Minutes of Situation Identification and Threat Assessment, SITA in-house review When: 0800-1200 Tuesday, July 26, 2011 Where: Building 3 RIE1 Conference Room Who: Local in-house team members of the Situation Identification and Threat Assessment, SITA Effort. Name Mike Manno Jamey Swistak George Tadda Sheila Rakowski Joan Zelinski Matt Jacobs Mike Hinman Melissa DePasquale Kathie Canarelli Moises Sudit John Salerno Joel Seif Brian Hudson Company AFRL AFRL AFRL AFRL ALION ALION AFRL CUBRC CUBRC CUBRC AFRL ITT ITT Effort SITA SITA SITA Collection Requirements Support Collection Requirements Support Hypothesize Potential Adversary Actions Hypothesize Potential Adversary Actions Hypothesize Potential Adversary Actions SITA Determine Adversary Opportunity and Intent Determine Adversary Opportunity and Intent Agenda To provide a technical status overview of each effort since the Kickoff Meeting in May. Each of the components would be briefed by their Program Manager with the exception of Mercer University, and Distributed Infinity. For this in-house review it was decided that it would not be necessary for outside contractors to travel to Rome. Both Mercer University and Distributed Infinity provided status slides that were presented for discussion. Meeting Minutes Meeting started at 0800. o Status was provided for the in house servers. This equipment has been staged and a switch is currently being configured, should be operational within a week or two. o Status was provided for the Virtual Terrain Editor. Although basic functionality exists, robustness lacks. At this point, it will be included with the SITA 0.0 baseline for test/comments/feedback. o Status was provided for the Knowledge Models for SA applications, part of Mercer University research. Mercer has been looking at network scanning tools such as Nmap for IPs, ports, plus service and version data, and type of device. Nessus to validate the finding from previous scanning, and get detailed vulnerability information, and LanTopolog, to get the “Physical” connections retrieved using SNMP. o Status was provided for the Adversary Intent Modeling effort with Distributed Infinity. Distributed Infinity has been coordinating with CUBRC to incorporate their output of possible adversary actions. AIM combines the red opportunity information from HPAA with Red intent from the game engine to output a “Likelihood” for red actions. There were some discussions on the difference between the work that ITT is doing, and the Adversary Intent Modeling piece. John’s idea for intent is now to proceed with the CUBRC/Distributed Infinity for intent and have ITT provide intent as well to compare against. It was determined that DD254’s should be filled out for these efforts. There were some discussions to try to determine what is common across all domains, Air, Cyber, and Space. Action Items (AFRL Lead) Enhance the Configuration Tool for the Model Editor. Using the ECCARS tool as a starting point, provide to CUBRC to allow them to integrate their components for a single Configuration Tool. Schedule meetings between ITT, CUBRC, Alion, and Distributed Infinity to Discuss Intent, Collection Requirements, Configuration Management, and a Code Walk-Through. The code baseline should be installed prior to this meeting. Install Baseline. This should allow us to make changes, modify code, rebuild the system, and rebuild the Metrics. Have another recurring in-house review. This will probably be scheduled after the coordination meetings, sometime in late September. DD254’s Schedule Halo/Conference Call between RH and Scout SITA Schedule of Meetings Action Items Date 8 August 12 August 12 August 15 August Description Meeting with ITT, CUBRC and Distributed Infinity to Discuss Intent Meeting between Alion and CUBRC for Information Requirements Meeting between Alion and CUBRC for Configuration Management Code Walk-through Location RIE 1 RIE 1 RIE 1 RIE 1 Time 1300-1600 0900-1200 1300-1600 0900-1600 White Board Capture Baselines (Text Version) Visualization (initial) VTE Intent API Information Requirements Conf Manager (JMS) Model Editor Metrics Reproduce metrics Config System Demo new Capability Data Requirements Process Version 1.0 Version 1.0 Version 1.0 Version 2.0 (31 December) Version 2.0 Version 2.0 Version 2.0 Version 2.0 Version 2.0 Version 1.0 Version 2.0 Version 2.0 Version 2.0