Publications

Proceedings - IEEE Military Communications Conference MILCOM

Van Leeuwen, Brian P.; Burton, David; Onunkwo, Uzoma O.; McDonald, Michael J.

Tools are necessary for the DoD to analyze their information system's security, reliability, and resilience against cyber attack. Today's security analysis utilize real systems such as computers, network routers and other network equipment, computer emulations (e.g., virtual machines) and simulation models separately to analyze interplay between threats and safeguards. In contrast, we are developing new methods to combine these three approaches to provide hybrid Simulated, Emulated, and Physical Investigative Analysis (SEPIA) environments. Sandia Labs' current SEPIA environment enables simulated networks to pass network traffic and perform, from the outside, like real networks. We connect both emulated and physical routers and computers to the simulated networks. This provides higher fidelity representations of key network nodes while still leveraging the scalability and cost advantages of simulation tools. SEPIA includes tools that facilitate rapid configuration and deployment of experiments. The result is to rapidly produce large yet relatively low-cost multi-fidelity SEPIA networks of computers and routers that let analysts quickly investigate threats and test protection approaches. © 2009 IEEE.

Tarman, Thomas D.; McDonald, Michael J.; Burton, David; Onunkwo, Uzoma O.; Urias, Vincent U.

Abstract not provided.

Burton, David; Tarman, Thomas D.; Van Leeuwen, Brian P.; Onunkwo, Uzoma O.; Urias, Vincent U.; McDonald, Michael J.

This report describes recent progress made in developing and utilizing hybrid Simulated, Emulated, and Physical Investigative Analysis (SEPIA) environments. Many organizations require advanced tools to analyze their information system's security, reliability, and resilience against cyber attack. Today's security analysis utilize real systems such as computers, network routers and other network equipment, computer emulations (e.g., virtual machines) and simulation models separately to analyze interplay between threats and safeguards. In contrast, this work developed new methods to combine these three approaches to provide integrated hybrid SEPIA environments. Our SEPIA environments enable an analyst to rapidly configure hybrid environments to pass network traffic and perform, from the outside, like real networks. This provides higher fidelity representations of key network nodes while still leveraging the scalability and cost advantages of simulation tools. The result is to rapidly produce large yet relatively low-cost multi-fidelity SEPIA networks of computers and routers that let analysts quickly investigate threats and test protection approaches.