M&S Support for Cyber Defence
Bert Boltjes
2
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Agenda
Modelling, Simulation & Gaming Supporting Cyber Operations
Tools & Projects Examples
NATO Modelling & Simulation Group 117
Questions
3
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Agenda
Modelling, Simulation & Gaming Supporting Cyber Operations
Tools & Projects Examples
NATO Modelling & Simulation Group 117
Questions
4
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Our background
Modelling, Simulation and Gaming:
Supporting of Ministry of Defence
Advanced Concept Development and Experimentation (ACE)
Cyber Security R&D – in support of:
Ministry of Defence
Ministry of Security and Justice
NATO
5
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Integration in training models
No detailed cyber modelling
Integrating possible effects of cyber ops in CD&E:
Reduced availability
Loss of integrity
Loss of information
Work in progress:
Vulnerability Situational Awareness Tools
Critical Infrastructure Protection Gaming:
Information from real and simulated systems
Lessons learned
Playing “What-if” Scenarios
6
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Agenda
Modelling, Simulation & Gaming Supporting Cyber Operations
Tools & Projects Examples
NATO Modelling & Simulation Group 117
Questions
7
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
TNO’s Cyber Security Expertise
Historically defence-related R&D on information security
Knowledge applied to ‘high profile’ and complex organisations
Information assurance studies in support of MoD
Critical Infrastructure Protection
Vulnerability studies
hacker’s view
Cyber crime
Cyber espionage
Cyber terrorism
/ warfare
Cyber activism
8
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Project Example:
Awareness trainer for Cyber – MoD
MoD: develop a demonstrator that will help raising the awareness
level of the higher-ranked military personnel on Cyber
Result:
WIKI running on the MoDs network with hundreds of annotated
relevant Cyber documents
e-learning package on the MoDs network
scenario packed with multimedia injects to train decision makers in
a table-top simulation game
9
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Track Record Critical Infrastructure Projects:
Deliverables Useful for M&S of Cyber Induced Chain Effects
 DESEREC (EU)
 DIESIS (EU)
 ACRIMAS (EU)
 UrbanFlood (EU), Flood Control 2015 (NL)
 Showcase Veilig Nederland / Secure Haven
10
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Agenda
Modelling, Simulation & Gaming Supporting Cyber Operations
Tools & Projects Examples
NATO Modelling & Simulation Group 117
Questions
11
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
NATO Policy background,
Summit in Lisbon (November 2010):
NATO Heads of State and Government decided to enhance
NATO’s cyber defence capabilities.
“Ensure NATO’s permanent and unfettered access to cyberspace
and integrity of its critical systems”
12
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
Objectives
Investigate and recommend what aspects of Cyber Defence can
be supported with M&S.
Give support to the NATO Computer Incident Response Capability
Next Generation (NCIRC NG)
Activity will focus on:
Education, training, exercise, evaluation.
Conops Development and their validation.
Cyber threat assessment,
enhancing cyber capabilities,
and technical solutions.
13
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
Nations which have agreed to participate:
ACT (NATO),
CAN,
DEU,
GBR,
NIAG (Thales FR),
NLD
USA
Co-Chairs: Mrs Stella Croom-Johnson (GBR), Mrs Marieke Klaver
(NLD / TNO).
Secretary: Mr Frank Jonat (DEU).
14
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
Topics prioritized in the first meeting (September 2012):
1. Decision support system (model) including Course Of Action
analysis
2. Cyber CAX and training programs, after action review and
metrics for training effectiveness
3. Cyber awareness education for personnel
4. M&S environments, synthetic environments, standards,
processes
15
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
Upcoming events:
Second Task Group meeting (February 2013)
Development of Interpanel workshop programme
Interpanel workshop (San Diego, SISO,10 or 11-12 April 2013)
The interpanel workshop will be open for participation.
Will focus on the topics as prioritized by the TG.
The results of workshop will be in a interim technical report.
Contact: scjohnson1@dstl.gov.uk
16
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Questions?
Bert.Boltjes@tno.nl
Marieke.Klaver@tno.nl
hacker’s view
Cyber crime
Cyber espionage
Cyber terrorism
/ warfare
Cyber activism
17
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Reserve slides
18
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
TNO Test-Bed Tools
 ACE: Advanced Concept development & evaluation
(CD&E) Environment.
 Multi-Touch Tables for Situational Awareness
 Building & Populating Virtual Worlds from SATCOM Imagery
and with TNO’s SketchaWorld
 Simulation of Communication Networks
 Flooding & Evacuation modelling
 TNO Publish/Subscribe Enterprise Bus
 Integration of Simulators
And Many More!
19
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
Cyber and modelling and simulation
Training and exercises
some examples
mostly table top exercises
education and training environment for MoD (work in progress)
Concept development and assessment
exploring the possibilities for cyber defence
Models in support of analysis
linked to Critical Infrastructure Protection
EU wide projects
20
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
M&S for cyber: models for analysis
Exploring the role of models in
evaluating different modes of operation
exploring what-if scenario’s
Build on experience with modelling Critical infrastructures
build on past and current EU projects
Exploring the role of specialised model environments, e.g.
COTS environments targeted for cyber simulation
COTS environments for network simulation
Working towards a cyber test range
21
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
National Cyber Defence
Dutch Policy Background
Dutch Cyber Security strategy (February 2011)
an integral approach by public and private parties.
intensify investigation and prosecution of cyber crime.
stimulate research and education.
Defence Cyber strategy - Ministry of Defence (June 2012)
strengthening the cyber defence of the Defence organisation
developing the military capability to conduct cyber operations
intensifying cooperation, both nationally and internationally
22
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
NATO Modelling & Simulation Group 117 (NMSG-117)
Modelling and Simulation experience in research, analysis and
training should be leveraged to assist in Cyber Defence capability.
NMSG-117 will inform and be exploited by national Cyber Defence
initiatives.
Give support to the NATO Computer Incident Response Capability
Next Generation (NCIRC NG)
NCIRC NG operational in 2020.
BERT.BOLTJES@TNO.NL
M&S
23 Support for Cyber Defence
M&S for cyber: CD&E
Experience
the Challenges
Develop Concept
for Solution
Refine Concept
for Solution
Complex
Situation
Implement
Solution
Experience brings change of mind-set
Change of mind-set brings a better solution faster
24
BERT.BOLTJES@TNO.NL
M&S Support for Cyber Defence
M&S for cyber: training and exercises
Scenario exercises
both civil and military scenarios
mostly table top exercises
Some examples
national table top exercises on decision making process on large scale
ICT incidents
cyber exercises at the EU level
awareness trainer – MoD