什么是国家网络安全综合倡议(CNCI)
2008年1月8日,布什总统发布了国家安全总政令第54号令/国土安全总统行政令第23号令,行政令正式提出了“国家网络安全综合倡议”并做出了一系列的工作来进一步保护我们联邦政府系统免受网络攻击和威胁。
CNCI注重三个方面:
•建立一个前沿防御(减少当前的弱点并阻止入侵);
•利用情报和加强供应链安全来防御各种威胁;
•通过加强我们的研究,发展和教育以及在超时代技术上的投入来形成未来环境。
什么是国家网络靶场?
我们国家没有一个专门的场所来开展网络安全实验。国家网络靶场是DARPA为新联邦“国家网络综合倡议”提供一个“测试平台”来为各种网络技术和构想的安全产出定量和定性的评估所做出的成就。我们将为我们国家网络安全研究组织测试信息系统的安全提供一个创新的,安全的可控的环境。
什么是网络威胁?
美国在过去数年中曾经意识到并且对恶意网络活动进行反应。这些活动逐渐变得更加复杂,目标更明确,而且范围更广。
网络威胁并不是一种类型。它们包括大量的恶意活动----从个人黑客行为到有组织的犯罪集团都试图窃取个人或金融信息来探求非法收益,到一些只是侵入一个系统来证明自己能够做到的黑客,到针对政府和业务从事网络间谍活动的国家。而且肯定有恐怖组织寻求劫持和勘测互联网来引起对我们系统和国家非常真实的破坏。
恶意攻击经常用来窃取信息和/或破坏,抵御进入,降低或破坏重要的联邦信息系统。这些攻击至少有可能影响重要的政府系统正常运作。因为我们的社会和经济对信息系统的依赖,所以一个网络攻击可以造成整个国家或世界的严重后果。
我们怎样抵御当前的威胁?
这个是个复杂的问题。
首先---我们当前依赖的许多商业系统是设计用于家庭或小型业务的,而且没有从根本上在危险环境中运作的设计。
第二---随着互联网链接的增长,允许进入更多的领域,这更增加了恶意行为者的数量来进入那些我们家庭或工作所依赖的国家互联的信息系统。
第三---网络对手可以快速适应不断变化的环境,而且可以在他们喜欢的时间和地点进行攻击。
最后,我们所依赖的信息越来越复杂,越互联,而且相互依赖,而且不断增加的技术复杂性增高了保证同样技术安全的困难。
目前实际的网络攻击有那些案例?
我们不会评论对国家安全利益上的实际网络攻击。
为什么有必要发展一个“国家网络靶场”?
科技发展经常因为工具的缺乏来支持观察,测量和分析而受到限制。例如,直到望远镜,显微镜和粒子加速器上有了发展,天文学,生物学和粒子物理才有了重大突破。DARPA正在发展国家网络靶场(NCR)为国家的网络研发技术提供真实,可定性的评估。NCR将促进在国家网络能力上一场革命,而且会加速技术转让来支持CNCI。DARPA正在创建国家网络靶场来保护和防御国家的重要信息系统。利用DARPA的前沿研究历史,NCR将革新大规模网络测试的状态。NCR将为测试和证实超时代网络研究技术和系统提供全自动的靶场和测试管理配套设施,并为新老研究项目提供指导观点。
什么是最主要的逻辑和技术挑战?
大规模网络测试面临无数的技术挑战,这些挑战限制了它的实效性和范围。大规模网络测试因为单调,手动化以及费劲的处理而困难重重。DARPA的NCR的一个关键观点是革新测试靶场资源和测试自动执行的状况。为了促进这个观点,将会发展一个测试靶场资源管理系统来分配和保护靶场资源。
另外,通过创建一个全自动,互动的处理来设计,规划,监控,分析和开展测试,以及一个大量的系统配置计划,或“配方”用于靶场,研究人员可以更有效地利用有限的资源,并且可以开展更多的测试以及更真实的测试。
一个主要的测试难题是对于实际用户的作业环境不稳定性,用户并不按照我们想要的方式来行动;这个是我们将成为综合网络威胁的内容。研制者经常按照基本的假设来创建系统。当我们部署系统时我们发现一些个体“不按规矩出牌”---不受工程师和用户原始假设所限制。NCR将提供一个全面的评估小组为网络测试组织服务。
最后,还有一些额外的技术研究推动力。这些领域设计用来高风险,高回报研究领域可以推动货架网络测试技术基础。这些技术包括加速和减速测试时间的能力。
谁会进行研究和测试?
一些私营,商业和学术机构和实体将发展国家网络靶场。承包商有:BAE系统;通用动力---高级信息系统;约翰霍普金斯大学应用科学实验室;洛克希德马丁公司;诺斯洛普格鲁门---情报,侦查和监控系统分公司;应用科学国际集团;斯巴达公司。
将有什么样的实验在NCR上开展?
NCR将能够测试从个人机器安全到大规模企业测试,要看测试组织的需要和资源的可行性。
NCR将会是什么样子?
DARPA曾经列明了基本的计划目标。NCR承包商每个都有他们自己的方法来计划开展这些目标,而且这些各自不同的方法可能“都不一样”,而且属于承包商私有。
NCR将放置于何处?
每个承包商队伍都将在不同地点开展发展他们自己的NCR方法研究。随着一系列的研究阶段之后,将会选择一个承包商来建立测试平台,而且届时这个承包商将会咨询政府来确定地点。
DARPA会运营靶场多久?
同所有DARPA计划一样,DARPA将会把NCR在以后转让给一个运营合作方。尚无决定谁将运营最终的靶场。
靶场在DARPA结束其工作时是否将成为国家资产?
这个NCR的目的是创造一个国家资产在联邦政府内使用来测试各种网络计划。我们的转让合作方将会建立优先事项。
你们将会制定什么样的测量方法?
这个需要由进行测试的组织按照他们的项目测试需要来规定测量方法。NCR必须要设计以满足各种需要。
可以怎样利用它们来制定增强的保护措施?
经受测试的组织会从测试结果吸取经验。通过对NCR上一系列的测试的观察可以让观察者做出结论,以及可能根据综合的测试观察来推断新的研究领域。
目前的测试怎样进行?
今天的测试是人员密集型,减少了靶场测试范围,增高了成本。而现有的自动化实验系统缺少NCR需要的范围和能力。
活动的日程表是怎样的?
在项目的初始8个月阶段内,承包商将制定详细的工程计划。初期阶段结束时DARPA做出未来计划的决定,计划包括一个进行重大设计评估的第二阶段,以及发展全规模国家网络靶场和开展测试的第三阶段。
翻译/天火
NATIONAL CYBER RANGE
QUESTIONS AND ANSWERS
What is the Comprehensive National Cybersecurity Initiative (CNCI)
On January 8, 2008, President Bush issued National Security Presidential Directive
54/Homeland Security Presidential Directive 23, which formalized the “Comprehensive
National Cybersecurity Initiative” and instituted a series of continuous efforts to further
safeguard our federal government systems from cyber threats and attacks.
The CNCI is focused on three key areas:
• Establish a frontline defense (reducing current vulnerabilities and preventing
intrusions);
• Defend against the full spectrum of threats by using intelligence and
strengthening supply chain security; and
• Shape the future environment by enhancing our research, development and
education as well as investing in leap-ahead technologies.
What is the National Cyber Range?
Our nation does not have a dedicated place to conduct cyber security experiments. The
National Cyber Range is DARPA’s contribution to the new federal “Comprehensive
National Cyber Initiative,” providing a “test bed” to produce qualitative and quantitative
assessments of the security of various cyber technologies and scenarios. We will provide
a revolutionary, safe, instrumented environment for our national cyber security research
organizations to test the security of information systems.
What is the ‘cyber threat’?
The U.S. has been aware of and has responded to malicious cyber activity directed at the
U.S. Government over the past few years. This activity is growing more sophisticated,
more targeted, and more prevalent.
Cyber threats don't come in one variety. They include a very broad range of nefarious
activity -- from a single individual acting as a hacker to an organized criminal group
trying to steal personal or financial information to exploit for ill-gotten gain, to a hacker
trying to breach a system simply in order to show that he or she can do it, to nation states
engaged in cyber espionage against governments and businesses. And, finally, there is
certainly the prospect of a terrorist group seeking to highjack and exploit the Internet to
cause very real damage to our systems and to our country.
Malicious attacks are often used to steal information and/or disrupt, deny access to,
degrade or destroy critical federal information systems. These attacks have the potential
to prevent – at minimum - the efficient operations of vital government systems. Because
of the interdependence of our society and our economy on information systems, a cyber
attack would have cascading effects across the country and across the world.
Why can’t we defend against these threats today?
This is a complex question.
First – many of the commercial systems we rely on today were designed for use in home
and small businesses, and were not designed from the bottom-up to operate in hostile
environments.
Second - with increased Internet connectivity, there is more access from more places,
which offer an ever increasing number of malicious actors access to the Nation’s
interconnected information systems on which we rely at home and at work.
Third – cyber adversaries can adapt rapidly to an ever-changing environment, and are
able to attack at the time and place of their choosing.
Lastly, the information on which we rely is more and more complex, interconnected, and
interdependent, and increasing technological complexity increases the difficulty in
securing that same technology.
What are some examples of today’s actual cyber attacks?
We will not comment on actual cyber attacks in the interest of national security.
Why is it necessary to develop a ‘National Cyber Range’?
Scientific progress has frequently been constrained by a lack of adequate tools to support
observation, measurement and analysis. For example, significant progress was delayed in
astronomy, biology, and particle physics until advances were made in telescopes,
microscopes, and particle accelerators. DARPA is developing the National Cyber Range
(NCR) to provide realistic, quantifiable assessments of the Nation’s cyber research and
development technologies. The NCR will enable a revolution in national cyber
capabilities and accelerate technology transition in support of the CNCI.
DARPA is creating the National Cyber Range to protect and defend the nation’s critical
information systems. Leveraging DARPA’s history of cutting-edge research, the NCR
will revolutionize the state of the art for large-scale cyber testing. The NCR will provide
fully automated range and test management suites to test and validate leap-ahead cyber
research technologies and systems, and provide vision for iterative and new research
directions.
What are the primary logistical and technical challenges?
Large-scale cyber testing has endured numerous technical challenges that have limited its
realism and scale. Large-scale cyber testing has suffered from being a tedious, manual
and demanding process. A key vision of the DARPA NCR program is to revolutionize
the state of the art of test range resource and test automation execution. To facilitate this
vision an automated test range resources management system will be developed to
allocate and protect range resources.
Additionally, by creating an automated, interactive process to design, configure, monitor,
analyze, and release tests, and a vast library of system configuration plans, or “recipes,”
for use on the range, researchers will be more efficient with limited resources and will be
able to conduct more tests and more realistic tests.
A key challenge to testing has been the inability to stress systems in an operational
environment against realistic users, who do not always ‘behave’ as we would like; this is
what we would describe as a full-spectrum cyber threat. Developers often create systems
with basic assumptions. When we deploy systems we discover individuals who think
“outside the box” - unconstrained by the engineer’s and user’s original assumptions. The
NCR will provide a full-spectrum evaluation team as a service to organizations requiring
cyber testing.
Finally, there are several additional technical research thrusts. These areas are designed
as high-risk, high-payoff research areas that have the potential to push the Nation’s cyber
test technology base. These technologies include the ability to accelerate and decelerate
test time.
Who will be doing the research and the testing?
A number of private, commercial and academic institutions and enterprises will develop
the National Cyber Range. The names of the contractors are: BAE Systems; General
Dynamics - Advanced Information Systems; Johns Hopkins University Applied Physics
Laboratory; Lockheed Martin Corp.; Northrop Grumman - Intelligence, Surveillance and
Reconnaissance Systems Division; Science Applications International Corp.; SPARTA.
What kind of experiments will be run on the NCR?
The NCR will be capable of testing that ranges from testing individual machines for
security properties to large-scale enterprise tests depending on the testing organizations
needs and availability of resources.
What will the NCR “look” like?
DARPA has specified overarching program objectives. The NCR contractors each have
their own approach to how they plan to implement these objectives, and these divergent
approaches are likely to “look different” and be proprietary to the contractor.
Where it will the NCR be located?
Each contractor team will be conducting research to develop their NCR approach in
various locations. Following a number of research phases, a single contractor team will
be selected to build the test bed, and that contractor, in consultation with the government,
will determine a location at that time.
How long will DARPA run the range?
As with all DARPA programs, DARPA will transition the operation of the NCR at a later
date to an operational partner. No decision has been made on who will operate the final
range.
Will be it be available as a national asset after DARPA ends its effort?
The vision of the NCR is to create a national asset for use across the federal government
to test a full spectrum of cyber programs. Priorities will be established by our transition
partners.
What kind of measurements will you be making?
It is up to the organization being tested to specify the measurements needed to validate
and verify their program. The NCR must be designed to meet the various needs of the
community.
How will they be used to develop improved protections?
Organizations being tested will learn from the results of these tests. Observations across
a full spectrum of tests on the NCR will enable researchers to make informed
conclusions, as well as potentially infer new research areas from the aggregation of test
observations.
How is testing done now?
Testing today is manpower-intensive, reducing the range of tests that can be conducted
and increasing the costs. While automated experimental systems exist they lack the scale
and capabilities needed for the NCR.
What is the timetable for activity?
During the program’s initial eight-month phase, contractors will develop detailed
engineering plans. At the conclusion of the initial phase, DARPA will make decisions
regarding future plans, which notionally could include a second phase with a critical
design review, and a third phase to develop the full-scale National Cyber Range and start
conducting tests.
2008年1月8日,布什总统发布了国家安全总政令第54号令/国土安全总统行政令第23号令,行政令正式提出了“国家网络安全综合倡议”并做出了一系列的工作来进一步保护我们联邦政府系统免受网络攻击和威胁。
CNCI注重三个方面:
•建立一个前沿防御(减少当前的弱点并阻止入侵);
•利用情报和加强供应链安全来防御各种威胁;
•通过加强我们的研究,发展和教育以及在超时代技术上的投入来形成未来环境。
什么是国家网络靶场?
我们国家没有一个专门的场所来开展网络安全实验。国家网络靶场是DARPA为新联邦“国家网络综合倡议”提供一个“测试平台”来为各种网络技术和构想的安全产出定量和定性的评估所做出的成就。我们将为我们国家网络安全研究组织测试信息系统的安全提供一个创新的,安全的可控的环境。
什么是网络威胁?
美国在过去数年中曾经意识到并且对恶意网络活动进行反应。这些活动逐渐变得更加复杂,目标更明确,而且范围更广。
网络威胁并不是一种类型。它们包括大量的恶意活动----从个人黑客行为到有组织的犯罪集团都试图窃取个人或金融信息来探求非法收益,到一些只是侵入一个系统来证明自己能够做到的黑客,到针对政府和业务从事网络间谍活动的国家。而且肯定有恐怖组织寻求劫持和勘测互联网来引起对我们系统和国家非常真实的破坏。
恶意攻击经常用来窃取信息和/或破坏,抵御进入,降低或破坏重要的联邦信息系统。这些攻击至少有可能影响重要的政府系统正常运作。因为我们的社会和经济对信息系统的依赖,所以一个网络攻击可以造成整个国家或世界的严重后果。
我们怎样抵御当前的威胁?
这个是个复杂的问题。
首先---我们当前依赖的许多商业系统是设计用于家庭或小型业务的,而且没有从根本上在危险环境中运作的设计。
第二---随着互联网链接的增长,允许进入更多的领域,这更增加了恶意行为者的数量来进入那些我们家庭或工作所依赖的国家互联的信息系统。
第三---网络对手可以快速适应不断变化的环境,而且可以在他们喜欢的时间和地点进行攻击。
最后,我们所依赖的信息越来越复杂,越互联,而且相互依赖,而且不断增加的技术复杂性增高了保证同样技术安全的困难。
目前实际的网络攻击有那些案例?
我们不会评论对国家安全利益上的实际网络攻击。
为什么有必要发展一个“国家网络靶场”?
科技发展经常因为工具的缺乏来支持观察,测量和分析而受到限制。例如,直到望远镜,显微镜和粒子加速器上有了发展,天文学,生物学和粒子物理才有了重大突破。DARPA正在发展国家网络靶场(NCR)为国家的网络研发技术提供真实,可定性的评估。NCR将促进在国家网络能力上一场革命,而且会加速技术转让来支持CNCI。DARPA正在创建国家网络靶场来保护和防御国家的重要信息系统。利用DARPA的前沿研究历史,NCR将革新大规模网络测试的状态。NCR将为测试和证实超时代网络研究技术和系统提供全自动的靶场和测试管理配套设施,并为新老研究项目提供指导观点。
什么是最主要的逻辑和技术挑战?
大规模网络测试面临无数的技术挑战,这些挑战限制了它的实效性和范围。大规模网络测试因为单调,手动化以及费劲的处理而困难重重。DARPA的NCR的一个关键观点是革新测试靶场资源和测试自动执行的状况。为了促进这个观点,将会发展一个测试靶场资源管理系统来分配和保护靶场资源。
另外,通过创建一个全自动,互动的处理来设计,规划,监控,分析和开展测试,以及一个大量的系统配置计划,或“配方”用于靶场,研究人员可以更有效地利用有限的资源,并且可以开展更多的测试以及更真实的测试。
一个主要的测试难题是对于实际用户的作业环境不稳定性,用户并不按照我们想要的方式来行动;这个是我们将成为综合网络威胁的内容。研制者经常按照基本的假设来创建系统。当我们部署系统时我们发现一些个体“不按规矩出牌”---不受工程师和用户原始假设所限制。NCR将提供一个全面的评估小组为网络测试组织服务。
最后,还有一些额外的技术研究推动力。这些领域设计用来高风险,高回报研究领域可以推动货架网络测试技术基础。这些技术包括加速和减速测试时间的能力。
谁会进行研究和测试?
一些私营,商业和学术机构和实体将发展国家网络靶场。承包商有:BAE系统;通用动力---高级信息系统;约翰霍普金斯大学应用科学实验室;洛克希德马丁公司;诺斯洛普格鲁门---情报,侦查和监控系统分公司;应用科学国际集团;斯巴达公司。
将有什么样的实验在NCR上开展?
NCR将能够测试从个人机器安全到大规模企业测试,要看测试组织的需要和资源的可行性。
NCR将会是什么样子?
DARPA曾经列明了基本的计划目标。NCR承包商每个都有他们自己的方法来计划开展这些目标,而且这些各自不同的方法可能“都不一样”,而且属于承包商私有。
NCR将放置于何处?
每个承包商队伍都将在不同地点开展发展他们自己的NCR方法研究。随着一系列的研究阶段之后,将会选择一个承包商来建立测试平台,而且届时这个承包商将会咨询政府来确定地点。
DARPA会运营靶场多久?
同所有DARPA计划一样,DARPA将会把NCR在以后转让给一个运营合作方。尚无决定谁将运营最终的靶场。
靶场在DARPA结束其工作时是否将成为国家资产?
这个NCR的目的是创造一个国家资产在联邦政府内使用来测试各种网络计划。我们的转让合作方将会建立优先事项。
你们将会制定什么样的测量方法?
这个需要由进行测试的组织按照他们的项目测试需要来规定测量方法。NCR必须要设计以满足各种需要。
可以怎样利用它们来制定增强的保护措施?
经受测试的组织会从测试结果吸取经验。通过对NCR上一系列的测试的观察可以让观察者做出结论,以及可能根据综合的测试观察来推断新的研究领域。
目前的测试怎样进行?
今天的测试是人员密集型,减少了靶场测试范围,增高了成本。而现有的自动化实验系统缺少NCR需要的范围和能力。
活动的日程表是怎样的?
在项目的初始8个月阶段内,承包商将制定详细的工程计划。初期阶段结束时DARPA做出未来计划的决定,计划包括一个进行重大设计评估的第二阶段,以及发展全规模国家网络靶场和开展测试的第三阶段。
翻译/天火
NATIONAL CYBER RANGE
QUESTIONS AND ANSWERS
What is the Comprehensive National Cybersecurity Initiative (CNCI)
On January 8, 2008, President Bush issued National Security Presidential Directive
54/Homeland Security Presidential Directive 23, which formalized the “Comprehensive
National Cybersecurity Initiative” and instituted a series of continuous efforts to further
safeguard our federal government systems from cyber threats and attacks.
The CNCI is focused on three key areas:
• Establish a frontline defense (reducing current vulnerabilities and preventing
intrusions);
• Defend against the full spectrum of threats by using intelligence and
strengthening supply chain security; and
• Shape the future environment by enhancing our research, development and
education as well as investing in leap-ahead technologies.
What is the National Cyber Range?
Our nation does not have a dedicated place to conduct cyber security experiments. The
National Cyber Range is DARPA’s contribution to the new federal “Comprehensive
National Cyber Initiative,” providing a “test bed” to produce qualitative and quantitative
assessments of the security of various cyber technologies and scenarios. We will provide
a revolutionary, safe, instrumented environment for our national cyber security research
organizations to test the security of information systems.
What is the ‘cyber threat’?
The U.S. has been aware of and has responded to malicious cyber activity directed at the
U.S. Government over the past few years. This activity is growing more sophisticated,
more targeted, and more prevalent.
Cyber threats don't come in one variety. They include a very broad range of nefarious
activity -- from a single individual acting as a hacker to an organized criminal group
trying to steal personal or financial information to exploit for ill-gotten gain, to a hacker
trying to breach a system simply in order to show that he or she can do it, to nation states
engaged in cyber espionage against governments and businesses. And, finally, there is
certainly the prospect of a terrorist group seeking to highjack and exploit the Internet to
cause very real damage to our systems and to our country.
Malicious attacks are often used to steal information and/or disrupt, deny access to,
degrade or destroy critical federal information systems. These attacks have the potential
to prevent – at minimum - the efficient operations of vital government systems. Because
of the interdependence of our society and our economy on information systems, a cyber
attack would have cascading effects across the country and across the world.
Why can’t we defend against these threats today?
This is a complex question.
First – many of the commercial systems we rely on today were designed for use in home
and small businesses, and were not designed from the bottom-up to operate in hostile
environments.
Second - with increased Internet connectivity, there is more access from more places,
which offer an ever increasing number of malicious actors access to the Nation’s
interconnected information systems on which we rely at home and at work.
Third – cyber adversaries can adapt rapidly to an ever-changing environment, and are
able to attack at the time and place of their choosing.
Lastly, the information on which we rely is more and more complex, interconnected, and
interdependent, and increasing technological complexity increases the difficulty in
securing that same technology.
What are some examples of today’s actual cyber attacks?
We will not comment on actual cyber attacks in the interest of national security.
Why is it necessary to develop a ‘National Cyber Range’?
Scientific progress has frequently been constrained by a lack of adequate tools to support
observation, measurement and analysis. For example, significant progress was delayed in
astronomy, biology, and particle physics until advances were made in telescopes,
microscopes, and particle accelerators. DARPA is developing the National Cyber Range
(NCR) to provide realistic, quantifiable assessments of the Nation’s cyber research and
development technologies. The NCR will enable a revolution in national cyber
capabilities and accelerate technology transition in support of the CNCI.
DARPA is creating the National Cyber Range to protect and defend the nation’s critical
information systems. Leveraging DARPA’s history of cutting-edge research, the NCR
will revolutionize the state of the art for large-scale cyber testing. The NCR will provide
fully automated range and test management suites to test and validate leap-ahead cyber
research technologies and systems, and provide vision for iterative and new research
directions.
What are the primary logistical and technical challenges?
Large-scale cyber testing has endured numerous technical challenges that have limited its
realism and scale. Large-scale cyber testing has suffered from being a tedious, manual
and demanding process. A key vision of the DARPA NCR program is to revolutionize
the state of the art of test range resource and test automation execution. To facilitate this
vision an automated test range resources management system will be developed to
allocate and protect range resources.
Additionally, by creating an automated, interactive process to design, configure, monitor,
analyze, and release tests, and a vast library of system configuration plans, or “recipes,”
for use on the range, researchers will be more efficient with limited resources and will be
able to conduct more tests and more realistic tests.
A key challenge to testing has been the inability to stress systems in an operational
environment against realistic users, who do not always ‘behave’ as we would like; this is
what we would describe as a full-spectrum cyber threat. Developers often create systems
with basic assumptions. When we deploy systems we discover individuals who think
“outside the box” - unconstrained by the engineer’s and user’s original assumptions. The
NCR will provide a full-spectrum evaluation team as a service to organizations requiring
cyber testing.
Finally, there are several additional technical research thrusts. These areas are designed
as high-risk, high-payoff research areas that have the potential to push the Nation’s cyber
test technology base. These technologies include the ability to accelerate and decelerate
test time.
Who will be doing the research and the testing?
A number of private, commercial and academic institutions and enterprises will develop
the National Cyber Range. The names of the contractors are: BAE Systems; General
Dynamics - Advanced Information Systems; Johns Hopkins University Applied Physics
Laboratory; Lockheed Martin Corp.; Northrop Grumman - Intelligence, Surveillance and
Reconnaissance Systems Division; Science Applications International Corp.; SPARTA.
What kind of experiments will be run on the NCR?
The NCR will be capable of testing that ranges from testing individual machines for
security properties to large-scale enterprise tests depending on the testing organizations
needs and availability of resources.
What will the NCR “look” like?
DARPA has specified overarching program objectives. The NCR contractors each have
their own approach to how they plan to implement these objectives, and these divergent
approaches are likely to “look different” and be proprietary to the contractor.
Where it will the NCR be located?
Each contractor team will be conducting research to develop their NCR approach in
various locations. Following a number of research phases, a single contractor team will
be selected to build the test bed, and that contractor, in consultation with the government,
will determine a location at that time.
How long will DARPA run the range?
As with all DARPA programs, DARPA will transition the operation of the NCR at a later
date to an operational partner. No decision has been made on who will operate the final
range.
Will be it be available as a national asset after DARPA ends its effort?
The vision of the NCR is to create a national asset for use across the federal government
to test a full spectrum of cyber programs. Priorities will be established by our transition
partners.
What kind of measurements will you be making?
It is up to the organization being tested to specify the measurements needed to validate
and verify their program. The NCR must be designed to meet the various needs of the
community.
How will they be used to develop improved protections?
Organizations being tested will learn from the results of these tests. Observations across
a full spectrum of tests on the NCR will enable researchers to make informed
conclusions, as well as potentially infer new research areas from the aggregation of test
observations.
How is testing done now?
Testing today is manpower-intensive, reducing the range of tests that can be conducted
and increasing the costs. While automated experimental systems exist they lack the scale
and capabilities needed for the NCR.
What is the timetable for activity?
During the program’s initial eight-month phase, contractors will develop detailed
engineering plans. At the conclusion of the initial phase, DARPA will make decisions
regarding future plans, which notionally could include a second phase with a critical
design review, and a third phase to develop the full-scale National Cyber Range and start
conducting tests.
[责任编辑:ldzldz]