National cyberspace range (NCR) is different from pure military ranges such as jior and jcor built by the US Department of defense. NCR is a "test platform" provided by DARPA for CNCI, which is used for quantitative and qualitative evaluation of various network technologies and security technologies. The main purpose is to provide an innovative, safe and controllable environment for the national network security research organization to test the security of information system in response to CNCI. The Comprehensive National Cybersecurity Initiative (CNCI) of the United States is proposed by the general decree of National Security No. 54 / Executive decree of the president of Homeland Security No. 23 (secret order) issued by President Bush of the United States on January 8, 2008. The plan aims to protect the cybersecurity of the United States, prevent the United States from all kinds of malicious or hostile electronic attacks, and launch cyber attacks against the enemy. On March 2, 2010, at the call of many parties in the United States, President Barack Obama announced high-profile declassification of some of its contents, which we can see.
DARPA, as the concept and researcher of advanced technology, proposes to operate and practice cyberspace security technology such as network attack / defense as scientific research on Cyberspace Security. From the perspective of scientific development, biology has made great progress because of the appearance of microscope, astronomy has made breakthroughs because of telescope, and particle physics has made major breakthroughs because of particle accelerator. In addition, the progress of other major science and technology is inseparable from the tools of observation, measurement and analysis in the process of scientific research. DARPA believes that cyberspace security should also have similar tools for scientific research, observation, measurement and analysis of Cyberspace Security. This tool is DARPA's concept - "national cyberspace range (NCR)".
Based on this concept, it will promote the last revolution in the national network capability of the United States, and accelerate technology transfer to support the CNCI. Therefore, in 2008, as an important part of CNCI, Congress of the United States invested heavily in the national cyberspace shooting range (NCR) project, which will be implemented in four phases to build a real, high-quality measurement, evaluation, inspection platform and environment, allowing different security levels to be carried out at the same time on the shooting range For use by government agencies and the Ministry of defense. Note: as another important part of CNCI, IAR / CSR was approved for construction in 2010. }
The national cyberspace range (NCR) project is different from the pure military ranges such as jior, jcor and CSR combed in the other sections above. Firstly, the national cyberspace range (NCR) project is a comprehensive national resource for military civilian integration and scientific research, test and evaluation. The United States believes that cyberspace security is not only a national defense issue, but also a strategic security issue related to the whole country. Therefore, the national cyberspace shooting range (NCR) project adopts the mode of "top-level design and top-level promotion" in the construction and management of cyberspace, while other purely military shooting ranges are organized and constructed by the US Department of defense, which is not as high as the national cyberspace shooting range (NCR) project in the top-level design. The division of responsibilities of CNCI is as follows:
Table 1 responsibilities of CNCI
Company
Responsible direction
Department of Homeland Security (DHS)
It is mainly responsible for protecting the security of information systems of civil institutions, reducing and merging external access points, deploying passive network sensors, and identifying public and private partnerships
Department of Defense (DoD)
Responsible for monitoring military information system, improving the security of classified network, deploying intrusion prevention system, etc
Office of the director of national intelligence (odnt)
Monitor intelligence community information systems and other intelligence related activities, including the development of government wide cyber counterintelligence programs
Office of science and Technology Policy (OSTP)
To be responsible for providing suggestions on the impact of science and technology on domestic and international affairs and paying attention to the research and development of advanced technology
Source: National Cyber Security Initiative (CNCI)
Secondly, the national cyberspace range (NCR) project not only supports large-scale, national level network test surface, but also small-scale network test surface such as individuals and enterprises, while the US Department of defense cyberspace range only supports pure military level or military civilian integration level. The construction goals and dimensions of the two are different and each has its own focus. Third, under the unified coordination of the National Security Council and the homeland security department, the national cyberspace Initiative (CNCI) of the United States is under the responsibility of multiple agencies according to their directions, involving multiple departments such as national defense, government, industry, etc., and at the same time, it has strengthened cross domain cooperation with the allies; while the cyberspace shooting range of the United States Department of defense is only used as the internal cyberspace training shooting range of the United States military, in order to protect the interests of the U.S The training contents and operational secrets are generally not shared by other industries, departments and allies. Fourth, the first consideration for the construction of the national cyberspace range (NCR) in the United States is the strategic security of the whole country. All security related departments of the U.S. government are required to participate in the implementation of the national cyberspace range (NCR) plan, and actively include enterprises in the construction sequence of the national cyberspace range (NCR); the primary goal of the cyberspace range of the U.S. Department of Defense The second guarantee of network operations is the integration and coordination of military and civilian, the construction and operation subjects of the two are different.
Therefore, the national cyberspace shooting range (NCR) is a research and test support environment for all kinds of users, covering typical applications in various fields and industries, integrating military and civilian. It has the capabilities of cyberspace security system planning demonstration, network security defense technology demonstration verification and systematic security evaluation. The concept system of national cyberspace range (NCR) includes three levels: industry domain, task domain and application domain. In the field of industry, the core of national cyberspace shooting range (NCR) covers government, national defense, finance, telecommunications, industry and other fields to meet the needs of the construction of its cyberspace infrastructure security system and scientific research and testing; in the field of mission, national cyberspace shooting range (NCR) completes the planning, testing and evaluation of Cyberspace Security System through top-level design and system construction In the application field, NCR can provide a series of networked joint applications for all kinds of users, including supporting the construction of national infrastructure security protection system, independent and controllable software and hardware security testing, etc.
The construction of the national cyberspace range (NCR) in the United States is divided into four stages, which will take six to seven years. The implementation plan of the four stages is shown in the table below.
Table 2 national cyberspace range (NCR) implementation plan
stage
Stage one
The second stage
The third stage
The fourth stage
theme
conceptual design
Prototype design
Shooting range construction
Operation management
time
2009.01-09
2009.10-2011.01
2011.02-2012.12
2011.1~
Planning objectives
Initial concept design (ICD)
Preliminary design review (PDR)
Key design review (CDR) demonstration verification
"Total combat capability" (FOC) measurement
Carry out strict system test and make technical preparation for comprehensive operation.
Deliver content
1. Detailed engineering plan
2. System demonstration plan
3. CONOPS operation concept
4. Phase II recommendations
1. Demonstration verification
2. Suggestions for the third stage
3. Suggestions for the fourth stage
Demonstration and verification
Test run
Source: national cyberspace range (NCR) construction plan of the United States
Note: "full operational capability (FOC)" is a military term, including "IOC, initial operational capability" and "comprehensive operational capability". In the implementation plan of the national cyberspace range (NCR), it is indicated that the NCR needs to complete "initial combat capability" and "comprehensive combat capability" in the third phase, such as the tasks, requirements and test of the industry domain, mission domain and application domain described in the NCR conceptual system. After the construction of the national cyberspace range (NCR), through the functional and operational measurement, the goal is to achieve the "initial operational capability". Finally, after the completion of the tactical and practical operation verification, the NCR will have a comprehensive operational capability.
In the whole project construction process of national cyberspace range (NCR), more than 70 US enterprises, scientific research institutes and institutions took the lead in the construction and research of projects in land, sea, air, space, electricity and magnetism. These units include world-famous military giants such as Lockheed Martin, Northrop Grumman, and many multinational companies such as Microsoft, HP, Cisco, Symantec, at & T, McAfee, etc. with ICT industry background, as well as Johns Hopkins University, University of Texas San Antonio, Vanderbilt University, and University of California Berkeley Campus, George Mason University and other universities and research institutions.
In the four stages of NCR project construction: scheme design, prototype design, range construction and operation management. The first phase of the scheme design is mainly shared by seven units, namely BAE Systems, general dynamics, Johns Hopkins University, Lockheed Martin, Northrop Grumman, international science applications and Sparta. The main work is to design the preliminary "national cyberspace range" (NCR) planning scheme and construction scheme. DARPA has set out the basic plan objectives. National cyberspace range (NCR) project contractors will each adopt their own methods and plans to carry out some of the technologies or tasks they undertake, and the technologies or tasks they undertake do not need to explain and integrate the standards, technologies and methods with DARPA, and the intellectual property rights of these contents can be owned by the contractor. Each contractor team will carry out their own technical method research on the part of national cyberspace shooting range (NCR) project at their own office or scientific research test site.
In the second stage, Lockheed Martin and Johns Hopkins University cooperate to build and evaluate the national cyberspace range (NCR) prototype, and study its corresponding communication technology to ensure the stability of the range software and hardware. In this stage, Lockheed Martin mainly conducts comprehensive evaluation by combining the technical content and application system of the range undertaken by each of them in the design stage, and designs the prototype framework and architecture of the national cyberspace range (NCR), and conducts technical testing and evaluation based on this to ensure the integration of the range task content of each of them in the design stage. In addition, the testing and evaluation site in this phase mainly exists in Lockheed Martin company. As for the system integration in the third phase and the final site for the construction of the shooting range, it will be determined by the contractor winning the bid in the third phase and the government through consultation.
In the third stage, a contractor integrates and constructs the national cyberspace range (NCR) system, and evaluates the NCR through a large number of experiments. The third phase of the system integration contractor was Lockheed Martin, which won a total of 140 million US dollars for the construction of the shooting range. In this stage, each contractor team will submit its NCR mission content to Lockheed Martin, the contractor of the third stage, through the interface and standards of the second stage planning, testing and evaluation. Lockheed Martin's organizational R & D personnel will carry out system integration and testing based on the NCR prototype Assessment services. At this stage, as Lockheed Martin continues to win the bid, the final construction location of national cyberspace range (NCR) is located in Orlando, Florida.
In the fourth stage of operation management, according to DARPA's plan, DARPA will transfer the national cyberspace shooting range (NCR) to an operation partner for operation management after the completion of construction and reaching FOC. Time shifted to 2014, when Lockheed Martin completed the construction and completed the measurement of "total combat capability" (FOC) of national cyberspace range (NCR), the fourth phase started. In the fourth phase, Lockheed Martin, based in Orlando, Florida, continued to win the bid, Florida's mission systems and training business group is responsible for planning and operation, so the actual location of NCR is the internal facilities of Lockheed Martin's business group, and continues to obtain the subsequent system maintenance contract until November 2019. The national cyberspace range (NCR), located in this geographic location, consists of four parts: hardware facilities, packaging architecture and operation process, integrated network event tool suite and network test team. According to the plan, other government and military, enterprise or individual scientific research and testing activities can be remotely logged into NCR from jior or or joint mission environment test capability. At this stage, researchers will use the national cyberspace range (NCR) facility to complete experiments in specific fields and test their capabilities as national research and development resources.
Table 3 main units participating in the construction of national cyberspace range (NCR)
Lead unit
Unit advantage
Construction direction
Participating units
Sparta
It is a professional company in the field of system engineering in the United States, which was acquired by the British Cobham company as a subsidiary of Cobham. It mainly provides system engineering and technical services for the US intelligence and missile defense market.
intelligence system
There are 15 cooperative units in total
BAE Systems
It has the first-class system providing ability and mature technology on the naval platform. It is the second largest defense company, the third largest defense aviation company and the third largest electronic aviation company in the world in terms of military aircraft, electronic products, system integration and other technologies.
Electronic system
11 partners in total
General Dynamics (general)
YNAMICS)
It is the largest arms dealer in the United States and one of the national defense contractors. Its main industries are divided into four areas: first, navigation equipment, mainly manufacturing warships and nuclear submarines; second, aviation, including commercial aircraft and fighter planes; third, information system and technology departments; fourth, manufacturing of offensive weapons.
Air system
There are 14 cooperative units in total
Applied Physics Laboratory (APL), Johns Hopkins University
Mainly engaged in civil and military space program research, including missile, air defense and analysis of national security, APL's main responsibility is to provide technical resources for the U.S. Department of defense, NASA and other government agencies.
Space development
9 partners in total
Lockheed
MARTIN)
Currently, it is the largest defense contractor in the United States. The core business areas are system integration, aviation, aerospace and technical services. The company's goal is to become the world's best integrator in aerospace, defense and technical services.
system integration
5 cooperative units in total
Northrop
Grumman)
It is a leading security company in the world and enjoys a high reputation in the field of American military industry.
Safety system
4 partners in total
SAIC Science Applications International (SAIC)
Is a high-tech research and engineering technology company, mainly engaged in computer software development and research, now it has become a comprehensive scientific and Technological Development and research. At present, it is listed among the top 50 large private companies in the United States. The company mainly engages in scientific and Technological Development and research, and generally does not produce products.
software development
12 Partners in total
Source: CCID Research Institute, Ministry of industry and information technology
According to the information released by the national cyberspace range (NCR), the implementation plan of the national cyberspace range (NCR) mentioned above is seriously lagging behind due to the large number of participating units, which leads to serious dissatisfaction among all the US forces and arms and starts to plan and build their own military range. Therefore, since 2010, the construction of the NCR has reached a climax, It has spawned a number of innovation and entrepreneurship enterprises based on the cyberspace shooting range in the U.S. local market.
Although the construction progress is not satisfactory, the fourth phase of the national cyberspace range (NCR) construction task in the United States started in fiscal 2013, when the Deputy Secretary of defense {(USD) was responsible for the procurement, technology and logistics (at & L)} transferred the management right of the national cyberspace range (NCR) from DARPA to the test resource management center (TRMC). Thus, a cooperative operation management pattern is formed based on the executive management right of TRMC and the executive operation right of Lockheed Martin company.
The key capabilities of the national cyberspace range (NCR) of the U.S. military include: using multiple independent security level (mils) architecture to support multiple concurrent tests of different security levels; quickly simulating complex and typical network operation environment (which can realize 40000 high simulation virtual nodes, and support red team, blue team and gray team to provide network traffic or simulation in the exercise but not play an offensive role by itself Or one of the defense roles, as well as various special systems including weapon systems); highly automated, which can significantly improve efficiency, support more frequent and more accurate events; recover all abnormal or damaged systems in the test process; adapt to a wide range of event types and uses (test, training, research, etc.), and support diversified uses The user database can also be connected to other allied infrastructure through jmetc to operate jointly with other military and civilian shooting ranges of the United States.
In 2018, Lockheed Martin again won the national cyberspace range (NCR) upgrade contract of the US military, and continued to update and iterate on the range capability. Lockheed Martin's missile and fire control systems division has signed a $33.9 million network range upgrade contract with U.S. Army command. According to the contract, Lockheed Martin will upgrade and expand the existing capabilities of the national cyberspace range (NCR) to demonstrate and study the most destructive network viruses and the most covert malicious code, and effectively control its transmission within the range of the range of the range to avoid leakage to public or military networks. In addition, NCR will be able to test and evaluate more complex network attack and defense technologies, including malware, Trojan horse programs, active and passive defense means, etc. When Lockheed Martin's capability improvement program is completed, NCR will also have the ability to test new network protocols, satellite and radio frequency communication systems, as well as tactical mobile communication and maritime communication systems.