Army simulates battlefield environment in labs to prepare for cyber threats

By Nancy Jones-Bonbrest, PEO C3T and Matthew C. McVey, SoSE&I

ABERDEEN PROVING GROUND, Md. (August 4, 2014) — As new technologies are introduced into the Army’s network, they are evaluated during semi-annual, Soldier-driven operational exercises in the mountains and desert of Fort Bliss, Texas, and White Sands Missile Range, N.M.

Though the Soldier-executed test is the focus of these Network Integration Evaluations (NIEs), the overall success of the effort rests heavily on lab-based planning and integration testing back at Aberdeen Proving Ground, Md., where months of risk reduction activities and evaluations are conducted prior to the operational event.

After all, if the capability doesn’t work in the lab, it’s not going to work in the field.

Now, as systems integration has become more complex and cyber attacks pose a greater risk to the Army’s tactical network, the labs have evolved with the threat. New efforts are underway this summer to identify, understand and defend against unseen threats prior to the actual testing of systems at the NIE.

“We’re incorporating the cyber piece earlier than ever before,” said Lt. Col. Carlos Wiley, the integration and execution division chief for the Army System of Systems Integration and Engineering Directorate (SoSE&I). “By leveraging the power of our integrated lab facilities, our goal is to re-create the battlefield network environment and mitigate risks before equipment reaches the hands of the Soldiers.”

Building on lessons learned from previous NIEs, which required Soldiers to monitor their tactical computer network and defend against realistic threats, the federated labs on Aberdeen’s Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) campus are, for the first time, taking a coordinated system of systems approach to lab based risk reduction, including cyber security. The Army’s goal moving forward will be to close as many capability and security vulnerability gaps as possible prior to the NIE by identifying, troubleshooting and mitigating them in the lab environment.

 

Systems to be tested or evaluated at the Network Integration Evaluations (NIEs) must go through the C4ISR Systems Integration Laboratory or CSIL. This spring, the lab established a fully integrated battalion Tactical Operations Center, where problems can be followed and addressed from beginning to end - and in the same manner they would occur in the field.  (Lab Photo by Edric Thompson, CERDEC)

Systems to be tested or evaluated at the Network Integration
Evaluations (NIEs) must go through the C4ISR Systems Integration Laboratory
or CSIL. This spring, the lab established a fully integrated battalion
Tactical Operations Center, where problems can be followed and addressed
from beginning to end – and in the same manner they would occur in the
field.
(Lab Photo by Edric Thompson, CERDEC)

“At the NIEs there will be a ‘red’ team that will act as the enemy, and use all means expected of a hostile threat to hack into the network and supporting systems,” said Jennifer Zbozny, chief engineer for the Program Executive Office for Command, Control and Communications-Tactical (PEO C3T), which fields the tactical network. “The main goal is to get our systems hardened and interoperable before we deploy them to the Soldier. Anything we get back from the red team or the NIEs is a good thing, because it means we found it before we deploy it to the field.”

In preparation for this fall’s NIE 15.1, SoSE&I and PEO C3T for the first time coordinated the deployment of a ‘blue’ team of friendly hackers to the labs in order to help systems find as many cyber vulnerabilities as possible prior to NIE. This early blue teaming effort adds an extra layer of cyber hardening for systems.

The combined power of the federated labs provides engineers the opportunity to replicate a portion of an actual brigade and test dozens of systems in parallel in the network environment that each system will eventually be deployed in. Engineers can then isolate individual systems and issues and focus on interoperability not only on a quiet network, but also on a network loaded with the terrain, weather and other challenges found in the NIE environment.

Currently, the labs spread out across the C4ISR campus are linked directly through fiber optic connectivity — allowing each facility to efficiently leverage the resources and test systems as if all of the assets from each different lab were located at a single site. They enable the Army to continually measure performance and interoperability among government and industry systems, supporting an integrated and incremental approach to fielding the tactical network.

“We know that as new technologies are brought into the Army’s network, it’s essential they not only work individually, but they work as part of the larger system of systems,” Wiley said. “Program managers often do testing on their systems separately. But when you bring all those systems together to run on the Army’s networks, we tend to identify things they could not have found during their individual developmental tests.”

Also new for this NIE cycle is a measure of performance framework with specific metrics to address trends in the network as part of lab based risk reduction prior to using those metrics at the NIE. One of the facilities where the information will be observed is known as the PEO C3T Tactical Systems Integration Facility (TSIF), which simulates the challenges of the battlefield while conducting risk reduction for the PEO C3T systems that form the backbone of the Army’s network. These metrics will be analyzed in tandem with traditional Soldier surveys and instrumented test data collected at the NIE to produce both quantitative measurements and qualitative feedback that will be used to track network improvement as the Army executes future events.

All the risk reduction and cyber hardening efforts will lead up to the Army's Network Integration Evaluation (NIE) 15.1 to be held in October and November at Fort Bliss, Texas, and White Sands Missile Range, N.M. At this NIE, the Army will focus on an operational test for Warfighter Information Network-Tactical (WIN-T) Increment 2, the Army's mobile network backbone, while also evaluating a limited number of other solutions proposed by government and industry. (NIE Photo by Nancy Jones-Bonbrest, PEO C3T)

All the risk reduction and cyber hardening efforts will lead up to
the Army’s Network Integration Evaluation (NIE) 15.1 to be held in October
and November at Fort Bliss, Texas, and White Sands Missile Range, N.M. At
this NIE, the Army will focus on an operational test for Warfighter
Information Network-Tactical (WIN-T) Increment 2, the Army’s mobile network
backbone, while also evaluating a limited number of other solutions proposed
by government and industry. (NIE Photo by Nancy Jones-Bonbrest, PEO C3T)

“The Soldier survey is vital, but when you add in the technical measures of performance, it adds rigor to the overall evaluation of the system,” Zbozny said. “If a Soldier says a system didn’t work, we can look back at the metrics and tell them why it didn’t work.”

These metrics include cyber protection, speed of service, message completion, bandwidth consumption and others that the Army is now building into the network earlier in the process. Following the work in the TSIF, any system tested or evaluated at the NIEs must go through the C4ISR Systems Integration Laboratory, or CSIL, which provides an advanced lab environment for engineers to integrate and assess new capabilities that vendors provide and propose to the Army be used on the tactical network. This spring, the lab established a fully integrated battalion Tactical Operations Center, where problems can be followed and addressed from beginning to end – and in the same manner they would occur in the field.

“Our work at the CSIL gives us an early look at how a system will perform once it’s integrated into the network for NIE,” said Scott Newman, program director, Systems Engineering and Integration Communications-Electronics Research, Development and Engineering Center (CERDEC) Space & Terrestrial Communications Directorate (S&TCD). “This approach allows issues to be fixed on site, decreasing time and expenses.”

The risk reduction and cyber hardening efforts that have been coordinated and executed over the past four months will lead up to the NIE 15.1 to be held in October and November at Fort Bliss, Texas, and White Sands Missile Range, N.M. At this NIE, the Army will focus on an operational test for Warfighter Information Network-Tactical (WIN-T) Increment 2, the Army’s mobile network backbone, while also evaluating a limited number of other solutions proposed by government and industry.

“By mitigating risks early and establishing cyber hardening efforts during development, the network will be better poised to meet today’s challenges as well as tomorrow’s uncertain conflicts,” Wiley said.

Subscribe to Access AL&T is the premier online news source for the Acquisition, Logistics, and Technology (AL&T) Workforce. Subscribe