Cyberkinetic Tactical Operations Training
CERT Division of the Software Engineering Institute at Carnegie Mellon University
Bohemia Interactive Simulations recently developed a plugin to enable communication between VBS3 and the cyberLEAPfwd platform, developed by the CERT Division of the Software Engineering Institute (SEI) at Carnegie Mellon University, to create a new cyber kinetic tactical operations trainer. Working with the CERT Division, BISim helped provide the SEI the ability to bring cyber and kinetic training missions together for the first time.
This scenario significantly increased the high school students’ level of engagement.
According to Rotem Guttman, Cyber Security Researcher for the CERT Division, VBS3 was selected for this project because it provided “pre-existing capabilities that helped minimize development for implementing the project.”
In the scenario developed for this project, a high-value target is being held by enemy forces at a compound in a large urban area. A Special Operations team, supported by a cyber warfare team, must infiltrate the town and make it to the compound without engaging enemy checkpoints that are scattered through the area. The cyber warfare team helps guide the extraction team along the safest route through town by using an unmanned aerial system.
Once at the compound, the extraction team must avoid contact with enemies, who may sound the alarm system in the building, triggering a citywide patrol that would ultimately make the exfiltration more difficult. Together with the cyber warfare team, they gain control of the CCTV system in the compound and compromise other systems like lights to allow them to free the hostage and escape safely.
Creating the plugin to enable communication between VBS3 and cyberLEAPfwd allowed trainees to practice hacking systems such as lights and CCTV cameras in real time within cyberLEAPfwd. The system got its first major test during a STEM outreach event in 2016 sponsored by the SEI CERT Division. Held in a state-of-the-art training environment designed for use with U.S. DoD organizations, 75 high school students provided remote cyber support to a team of graduate students portraying Navy SEALs in the hostage rescue scenario using VBS3 and cyberLEAPfwd.
“This scenario significantly increased the high school students’ level of engagement. The students were excited to participate because they became immersed in the scenario and felt like they were in the field,” Guttman explained. “For more technically mature participants, there is a larger benefit in that the system enables them to understand how the cyber and kinetic domains impact each other. For example, you might have a drone feed running through several vulnerable routers. The decision to take these routers offline is dictated not only by the risk they pose but also by the mission they are supporting. Without the mission, you can just take the routers offline without any real thought about the implications to the mission.”
The CERT Division also demonstrated the cyberLEAPfwd and VBS3 cyber kinetic tactic operations trainer as part of the Operation Blended Warrior demonstration during I/ITSEC 2016.
Learn more about cyberLEAPfwd and Carnegie Mellon’s Software Engineering Institute here.
The CERT Division of the Software Engineering Institute (SEI) studies and solves problems with widespread cybersecurity implications, research security vulnerabilities in software products, contribute to long-term changes in networked systems, and develop cutting-edge information and training to help improve cybersecurity.