New contract will enable faster capability insertion for military cyber training
A recent contract award will make the Department of Defense’s premier cyber training range much more flexible and adaptive to technology inserts for cyberwarriors, which is critical for them to stay up to date on latest threats and tactics in a dynamic world.
In late November, the Army awarded a contract to Cole Engineering for the much-anticipated Cyber Training, Readiness, Integration, Delivery and Enterprise Technology program, better known as Cyber TRIDENT, a nearly $1 billion effort offering a more streamlined approach for procuring the military’s cyber training capabilities.
The main effort under this contract is the Persistent Cyber Training Environment (PCTE), an online client that allows U.S. Cyber Command’s Cyber Mission Force to log on from anywhere in the world for individual or collective training as well as mission rehearsal. Prior to this range, cyberwarriors lacked a centralized place to hone their skills and train on par with the physical domains such as the National Training Center at Fort Irwin.
The TRIDENT contract is an enabler for the Army Program Executive Office Simulation, Training and Instrumentation, said Lt. Col. Daniel Rodriguez, product manager for cyber resiliency and training within the PEO, which has been running the program on behalf of U.S. Cyber Command and been the primary integrator to date.
Thus far, the program office has relied heavily on other transaction authority (OTA) contracts, but the TRIDENT contract is the longer-term effort that will work to manage the program along with other cyber training efforts across the DOD.
OTAs have been used for technology insertion, program officials said, and many DOD programs don’t always consider long-term technology insertion strategies. TRIDENT will act as that technology insertion activity and help accelerate the inclusion of new capabilities closer to the time of need of customers, officials said.
The program office delivered version 4.0 of the PCTE platform to the force this calendar year, which includes tools for easier use of the platform to create and meet objectives, refined management capability of the platform and training and tools to make it easier to build training.
Even since version 1, individual units have been able to build and design their own training events.
Upgrades in version 4 and beyond seek to decrease the time required to produce training scenarios to improve the quality of training, increase reuse of training scenarios and to emulate environments and increase training throughput, officials said.
A recent Government Accountability Office report noted PCTE can replicate real-world events, such as the SolarWinds incident.
Officials said the PCTE platform is capable of performing a one-for-one replica of a real network. The team has virtualized a lot of the capability allowing it to bring in almost any type of machine to configure real-life networks quickly for high fidelity training. This includes IP-based systems as well as operational technology and critical infrastructure.
PCTE can also plug into ranges outside of it, described as hardware in the loop, which requires some assistance from the program office, if needed. But as long as units are working within the platform itself, there is little interaction needed from the program team as the units have most of the tools needed to create and develop the training they need.
The program office has stressed the issue of reusability, allowing other units to easily piggyback on training scenarios, modules or networks that were built by others to reduce duplication.
The program office, since PCTE’s inception, has taken a DevSecOps approach introducing incremental software capability to build the platform up little by little until it can scale. Officials plan to continue this approach with minor software deliveries in between major versions, similar to mobile phone operating systems.
The team said it is working on version 5.0, which should be approved by the summer. However, officials declined to offer specifics as to what exactly that will include.
They did note that they are looking at developing more robust traffic generation capabilities, to include more realistic network traffic beyond normal office life such as sending emails or moving files. They’d like to add more system administrator activity, remote connections and create a more robust pattern of life that is seen on larger networks.