slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
October 29-31, 2008 Jim Marshall , Utah State University Research Foundation PowerPoint Presentation
Download Presentation
October 29-31, 2008 Jim Marshall , Utah State University Research Foundation

Loading in 2 Seconds...

play fullscreen
1 / 18

October 29-31, 2008 Jim Marshall , Utah State University Research Foundation - PowerPoint PPT Presentation


  • 113 Views
  • Uploaded on

CyberSMART Scenario Modeling And Reporting Tool Technologies for Critical Incident Preparedness Conference 2008. October 29-31, 2008 Jim Marshall , Utah State University Research Foundation Ernest Drew, Dennis McGrath , Norwich University Applied Research Institutes Chris Fogle , Delta Risk.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'October 29-31, 2008 Jim Marshall , Utah State University Research Foundation' - robbin


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

CyberSMARTScenario Modeling And Reporting Tool Technologies for Critical Incident Preparedness Conference 2008

October 29-31, 2008

Jim Marshall, Utah State University Research Foundation

Ernest Drew, Dennis McGrath, Norwich University Applied Research Institutes

Chris Fogle, Delta Risk

acknowledgments
Acknowledgments
  • The development team would like to thank the following individuals for their support of the project:
    • Douglas Maughan, PhD/DHS Science & Technology Directorate
    • Glenn Fiedelholtz, Annabelle Lee/DHS National Cyber Security Division
    • John Foti, Tracy Carruth, Scott Keifer, Bridgette Spencer Walsh/Booz Allen Hamilton
    • Tim Guerriero and the Massachusetts “Mass Panic” Exercise Team
  • Contract No. NBCHC060088
  • The underlying concepts presented today are protected under patents or other means by the team members.
team experience
Team Experience
  • Livewire/DHS
  • TOPOFF/National Exercise Program
  • Bulwark Defender/Air Force
  • State, Regional, and Local Exercises
  • International Exercises
cyberstorm ii national level exercise
CyberStorm II: National Level Exercise
  • Conducted March 10-14, 2008 in Washington, DC by DHS National Cyber Security Division (NCSD)
  • $6.4M Budget
  • Five Countries
  • 18 Federal Departments and Agencies
  • 40+ Private Sector Companies
  • 1,800 Detailed Scenario Events (“injects”)
cyber exercise challenges
Cyber Exercise Challenges
  • Participation is voluntary; players may withdraw if their expectations aren’t being met.
  • Player perception of risk:
    • Security breaches
    • Embarrassment
    • Return on investment
  • For the players to find the exercise credible, (1) the scenario must be true to life and (2) the events should not contradict each other.
  • Events should proceed at a pace that engages each player without overwhelming him.
  • The flow of events must not overwhelm the control team.
  • The scenarios are complex, the events themselves may not be observable to some of the participants, the problem chains are often non-intuitive.
exercise types
Discussion-Based Exercises

Seminars

Workshops

Tabletop Exercises (TTX)

Games

Operations-Based Exercises

Drills

Functional Exercises

Full-Scale Exercises

…involves mobilization and response

Exercise Types

CyberSMART is suitable for both types of exercises.

cybersmart scope
CyberSMART Scope

CyberSMART

Scenario

Validation

Initial Decision

Exercise Objectives

MSEL

Exercise Execution

After Action Analysis

Scenario Development

Exercise Inputs

Example:

Needs Assess-ment

Ground Truth

Gamespace Definition

Game Space

Scenario Planning

approach
Approach

The CyberSMART Methodology Aligns to HSEEP Milestones and is Organized

according to Three Parallel and Iterative Planning Tracks

features
Features
  • Developed tool around the scenario design concepts outlined above
  • Web-based tool that can be used by a distributed team
  • Users can query, edit, save their own scenarios
  • Participant data is segregated within the system, access based on user roles and authentication
  • Validation/visualization tools allow users to view scenarios and timelines as they develop, check for inconsistencies, etc.
planning view and data view
Planning View and Data View

The Planning View guides users through the planning process. The Data View focuses on objectives, gamespace, and scenario.

Data View:

Organized

Functionally

Planning View:

Organized

Chronologically

beta testing
Beta Testing
  • Vermont State-Level Exercise, December 2007
  • NCSD Support Contractor Focus Group, December 2007
  • Massachusetts “Mass Panic” State-Level Exercise, May 2008
cybersmart hosting
CyberSMART Hosting
  • CyberSMART is currently hosted on a server at Utah State University
  • Planned for hosting on FEMA’s Homeland Security Exercise and Evaluation (HSEEP) Toolkit website
    • At FEMA’s request, the team drafted an annex to the HSEEP guidance documents titled “Cyber Exercises”
    • Currently at FEMA in draft status
contact information
Contact Information

Jim Marshall

Space Dynamics Laboratory

Utah State University

(435) 797-4725

jim.marshall@sdl.usu.edu