A cyber tool that started at DARPA moves to Cyber Command

Mark Pomerleau

Source Link

WASHINGTON — A critical cyber tool, one that could help military commanders make better decisions during cyber operations and has been in development for many years, has officially transitioned to U.S. Cyber Command.

Project Ike is a prototyping effort that once got its start under the Defense Advanced Research Project Agency under the name Plan X in 2013. It was later moved to the Pentagon’s Strategic Capabilities Office in July 2019 with an award to contractor Two Six Labs for $95 million dollars. Then in early April, the program officially transitioned to a program under the Joint Cyber Command and Control (JCC2) program management office, a Department of Defense spokesperson told C4ISRNET. Ike, will be used to map networks, assess the readiness of cyber teams and command forces in cyberspace.

Project Ike was thought by many to be a precursor to JCC2, which is one pillar of Cyber Command’s Joint Cyber Warfighting Architecture, which will guide how Cyber Command leaders develop and procure capabilities. The Air Force is managing JCC2 on behalf of Cyber Command and the joint cyber force.

Few details about the work of JCC2 program have surfaced in recent years. The Department of Defense requested $38.4 million for the initiative in the fiscal 2021 budget with efforts primarily dedicated toward developing new capabilities, expanding the program office, building up DevSecOps teams for pilot programs at combatant commands, creating a development environment and infrastructure and integrating situational awareness capabilities.

According to the Government Accountability Office and government officials, the JCC2 program seeks to integrate data from a variety of sources to help inform and support commanders’ decisions, measure readiness down to the individual level, visualize cyberspace and provide situational awareness of forces in operations at all echelons.

“[JCC2] allows us to plan, synchronize and assess. How do you stich together your joint campaign plans with your campaign orders and of course your tactical orders and your missions,” Col. Benjamin Ring, director of the Joint Cyber Warfighting Architecture Capability Management Office at Cyber Command, said during a March virtual event. “How do you stich together assessments and effects and successes from your tactical missions and then feed that back into your strategic planning so you can drive and become a learning organization.”

The GAO said in a November report that while the Air Force initiated the program in 2017, it had not yet formally entered the acquisition lifecycle.

JCC2 will rely heavily on information from Unified Platform, another key element of the Joint Cyber Warfighting Architecture.

The Strategic Capabilities spent two years with Two Six Labs building out Ike for Cyber Command, Jeff Karrels, vice president of Cyber and Electronic Systems at Two Six Labs, told C4ISRNET.

When Plan X was transitioned to the Strategic Capabilities Office, it was a specific tactical capability, Karrels said. The Strategic Capabilities Office sought to scale it to the highest strategic levels to drive the visualizations that come from tactical data.

JCC2′s current acquisitions strategy is designed to ingest and integrate prototype, existing and new capabilities, to include Project Ike, an Air Force spokesperson told C4ISRNET.

“JCC2 will leverage the Project Ike prototype as one of the baseline capabilities for battle management and continue to work toward an integrated joint cyber C2 solution.”

With Ike is serving as the baseline architecture for JCC2, Karrels said Two Six Labs envisions JCC2 as an app-based model orchestration platform in which a user can access all types of information and data feeds from a single dashboard to provide better situational awareness and decision aids for commanders. That same information would require multiple systems today.

In the future, he said, Two Six Labs plans to use machine learning to make recommendations for what courses of action a particular commander or cyber team should make. It also could recommend what a potential network could look like in several months from a bandwidth perspective or service interruptions. The system will also allow for a historical look at a network based upon how a previous team accessed and mapped it.

Moreover, from a strategic level, Ike allows commanders to see both offensive and defensive teams operating in cyberspace as well as friendly and adversary forces. This type of command and control in cyberspace is critical from a friendly perspective because multiple teams around the world need to be deconflicted.

Already, Ike is in use by operational forces, Karrels said. While he declined to offer specific numbers, he said it has seen thousands of users.

At the same time, Two Six Labs is continuing to upgrade the program’s software roughly every three weeks, Karrels said.

“We have what we call staging systems that are the next version of code,” he said. “We always have the next version of code running in a staging environment on the proper networks. There’s select members of the community that are interacting with the next version and on a daily basis providing value back of hey it would be nice if it did x, y and z .”