Print

Print


At yesterday’s webcon, I took an action item to start a discussion of how we will categorize the inputs we get from this data call. This will help us organize our report and perform some basic analysis on the data we collect.



Here’s my first cut at that categorization:

  *   Standards
  *   Protocols and architectures
  *   Data
     *   Databases
     *   Authoritative data sources
     *   Data exchange models
  *   Capabilities
     *   Infrastructure and facilities
     *   Software and simulations
        *   LVC – see definitions below
     *   Services
        *   LVC – see definitions below
     *   Hardware, e.g. CDSs
  *   Events
     *   Conferences and workshops
     *   Exercises and demonstrations



Please respond to this email thread with your feedback on this.



Additionally, Gary Waag and I are going to be working on additional metadata, e.g. POC, URLs, etc.



  *   Live: actual real-world assets operating on/with real-world systems and protocols; vulnerable and reachable by attacks, exploits, and performance degradation from the physical and/or simulated domains
     *   Examples:
        *   Real operators, real network devices, real machines, real non-emulated/simulated software
        *   Packet, protocol, or frequency level attack and response launched by real systems and/or live attackers
  *   Virtual: protocol-level fidelity representations of real-world assets where ease of (re)configuration, replication, restoration and physical limitations make a virtual asset preferred over the live one.  There is no physical representation of the real-world system, so a virtual asset only provides a cyber "attack surface," i.e. protocol/packet interfaces, but not asset internals susceptible to attack.
     *   Examples:
        *   Asset emulators running on virtual machines
        *   Automated response of a virtual machine to an attack
        *   Replay of a logged live attack onto the live or virtual systems
        *   Automated or semi-automated attack simulators that replicate the actions of a live red team or real world threat
        *   Accurate (high-fidelity) representations of IA or sysadmin GUIs
  *   Constructive: Parameterized simulated or emulated assets operating on/with simulated systems, but not vulnerable to direct live or virtual exploits and manipulation; characterized by low fidelity global/enterprise-level network and effects representations
     *   Examples:
        *   Simulated internet-scale traffic generation, background noise and high-volume gray-space
        *   Virus infection & worm propagation simulations
        *   Asset representations with simulation interfaces, e.g. HLA FOMs, vs. packet/protocol interfaces
        *   That must be translated or bridged to connect with virtual and live assets



KLM

---

Katherine L. Morse, PhD

Principal Professional Staff

JHU/APL

11100 Johns Hopkins Road

Laurel, MD  20723-6099

(240)917-9602 (w)

(858)775-8651 (m)



On 2/23/18, 6:27 AM, "SIW-SG-CYBERMS on behalf of Derek Bryan" <[log in to unmask] on behalf of [log in to unmask]> wrote:



    This data call requests information from the SG regarding ongoing cyber M&S interoperability activities.



    Requested information includes, but is not limited to, information exchange (standards, protocols, databases, APIs, etc.), working groups, and events (conferences, workshops, exercises, etc.).  Initial inputs can be high level pending additional information requests from the SG.



    Please respond via the Cyber M&S reflector and send any attachments to Derek Bryan ([log in to unmask]) and/or Katherine Morse ([log in to unmask]) for uploading to the digital library.



    Inputs requested by 3/16/2018.



    ########################################################################



    To unsubscribe from the SIW-SG-CYBERMS list, click the following link:

    https://discussions.sisostds.org/index.htm?SUBED1=SIW-SG-CYBERMS&A=1



########################################################################

To unsubscribe from the SIW-SG-CYBERMS list, click the following link:
https://discussions.sisostds.org/index.htm?SUBED1=SIW-SG-CYBERMS&A=1