Evaluating Technology, Tactics, Techniques, and Procedures

A complex set of alternatives exists in the processes of understanding, engineering, implementing, and optimizing security systems that include choices about technology as well as Tactics, Techniques, and Procedures (TTPs). This type of serious gaming is further complicated by context that is dynamic and involves physical environment, information systems, and human behavior. It is precisely this complex environment that drove development of the Umbra Simulation Framework and applications like Dante and OpShed. A few example problems are:

Image of townoperations
Dante allows exploration and statistical evaluation of Technology and TTPs
  • Where would an adversary move and how would they behave?
  • Where is the best location for a new sensor or weapon and how well would it work?
  • How does information availability affect team or system behavior?
  • Are there outliers on red-blue force interaction?
  • What happens to security if the physical location is modified?
  • How does cyber affect physical security and physical affect cyber assets?
  • What happens to an existing system with a newly discovered threat or surprise?
  • What condition will most likely cause a turn of events?

While real-world live evaluation of performance is necessary, modeling and simulation provides options to explore locations and interactions that do not yet exist, are too expensive, risky, uncertain, or would take too long to create in the real world. This approach provides the opportunity to explore “what-if” situations, experiment thousands of times at low cost to explore sensitivity analysis, reproduce conditions or “un-do” events that are irreversible in the real world, and provide a tangible benchmark representation of ideas or a situation upon which improvements can be made. Linking simulation to the live world through LVC concepts, one can choose the best mix of simultaneous live and simulated activity Many of the example applications on this page embody these types of problems.

To be effective in this environment, Umbra has developed the following qualities:

  • Quickly developed depending on complexity (days-weeks-months)
  • Even more quickly modified (minutes-hours-days)
  • Introspective – probe and change simulation on the fly
  • Flexible – representing physical, cyber, and behaviors
  • LVC capability to join simulation with real world activity
  • Tactical availability (laptop, desktop, cluster)
  • Library of existing and reusable models
  • Scalable – some ability to scale to larger or complex systems