As the military services seek to optimize training through the use of Live, Virtual, and Constructive (LVC) Training, several issues always seem to arise as tough, technical challenges that could limit the effectiveness of this training domain. Chief among these is how each individual service is looking to provide security for their training environment due to the fact that there is no unified standard across the Department of Defense (DoD). To help provide insight into the road ahead, we sat down with Colonel Walt Yates, the USMC’s Program Manager for Training Systems (PM TRASYS) to discuss this topic in our latest Q&A.
Naylor: The need for increased security in our distributed training networks has become an emergent requirement for our armed services as they seek to train in a secure environment. What is the Marine Corps’ view on how we should approach this requirement?
Col Yates: Borrowing from Simon Sinek’s bestselling book we should “Start With Why” before getting to how to accomplish the task. In every system, enclave, and network the “why” behind cybersecurity is the policy implemented by OMB and DoD to achieve adequate security. “Adequate security” means security protections commensurate with the risk resulting from the unauthorized access, use, disclosure, disruption, modification, or destruction of information.
I cannot speak for the Marine Corps’ Senior Information Security Officer but my own belief is that the approach to achieving adequate security will rely on two basic strategies which are segmentation of closed enclaves from larger networks and the encryption and encapsulation of data in distributed VPNs tunneled through our enterprise networks. End-point encryption is relatively inexpensive and we should use it liberally. The vulnerabilities that are effectively mitigated by logically isolating a network enclave rather than individually applying patches and engineering changes to the system inside the enclave is a very cost effective approach to achieving adequate cybersecurity in many cases.
A large percentage of our distributed training requirements can be accomplished inside an enclave that does not exchange data with external systems. When there is a specific requirement for the exchange of data between training enclaves, the data exchange should be as small as possible. In most cases the data exchanges required between a training enclave and operational systems can be accomplished through minimal levels of access controlled through PPSM (ports, protocols, and services management. By conducting training inside closed enclaves and limiting external data exchanges, the edge devices that comprise the ”attack surface” are minimized. The former Commandant of the Marine Corps, General Robert Barrow, is famously quoted as observing that, “Amateurs talk tactics but professionals discuss logistics.” I believe that you could draw an analogy to that adage in cybersecurity which is “Amateurs talk about touching the network but professionals discuss PPSM.”
Naylor: Can you describe the USMC’s current efforts or programs to help tighten cybersecurity in its LVC infrastructure?
Col Yates: At present, the Marine Corps does not have a persistent distributed LVC training capability infrastructure that covers all four elements of the Marine Air Ground Task Force (MAGTF). Only the Aviation Combat Element (ACE)has a persistent distributed training network. We are in the process of developing the LVC Training Environment Capability Development Document (CDD), which will describe the cybersecurity concept for a distributed enclave purpose-built for training. While the CDD is not complete, my personal belief is that the enabling network infrastructure for the LVC-TE is a logically separate network enclave sharing the same physical backbone as our Marine Corps Enterprise Network. The key components to realizing a persistent distributed training enclave are physical security measures at the sites where training systems are hosted and end-point encryption to enable operation at the appropriate security levels.
Naylor: What can industry do to assist in clarifying or defining the standards for increased cybersecurity in the LVC domain?
Col Yates: I believe that we have strong standards defined by NIST and CNSS and many effective implementations of those standards in industry developed simulations, tools, and products. The challenges as I see them are to determine precisely what constitutes adequate security for a specific training event based on the sensitivity of the data, the hosting environment for the exercise, and a clearly defined understanding of where the edges and endpoints are for users and administrators. This includes determining requirements for cross domain data exchange.
Underestimating the security requirements will result in higher probabilities of exploitation and more serious impacts resulting from exploitation. Overestimating security requirements for a training environment will result in specifications for security controls that are, at best, overly expensive and, at worst, unaffordable. Accurately identifying what constitutes adequate security means looking at our training systems and exercises through the eyes of the enemy and employing the enemy’s risk-reward calculus. That is a different mentality from simple penetration testing.
Naylor: How is the USMC working with the other services to come up with a standard or program that would enable a secure LVC environment across the services?
Col Yates: As we flesh-out the LVC-TE Capabilities Development Document, TECOM Capabilities Directorate, and PM TRASYS are regularly discussing our capability definition and potential approaches with our Army counterparts in PM ITE. The PM for LVC IA has shared some very helpful lessons that the Army learned in developing the LVC-Integrating Architecture and we are trying to borrow what we can from the Army’s tools and tailor them where possible to meet the Marine Corps’ training requirements. LVC training was designated a Joint Interest capability by the JROC in 2005 and the planning has always been predicated on interoperability between the services. In specific exercises and locations we already federate Marine Corps simulations with Army simulations. The Marine Corps was the last branch of the armed force to join the Joint Live Virtual and Constructive Federation four years ago and we have built live range training instrumentation on the safe joint standards as the Army using the Live Training Transformation architectural standards in order to have interoperability.
I’d like to thank Colonel Yates for taking time out of his busy schedule to discuss these issues with us to help give us a better picture of where the USMC is looking to go with their LVC efforts. As Colonel Yates points out, the future of LVC involves bringing all of the services together along with the capabilities inherent in industry and academia to provide a robust, secure environment for our future training needs. We will continue to engage the services in the coming months to continue to explore opportunities, like Operation Blended Warrior, where all those parties can come together to help build an LVC environment that provides this required capability.