Agile Methods For Improved Cyber Operations Planning




Cyber Range, Cyber Security, War Game, Agile Methods, Scrum


Cyber Ranges provide an interactive simulated environment of hardware and software for simulation. This closed environment provides a safe and legal environment where cyber warfighters can refine their skills. They enable mock cyber mission rehearsal of operation playbooks. Simulated cyber capabilities in the cyber range parallel the intelligence, surveillance, and reconnaissance (ISR), Order of Battle (OOB), and battle damage assessment (BDA) in a closed, safe environment for experimentation. Scrum has been used in collegial cyber competitions with success because it has allowed Capture-the-Flag cyber games to create quicker simulations. Defense Innovation Units (DIUs) are using agile Scrum processes to numerous warfighting areas in order to make them more agile. This research argues that the agile software development processes could be used to optimize the planning and execution of offensive, defensive, and operation and maintenance (O&M) of cyber warfare simulations within cyber ranges. O&M can be done quicker, new exploitable modules can be includer more rapidly, and the capability can be reconstituted to the appropriate skill level for the next set of trainees quicker. The White team as maintainers of the networks, systems, applications and cyber tools select the CVE exploits and spend an enormous amount of time installing and configuring these capabilities for the next set of trainees. Quite often, there are different skill levels which require multiple builds and the ability to refresh the cyber range with varying levels of cyber trainee complexity. This requirement to restore the cyber range quickly with a variety of builds, varying levels of difficulty, and ensure the experiential learning is maximized with the best availability lends to agile methods such as Scrum could lend to improvements with cyber operations. This research will illustrate how a cyber range could leverage agile Scrum processes to provide an improved cyber range environment quicker and with more capabilities.