19 November 2018

Show Me The Battle: Cyber Command Needs Data Fusion, Training Sims & C2


WASHINGTON: What does Cyber Command need industry to invent ASAP? Simulators that capture the full complexity of cyber warfare and command systems that show the virtual battle raging in real time, Lt. Gen. Vincent Stewart said this morning at CyCon US, a US ArmyNATO cyber conference.

It’s an irony of the information age. The US military has plenty of simulators to train pilots, sailors, tank crews, and even foot troops in physical combat. It has plenty of command-and-control systems to feed commanders data on what planes, ships, tanks, and troops are doing in physical operations. But it doesn’t have comparable computer systems to either train for or to control operations in cyberspace — the very kind of conflict where computers are both the weapons and the battlefield.

Here’s irony, squared: Until cyber operators can both train realistically and see the their digital battlespace as clearly as traditional commanders see physicalbattlespace, they’ll be hard-pressed to defend everyone else’s systems. That means hackers could potentially turn off all those screens or, worse, fill them with false data.

Combined Air Operations Center (CAOC), Al Udeid Air Base, Qatar

Drowning In Data

“You cannot go into a combat operations center today without an incredible array of digital displays,” said Stewart, the Marine three-star who’s deputy commander of the newly independent CyberCom. “And everybody believes those digital displays in our combat operations center are absolutely accurate. The ones and zeros that make up the picture on those displays are decision quality ones and zeroes and we’re making life and death decisions on them every single day….What if we’re wrong?”

Lt. Gen. Vincent Stewart

It’s not that cyber operators are short of data on what’s happening in the various networks they are trying to monitor, defend or attack. To the contrary: They’re drowning in data, coming in at high speed from multiple systems — at which point the unaided human brain has to somehow put it all together.

Stewart snarkily called this “carbon-based fusion,” human bodies being mostly carbon and water. That’s as opposed to computers — silicon — automatically fusing the different data streams into a single, clear picture that the human can intuitively understand. The F-35 Joint Strike Fighter cockpit is a model of cutting-edge data fusion among aircraft. Coming up with a command-and-control system that fuses data from across the entire force — land, sea, air, and outer space as well as cyberspace — is the focus of the interservice Multi-Domain Command & Control(MDC2) effort, a personal priority for Air Force Chief of Staff David Goldfein.

But MDC2 is in the future. Today, Cyber Command has a long way to go, Stewart said: “Right, we have X number of digital displays we’re trying to kludge together, with (someone) like me looking at 27 displays and trying to figure where it all connects. Even with smart, experienced, well-trained operators, that takes vital hours, minutes, seconds when the enemy may be moving in milliseconds.”

Just putting all the relevant data together on one screen is a complex problem, not only technically but for policy. “How do you take classified information, meld it with unclassified information, meld with proprietary information from commercial partners” — not to mention data from foreign allies — “and then send that information back out as appropriate to be helpful?” Stewart asked. “If you’re going to bring all that information into the space, you need some sort of integrated cyber picture. Guess what, ladies and gentlemen, we haven’t got an integrated cyber picture.”

“That’s got to be one of our highest priorities: how do we get all of that data, all of the disparate data links we have, the incredible amount of data, and aggregate it in such a way we can put it one place in multiple layers and make sense out of it?” Stewart continued. “So if anyone in industry wants to solve that problem, you might get a buyer.”

Senior defense and industry officials say it may be as long as a decade before a truly representative and useful representation of the cyber battlefield is available.

The Miniature Air-Launched Decoy offers the unique combination of modularity, reliability, and cost efficiency, making this effector a vital weapon in any arsenal.

Cyber Command also urgently needs training simulations that can prepare its operators for the complexity, speed, and interconnection of cyber warfare, rather than narrow technical training in how to use a particular software tool. “We still haven’t created the training environment that challenges us enough,” Stewart said, “where we can get that higher level of analytic thinking because we’re pushing people to their maximum.”

Stewart’s vision for the cyber simulator is ambitious. “Anyone read the book Ender’s Game?” he asked. “We need to build that. Anybody who wants to build that Ender’s Game training environment for cyberspace, you might get a buyer.”

Building the training simulator and building the command-and-control system are actually two different aspects of a single problem: capturing vast amounts of fast-moving information from multiple sources, sorting out the chaff, and presenting the critical data in an intuitive way. Sure, the data coming into the simulator is made up, while the data coming into the command-and-control system is (hopefully) real, but much of the software can and indeed should be the same.

(SPOILER ALERT for a five-year old movie and a 33-year-old novel: The big twist at the end of Ender’s Game is that what the protagonists think is a training simulation turns out to be a command-and-control system sending real troops out to kill and die).

A Navy depiction of the “cyber kill chain”The problem with theEnder’s Game analogy, however, is that the simulation in the sci-fi story was fairly simple: a bunch of ships zooming and zapping in empty space, which is a straightforward physics problem of the kind computers handle easily. It’s much harder for computers to make sense of ground warfare, which is full of irregular terrain and moving objects. (That’s why unmanned aircraft are in widespread service while unmanned ground vehicles still experimental).

Cyber warfare is even harder to visualize, because it occurs in a battlefield that can change shape in seconds if someone shuts down a server, for example, or connects a new system to the wider network. That changing terrain means the effects of your “weapons” — your hacking tools — are unpredictable, potentially cascading from your target to connected systems you may not have intended to affect.

This fluid battlespace is hard for traditional commanders to comprehend, which is why training and command visualizations are so important. “I came on active duty in 1981,” Stewart said. “I had a tank platoon for a while, we were going to go across the Fulda Gap, and we were going to fight tanks versus tanks.”

“When you go off to do combat operations,” Stewart went on, “one of the first things you do is you start talking about battlefield geometry. What are my left and right lateral limits? What is the depth of the battlefield? What’s my terrain look like?”

But “what does the terrain look like in cyberspace?” he asked. In the physical world, if your tank platoon comes to a river, you need to find a bridge or a ford to cross, Stewart said. You can’t just turn the ariver off. If something’s blocking your operations in cyberspace however, maybe you can turn if off.

Capturing that kind of complexity — in training simulations, command-and-controlnetworks, and in the military mind — is going to be a tremendous technical and intellectual challenge.

No comments: