Replicating the complexity of thousands of globally interconnected network systems is a challenge faced by researchers developing tools to protect our nation against the growing threat of cyber attacks. Sophisticated attacks as well as adaptive malware have the ability to devastate defense and commercial networks. DARPA was tasked by the Comprehensive National Cybersecurity Initiative (CNCI) to “establish a front line of defense against today’s immediate threats by creating or enhancing…the ability to act quickly to reduce our current vulnerabilities and prevent intrusions” (National Security Presidential Directive 54 (NSPD)-54) .
Under the National Cyber Range (NCR) program, DARPA has developed the architecture and software tools for a secure, self-contained testing capability to rapidly emulate large-scale complex networks that match the depth and diversity of real-world networks. The capability, demonstrated at scale with an operational prototype, will enable realistic testing and evaluation of new cyberspace concepts, policies and technologies by the Department of Defense (DoD) and other federal entities. DoD’s Strategy for Operating in Cyberspace, released in July 2011, highlights the NCR’s role in DoD’s pursuit of revolutionary cyberspace technologies.
The NCR complements federal cyber testing capabilities by providing rapid and automated configurability and scalability for users across the government. It should provide a 5-10x reduction in the time and cost to test and evaluate new cyber tools while improving confidence in the real-world performance of these tools, a vital feature considering the extremely dynamic and evolving real-world cyber threat. The NCR is designed to allow potentially virulent code to be introduced and tested on the range without compromising the range itself. Additionally, multiple experiments will be able to run on the range simultaneously at different security levels, maximizing the range’s use across government agencies.
The NCR program began in 2009 and has been developed in three phases. The current phase (Phase II-B) will involve operation and beta testing of the prototype range; enhancing existing software tools to ensure that the range hardware and software are stable and to allow for a seamless transition; developing a business model for sustainable range operation beyond fiscal year 2012; and to transition the range and associated technologies to USCYBERCOM and other government organizations.