Cyber Threats’ Impact on Mission (CyTIM): Systems Integration ResultsSeptember 2011
Topics: Modeling and Simulation, Cybersecurity
A hybrid approach of mission simulation modeling integrated with a virtual environment to measure a cyber attack’s effect on mission is demonstrated. While existing testbeds aim to support malware and network infrastructure experimentation, this study extends these capabilities with a mission-modeling and control layer that allows the collection of data not only on malicious software’s impact on network infrastructure, but also on the network’s mission analysts and their ability to complete assigned tasks. The operations center use case employed demonstrates that a notional denial-of-service attack on a key router cripples the operators’ mission and delays task processing for hours, specifically 2 to 8 hour delays when chat is used as a mode of communication versus 4 to 12 hour delays when email is used to communicate. The metric end-to-end mission thread response time is demonstrated to help quantify an attack’s severity and could help quantify the success of defenses as well as support a training environment for analysts.