Tackling Verification and Validation Techniques to Evaluate Cyber Situational Awareness Capabilities

Author(s):

Salvador Llopis Sanchez Jorge Maestre Vidal David Sandoval Rodriguez-Bermejo Ramis Pasqual de Riquelme Francesco Torelli Roumen Daton Medenou

Journal

MDPI AG

Abstract

Since cyberspace was identified as a domain of operations, defence practitioners started a race with academy, researchers, and industry and military organizations working together towards defining related lines of capability development (e.g., DOTMLPFI) and exploring the needs and opportunities they entail. An essential cornerstone of adapting to the convergence of the cyber domain with conventional theaters of operation is the need for producing tools for easing to acquire cyber situational awareness (CSA), from which human operators shall be able to perceive, reason and project situations and events observed in cyberspace that may vertically/horizontally propagate from technological to tactical, operational and strategic planes. Benefiting from the higher maturity level of civilian capabilities for cybersecurity, the military sector has embraced the challenge of creating related beyond state-of-the-art CSA enablers that comprise the existing technological background while adopting concepts such as operations, missions or courses of action (CoAs), properly aligning them with military doctrine. Beyond ongoing development efforts, there is a wide methodological gap in the lack of suitable CSA verification and validation (V&V) frameworks, which are expected to analyze if related capabilities meet the requirements to operate in the military context; at the same time supporting the thorough development life-cycle of brand new cyber defence technologies. With the motivation of closing the identified gap, this research introduces a novel V&V framework able to guide the evaluation of CSA-related tools, which makes converge purely military aspects with dual-use state-of-the-art V&V approaches. Three core CSA evaluation concepts are discussed in-depth: software, operational and application tests. They range from the daily application of new capabilities to their ability to enable the acquisition of a joint operational picture understandable by human decision makers. © 2022 by the authors.

Concluding remarks

The presented research has delved into raising difficulties, challenges and gaps related with the evaluation of CSA acquisition tools. The assessment on capabilities for related dual-use solutions have been reviewed, concluding that the state-of-the-art lacks consolidated mission-centric CSA validation enablers. With the purpose of contributing to their development, a novel verification and validation framework to assist a proper evaluation has been introduced, which proposed three core assessment concepts: software tests, operations and applications. The first concept covers the proper technical implementation of the capabilities, the second concept describes the core functionalities for supporting CSA acquisition (perception of the operational environment, assessment of vertically propagated threats from cyberspace to the mission plane, and support to decision-making), and the third concept studies the applicability of the solutions in terms of users’ acceptance and the quality of their acquired operational picture. The proposed method has been presented as a general-purpose mission-centric solution applicable to heterogeneous cyber defence tools, being open to expansion, modification and any other change that the singularities of a particular CSA enabler and its end-user operators require. Although efforts have been made to cover all the perceived essential aspects, it is expected that further enhancements and upgrades will tentatively make it a better fit to the particularities of certain cross-cutting operational domains or functionalities, thus projecting its applicability in the short, mid and long term. The authors want to highlight that this paper brings together extensive research and synthesis work, in some cases with very few (or non-existent) precedents. Since cyber defence is an emerging research field still with many challenges and technological/analytical gaps, it is expected that the presented research outcomes establish the grounds for future related works, as well as incentivizing further research actions.

Reference details

DOI

10.3390/math10152617

Resource type

Journal Article

Year of Publication

2022

ISSN Number

2227-7390

Publication Area

Dual-use cybersecurity

Date Published

2022-07-27

URL

https://www.mdpi.com/2227-7390…

How to cite this reference:

Llopis Sanchez, S., Maestre Vidal, J., Sandoval Rodriguez-Bermejo, D., Pasqual de Riquelme, R., Torelli, F., & Daton Medenou, R. (2022). Tackling Verification and Validation Techniques to Evaluate Cyber Situational Awareness Capabilities. MDPI AG. https://doi.org/10.3390/math10152617 (Original work published)