Advanced Emulation Technologies Fuel Cyber Security Capability Development

- A new tool called software virtual networks (SVNs) that enables rigorous
vulnerability testing and training for net-centric comm systems offers answers
for the modern cyber warfighter -









BOSTON, Oct. 15 /PRNewswire/ -- MILCOM 2009 -- Global cyberspace isn't just
the fifth warfare domain - it's the new theatre of war, teeming with invisible
enemies. The sophistication of network attacks is increasing daily, and both
military and civilian communication networks are de facto battlefields, facing
threats from increasingly diverse adversaries that are finding and exploiting
holes in current technologies.


"We have to understand that cyberspace can be shaped, but it cannot be
dominated - because we don't know most of it," says Lt. Gen. William Lord, CIO
of the Office of the Secretary of the Air Force speaking to a meeting of the
AFCEA Northern Virginia chapter on September 18, 2009. "It's a commercial
enterprise, not a military enterprise." Within this environment of rapid
change, the U.S. DoD's pursuit of cyber superiority has spurned a number of
new U.S. defense initiatives that are blurring the lines between the military
services and their traditional roles. "We will never fight alone by service
again," Lord said.


The ability to rigorously vet net-centric communication systems, particularly
the most vulnerable domain of mobile wireless communications, is where a new
class of advanced network simulation and emulation tools called software
virtual networks (SVNs) are coming into play.


Virtual Networks, Real Behavior
First introduced in 2008 by Scalable Network Technologies of Los Angeles, CA,
SVNs are poised to enable the massive cyber security development efforts that
are in the pipeline. SVNs are exact digital replicas of physical networks in
virtual space - indistinguishable from a real network. Unlike traditional
modeling and simulation technology, SVNs are based on emulation, and have the
ability to interoperate with applications, devices, management tools, and
people - at real time speed. SVNs emulate all layers of complex networks that
may involve thousands of nodes, providing cyber security planners and sleuths
high fidelity results that are comparable to physical testing. But unlike
physical test beds, the synthetic networks offer advantages of greater
flexibility, immediacy and much lower cost.


The underlying technology of SVNs is a kernel design that allows these
synthetic networks to operate on every generation of parallel computer
architecture from multi-core PCs to supercomputers. Thus, for the first time,
emulators can scale to the size and complexity of existing and future networks
- providing real time speed and fidelity.


This advancement is analogous to the revolutionary advance that Google(TM)
brought to the search engine world. Correctly anticipating the growth of the
World Wide Web, Google designed its search engine to be inherently scalable
through the power of clusters and farms of computers. In the same way, SNT
predicted that the complexity of on-the-move communication networks would
increase at a much greater rate than the speed of computing power, and
strategically leveraged the power of parallel computing for their network
emulation.


Fast and Realistic Answers
Cyberwarfare is about stealth and speed. Because the volley of attacks and
countermeasures takes place between invisible adversaries, capability
development must focus on a number of fronts: configuring networks for maximum
security; packaging it so that non-experts can use it on the battlefield; and
training deployed personnel to rapidly defend & restore networks and shut down
intruders. "What keeps me up at night are poor browser and SQL database
configurations," says Ray Letteer, head of the Marine Corps' Information
Assurance Division in the Office of the Director, C4/DON Deputy CIO. "My blue
teams that do operational tests keep finding issues, pointing to peer-to-peer
operating systems, people failing to follow policies, and the reliance on
passwords as some of the many ways systems are easily breached."


Cyberwarfare goes beyond secure software and devices. Cyberattacks are
conducted and understood by relatively few, so developing skilled personnel
that are capable of detecting and defending cyber threats is a crucial need.
SVNs accelerate the time-to-solution to these kinds of operational and
training challenges by stress-testing software under real-world attack
scenarios. These finding can then support continuous training and skills
upgrades as well as development of new tactics, techniques and procedures
(TT&Ps) as systems evolve.


Stress-Testing Applications
The interactivity and realism of SVNs extends to software. For example, a
command and control application that will be deployed over an on-the-move
network can be run on top of the SVN so that a warfighter will have the same
experience with that application as they would in the field. Urban, rural, and
mixed environments can be emulated, exposing warfighters and commanders to
realistic encounters in advance. Threats can be injected into the SVN to
stress the application for vulnerabilities, pinpointing code that must be
re-written to close security gaps.


Some progress has already been made in this type of application testing. An
Aviation Week article published in May 2009 described several future attack
devices being built in a U.S. cyber warfare attack laboratory. Capabilities
include software for finding digital weaknesses in virtually any form of
wireless network that combines cyber sleuthing, technology analysis, and
tracking of information flow. These devices also suggest how best to mount an
attack and report results. A by-product of the project is that it jumpstarts
the weaponizing of cyber attack for the non-cyberspecialist military user.


Pre-Deployment Training
SVNs can also serve as laboratories in which to train people to use new cyber
war technology prior to deployment. The long-term vision for cyber war
readiness includes creating decision-support tools that provide situational
awareness and training for warfighters who aren't networking experts.


For example, an actual ground/air/SATCOM network with Link 16 and NET
connectivity can interoperate with an SVN that is delivering a war-gaming
application, simulated network intrusions such as wormholes, blind denial of
service, simulated RF jamming attackers, and the new cyberwar application
and/or device. This level of comprehensive and realistic training experience
enables the honing of individual proficiency and the refining of cyberwar
TT&Ps.


Keeping Ahead of Enemies
As "assets" and "targets" move rapidly to the cyber domain, the very nature of
warfare is being redefined. Superior development technology is the
pre-requisite to staying a step ahead of highly adaptable adversaries.


Scalable Network Technologies will be publicly demonstrating how SVNs can be
used in cyber warfare application at the MILCOM 2009, October 19-21 in Boston,
MA.


For more information on software virtual networks and their application to
cyberwar capability development, contact Scalable Network Technologies at
(310) 338-3318 or info@scalable-networks.com


About Scalable Network Technologies
Scalable Network Technologies (SNT) is the leader in parallel processing
technology for network performance evaluation. The company develops and
supports high-fidelity evaluation software tools used for predicting the
performance of computing and communications networks and network devices. SNT
has created a new category of evaluation tools for today's sophisticated
networks that meets the demand for real-time, real-network performance
testing.


The company's customers include major aerospace and defense contractors, the
U.S. Department of Defense, mobile network operators, as well as research
agencies and universities.


Founded in 1999 and based in Los Angeles, CA, Scalable Network Technologies is
a privately owned corporation. VisNet, QualNet, and EXata are registered
trademarks of Scalable Network Technologies, Inc. More information on the
company is available at http://www.scalable-networks.com.


    Media Contact:
    Camille Cox
    OnRamp Communications
    Voice 805.497.6400
    camille@onrampcomm.com







SOURCE  Scalable Network Technologies

Camille Cox of OnRamp Communications, +1-805-497-6400, camille@onrampcomm.com,
for Scalable Network Technologies