A Live-Virtual-Constructive (LVC) framework for cyber operations test, evaluation and training

Current simulations supporting the Net-Centric Test battlespace do not accurately represent the impact of cyber threats and information operations. When cyber threats are considered, they are typically limited to a small number of isolated physical devices. To further limit consideration, insufficient attention is paid to cyber attacks launched on the basis of passive threats like the eavesdroppers or the coordinated threats. Further, the test technologies are typically limited to incorporation of threats that can be realized physically, which limits both the scale and sophistication of representing such attacks; a Live-Virtual-Constructive (LVC) paradigm for modeling of threats is missing. Lastly, for threats such as jamming, wormhole attacks, large-scale Denial of Service attacks, use of physical threats is expensive, since specialized equipment and manpower is required to realize these threats. The net consequence of these deficiencies is to leave a major gap in the DoD test infrastructure with respect to our ability to realistically test the vulnerabilities and resiliency of Blue Force communication architectures to sophisticated cyber attacks, particularly in networks that include both current force & Future Force communication infrastructure. In this paper, we present StealthNet, a Live-Virtual-Constructive (LVC) framework that provides a real-time, hardware-in-the-loop capability for simulation of cyber threats to the entire net-centric infrastructure. It also provides the ability to evaluate the effectiveness of the threats in disrupting Blue Force communications via key performance indicators, i.e. bandwidth, reliability, delay and quality of service metrics. The StealthNet framework provides models for accurate cyber threat simulation at all layers of the networking stack to include passive, active, coordinated and adaptive attacks on networks with hundreds to thousands of wired and wireless components. The LVC technology can stimulate physical Networked-System Under Test (NSUT) with simulated cyber threats that span all the protocol stack layers for real-time testing. Additionally, the framework enables composability with existing Test and Evaluation (T&E) architecture and tools (TENA, SBE environments, etc) to facilitate transition to other T&E programs.