2020 Year in Review
Virtual Exercise Trains Air Force Mission Defense Teams for Cyber Attacks
As interconnected systems of software and networks have brought the Air Force cutting-edge weapons systems, they have also introduced vulnerabilities to cyber attack. In 2016, to focus on the cybersecurity of some of the Air Force’s most important missions, the Secretary of the Air Force and Chief of Staff of the Air Force directed the establishment of new cyber squadrons to provide mission assurance. The SEI capped its support for these Mission Defense Teams (MDTs) with 2020’s Sentinel Reign IV, a globally distributed, multiparty cyber defense and correlation exercise.
MDTs proactively defend Air Force missions, networks, and weapons systems from cyber attacks. Over the past four years, the SEI’s support of the Air Force Space Command and, later, the Air Combat Command (ACC) has prepared traditional communications squadrons for their new MDT responsibilities. ACC chose the SEI for its proven ability to meet delivery requirements and facilitate realistic war-gaming. SEI team lead Dennis Allen explained, “Our experience building complex virtual networks, instrumenting them with cyber tools, and rapidly transforming requirements into solutions makes us a valuable partner for the Air Force and other services.”
The SEI’s Cyberforce web-based training platform formed the backbone of the ACC’s Sentinel Reign IV, conducted in August 2020. This coordinated cyber-defense exercise assembled MDTs, the ACC’s Cyber Defense Correlation Cell (CDCC), Intelligence Support Squadrons, Operations Centers, and the Cyber Resiliency Office for Weapons Systems. Notional wing commanders and aircraft maintenance personnel were also used to refine workflows, develop incident handling procedures, and improve communication strategies. Training scenarios included nation-state adversaries targeting critical mission systems. Each scenario involved a complex set of threats designed to provide hands-on experience-building opportunities for MDTs.
Sentinel Reign IV was the culmination of years of SEI support for the MDT program. In 2017, the SEI developed an MDT training curriculum, consisting of courses, video-based training, knowledge-based assessments, and hands-on mission rehearsal exercises. The curriculum became a required part of the MDTs’ Initial Qualification Training. Within 18 months, more than 2,300 Air Force MDT users had accessed this content and taken more than 70,000 hours of training. Over the next three years, the SEI grew the MDT mission rehearsal capabilities to incorporate a virtualized Air Force Cyberspace Vulnerability Assessment/Hunter (CVA/H) weapons system; notional F-22, F-16, and Airborne Warning and Control System aircraft simulators; and an Air Operations Center.
The SEI has been extremely instrumental in providing high-speed and succinct development of virtual training environments and online applications to get our MDTs to mission-ready status.Brigadier General Chad Raduege
Director of cyberspace and information dominance & chief information officer, Air Force’s Headquarters ACC
“The SEI has been extremely instrumental in providing high-speed and succinct development of virtual training environments and online applications to get our MDTs to mission-ready status,” said Brig. Gen. Chad Raduege, director of cyberspace and information dominance and chief information officer at the Air Force’s Headquarters ACC. “The simulated aircraft model used in the Sentinel Reign IV exercise to prove the effectiveness of the CDCC is very impressive and will allow wing commanders across ACC to improve cyber defense capabilities, increase overall wing cyber threat awareness, and let commanders make informed decisions about cyber defense.”
The web-based Cyberforce platform enabled five MDTs and other supporting groups, totaling more than 100 people across the globe, to participate and collaborate in the Sentinel Reign IV exercise virtually during COVID-19 travel restrictions. Post-exercise, MDTs can replay each threat scenario, on-demand, within Cyberforce.
The solutions the SEI built for the Air Force are available within Cyberforce for other Department of Defense (DoD) organizations. Many of the open source tools the SEI used to create and deliver these impactful solutions are available in the SEI’s GitHub repository.
In future work, the SEI team plans to improve modeling and simulation prototypes, integrate different weapons systems, expand the threat inject library, and transition technologies that enable mission rehearsal exercises for the ACC and other DoD organizations.
Explore the SEI’s GitHub repository at github.com/cmu-sei.