Defensive CYBER Tool Development

Abstract

Defensive Cyber Operations (DCO) and Cyber Situational Understanding (SU) supports the Army Network Modernization Strategy Line of Effort (LOE) Key Enabler for Unified Network. Efforts are aligned to support the Network-Cross Functional Team capability set approach to achieve the network modernization strategy. The DCO budget line includes funding for Program Executive Office Command Control and Communications - Tactical (PEO C3T) Cyber SU and Tactical DCO Infrastructure (TDI); Program Executive Office Enterprise Information Systems (PEO EIS) Defensive Cyber Operations; and Army Cyber Command (ARCYBER) Rapid Cyber Prototyping. Platforms/Levels: * DCO - Tactical DCO Infrastructure (TDI) // (FY21 funds transferred to the Pilot program) // (PEO C3T) * DCO - Cyberspace Analytics // (FY21 funds transferred to the Pilot program) // (PEO EIS) Defensive Cyber Tools and Analytics: * DCO - Mission Planning // (FY21 funds transferred to the Pilot program) // (PEO EIS) * DCO - User Activity Monitoring // (FY21 funds transferred to the Pilot program) // (PEO EIS) * DCO - DCO Development Environment (formerly Forge) (PEO EIS) * DCO - Rapid Cyber Prototyping (ARCYBER) 655041CY5: - Cyber SU provides tactical commanders at Brigade to Army Service Component Command (ASCC) with a broad understanding of Cyber Electromagnetic Activity (CEMA) threats by informing the commander of any cyber related impacts to physical domains, unified land operations, and the overall mission. Cyber SU allows for the visualization and understanding of physical (geographical), logical (at a specific network internet protocol), and cyber persona layers (bad actors, from individuals to nation states) of cyberspace. This is based on data/information from multiple sources and sensors that produce a CEMA overlay on the commander's Common Operational Picture (COP) within the Command Post Computing Environment (CPCE). Supporting CEMA, Cyber SU synchronizes and integrates blue (friendly) cyberspace data, red (enemy), and grey (commercial/private sector), and enables collaboration at the tactical echelon. (PEO C3T) 655041EV5: - Tactical DCO Infrastructure (TDI) is a software-only program, which consists of pre-configured DCO tools residing on the Tactical Server Infrastructure (TSI). The TDI capability will reside within the Command Post at echelon Corps through Brigade for both organic Cyber Network Defenders as well as remote access by Cyber Protection teams (CPT) to support defense of the Tactical Network. (PEO C3T) - Defensive Cyber Operations (DCO) consists of platform and software programs which are key elements of the DCO Maneuver Baseline infrastructure, platform, and tools. The employment of defensive capabilities creates specific effects in cyberspace through actions that allow commanders to achieve the following objectives: deter, destroy, and defeat enemy offensive cyberspace operations; gain time; economy of force; control key terrain; protect tasked critical assets and infrastructure; and develop intelligence. DCO supports the Army Cyber Command (ARCYBER), Army Cyberspace Operations and Integration Center (ACOIC), (5) Regional Cyber Centers (RCCs), Cyber Warfare Battalion (CWB), Multi-Domain Task Force (MDTF), Cyber Protection Brigade (CPB), and (41) Cyber Protection Teams (CPTs) in COMPO 1/2/3. (PEO EIS) - ARCYBER Rapid Cyber Prototyping provides capabilities that can quickly respond to emerging cyber threats and keep up with threat technology. ARCYBER identifies potential development and prototyping efforts via Cyber Needs Forms (CNFs) based on operational feedback, changes in tactics techniques and procedures (TTPs), and trends of adversarial activity. These are separate and distinct from DCO programs identified and are used to rapidly address a network threat/vulnerability. (ARCYBER)

Open PDF

Document Details

Document Type
R2 Budgetary Justification
Publication Date
Oct 01, 2021
Source ID
0605041A_5_2040_PB_2021
Change Summary Explanation
EV5 FY20 Base funding in the amount of $11.600 million was Congressional marks for Restoring Acquisition Accountability (Contract Delays) and Improving Funds Management: Excess Growth CY5 FY21 Base funding in the amount of $23.892 million was aligned for Cyber SU. EV5 FY21 Base funding in the amount of $1.194 million was reduced due to Army priorities.
Service Agency Name
Army

Entities

Organizations

  • United States Army

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Acquisition
  • Application Software
  • Contracts
  • Cost Analysis
  • Cyber Protection
  • Cyber Threats
  • Cyber Warfare
  • Cyberspace
  • Cyberspace Operations
  • Engineering
  • Information Systems
  • Insider Threats
  • Network Protocols
  • Program Management
  • Software Development
  • Systems Engineering
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber

Related Documents