DAHLGREN, Va. — We don't build ships, we turn them into warships.
As a new cybersafe ship looms on the horizon, this maxim describing the Navy Warfare Center mission may need rebranding.
The Naval Surface Warfare Center Dahlgren Division (NSWCDD) is leading the creation of a ship like no other — a virtual cyber testbed called USS Secure — in conjunction with three Navy system commands, cyber defense leaders, and experts from coast to coast.
Moreover, the test bed is designed to make the Naval Sea System Command (NAVSEA) Warfare Centers' vision — turning ships into cybersafe warships — a reality.
"The Navy really needs USS Secure and this is the right way to go," NSWCDD Commanding Officer Capt. Brian Durant told USS Secure builders at a final planning conference here in January. "What you're doing today and what will be fleshed out and executed in the next few months will be briefed to senior Navy leadership."
In all, 28 cybersafe shipbuilders — from NAVSEA Warfare Centers at Dahlgren, Philadelphia, Corona, and Crane; Naval Air Systems Command (NAVAIR) Warfare Centers Lakehurst and Patuxent River; National Cyber Range, the Defense Department’s Test Resource Management Center, Joint Staff, and the Navy Red Team — are collaborating on an inaugural test exercise slated for March 2016.
The event will test USS Secure's ability to replicate a naval combatant in a system of systems environment. It will also determine the effectiveness of USS Secure's real and virtual systems to simulate live systems so the combatant's cyber defense capabilities can be evaluated without impacting real-time performance requirements.
“This test will give us a snapshot view of the existing interface configuration from the adversary point of view, specifically the Navy Information Operations Command Navy Red Team and the National Cyber Range Penetration Team,” said Dennis Schaeffer, NSWC Philadelphia cybersecurity systems engineer for hull, mechanical and electrical systems aboard Navy nuclear aircraft carriers. “The results of the exercise will provide input into our current plans for improving the defense of the system over time.”
Throughout the test, NAVSEA’s Integrated Warfare Systems Engineering Directorate will assess the adequacy of USS Secure to deliver an operationally realistic test bed for cyber certifications and future cybersafe test activities.
“We can use the USS Secure distributed test environment to test multiple systems located in different geographic areas without trucking racks of equipment to different labs and warfare centers,” he added.
In effect, Schaeffer and his USS Secure collaborators are creating a multi-enclave test environment to enable the Navy’s development, evaluation, and testing of cybersecurity concepts and technologies to defend mission critical systems at sea and ashore.
“USS Secure is the first collaboration among major systems commands to simultaneously join forces to address cyber problems for the Navy,” said Chuck Campbell, USS Secure project manager. “Follow on activities will add fidelity and representative systems into the varying enclaves to ultimately instantiate an entire strike group — surface, subsurface, and airborne.”
For years, the Navy has been challenged with its warships failing cyber vulnerability assessments. Navy commanders are very limited in the types of malicious cyber testing they are allowed to support on their ships, operational platforms, or systems because of the platform’s accreditation or certified configuration.
Campbell believes the USS Secure test bed resolves a myriad of challenges from a platform’s initial design and development to testing, evaluation and deployment.
“The long term goal of USS Secure is to provide the Navy with the ability to conduct system of system cyber-focused research, development, test and evaluation,” said Campbell. “We cannot afford to wait until operational testing or after a capability is fielded to expose cyber issues in our Naval systems as it’s too costly and time consuming to address them that late in the acquisition lifecycle.”
Once deployed to protect the Fleet with its cyber defense systems, USS Secure and its crew of cyber experts from the military, government, and private sectors will work to immunize Navy surface, undersea, and air warfare systems against the effects of a cyberattack and can rapidly recover when systems are impacted.
"Cyber has added a whole new domain to war fighting — the adversary is attacking us differently, so we need to defend ourselves differently,” explained Keith Jordan, NAVAIR Cyber Warfare Detachment AIR-4.8 cyber lead. “USS Secure gives us an environment to do that. It’s a collaborative effort to enable both vulnerability and adversarial assessments in very complex system of system architectures.”
NAVAIR and NAVSEA officials anticipate that USS Secure will enable engineers to address cybersecurity holistically across the entire platform so that cybersecurity in the combat system extends to the hull, mechanical, electrical, and other enclaves.
“This distributed environment facilitates labs from multiple DOD organizations to test concurrently and enable us to assess risk at both the platform and mission level," said Jordan. "By utilizing the distributed environment, USS Secure permits us to leverage unique capabilities only found in certain locations. The collaboration between the Navy system commands (NAVSEA, NAVAIR, and the Space and Naval Warfare Systems Command), as well as other Navy and DoD organizations has been like nothing I've seen before. Cyber is an enormous challenge — with tentacles in all disciplines — and it’s going to take us all working together to address it.”
NSWCDD cybersecurity engineer Adam Simonoff — upon receiving the Navy’s Information Management/Information Technology Excellence Award in February 2014 for his impact in developing the initial concept behind USS Secure — said he anticipates USS Secure's availability throughout DoD and the Department of Homeland Security to protect and defend the nation's critical infrastructure in addition to the transition of its cyberdefense technologies to the fleet.
"Our men and women in uniform will be able to execute their mission trusting their automated systems to communicate reliable information and return home to their families and loved ones," Simonoff added. "For the Navy, it means increasing maneuverability in cyberspace to execute the assigned mission undeterred by a cyberattack. For DoD, the nation is well served because America's Navy stands available 24/7, even in the face of a cyberattack."
The USS Secure research was conceptualized utilizing Naval Innovation for Science and Engineering (NISE) funds. The NISE program provides the DoD science and engineering organizations the capability to develop and transition technology as well as develop the workforce and enhance laboratory facilities and equipment.
"NSWCDD and its partner warfare centers will prepare the U.S. Navy to successfully operate in the challenging cyber combat domain by providing technical leadership in the design, development, integration and certification of combat and weapons systems that integrate required cyber warfare (defensive, offensive and situational awareness) capabilities across the full range of military operations," said NSWCDD Cyber Lead Chris Nerney. "We will partner with cyber professionals, facilities and external partnerships to support the investigation of promising new cyber technologies, the development and integration of those technologies into existing programs of record, and the testing and certification of weapon, combat and warfare systems that support missions across all warfighting domains."
NSWCDD, a NAVSEA warfare center division, is a premier research and development center that serves as a specialty site for weapon system integration. The command's unique ability to rapidly introduce new technology into complex warfighting systems is based on its longstanding competencies in science and technology, research and development, and test and evaluation.