individual machines for security properties to large-scale enterprise tests depending on the testing organization's needs and availability of resources.
Each contractor team will be conducting research to develop its NCR approach in various locations. Following a number of research phases, a single contractor team will be selected to build the test bed, and that contractor, in consultation with the government, will then determine a final location for the cyber range.
DARPA will transition the operation of the NCR at a later date to an operational partner. No decision has been made on who will operate the final range.
The vision of the NCR is to create a national asset for use across the federal government to test a full spectrum of cyber programs. Priorities will be established by DARPA's transition partners.