This chapter describes work on modelling situational awareness information and system requirements for the mission. Developing this model based on Goal-Oriented Task Analysis representation of the mission using an Agent Oriented Software Engineering methodology advances current information requirement models because it provides valuable insight on how to effectively achieve the mission’s requirements (information, systems, networks, and IT infrastructure), and offers enhanced situational awareness within the Computer Network Defence environment. Further, the modelling approach using Secure Tropos is described, and model validation using a security test scenario is discussed.
TopIntroduction
This chapter describes an approach to modelling, which is used to model mission information technology (IT) services requirements, and network services required by the mission to support network-centric operations (NCO) and enhance situational awareness (SA) for computer network defence (CND). In this chapter, a Mission is a military organisation or an agency. A Force Command is military or agency personnel responsible for the mission’s computer network defence comprising network-centric operations, network services and IT support. Network-centric operations are concerned with exploiting information to maximise combat power, and the ability to protect the mission’s information systems and to respond to enemy attacks swiftly. According to Endsley M. R. (Endsley 2000), situation awareness is the process of perceiving the elements in the environment, understanding the elements in the environment, and the projection of their status into the near future.
To maximise the exploitation of network-centric operations for computer network defence, enhanced situational awareness is required of the mission’s computer networks and IT services. IT infrastructure, systems and networks have to develop to collect data and information from disparate sources, process the data into logical outputs, and push it to the Force Command to make better and informed decisions, make calculated judgements on perceived incidents, determine and authorise appropriate cause of actions (CoA).
Situation awareness over the mission’s computer networks and IT services requires understanding of the mission’s operational capability requirements. Given these requirements, IT services requirements of the mission can be modelled, and IT services required by the Force Command can be modelled and validated. The premise is that operational capability requirements of the mission must be decided and outlined. And until these are known, it is impossible to model accurately the services requirements of the mission.
There are a good number of significant research contributions in situational awareness for CND and network security as demonstrated by the following: Tadda G. P. and Salerno J. S., 2009, Grégoire, M. and Beaudoin, L., 2005, Bass T., 2000, Juarez-Espinosa O. and Gonzalez C. 2004, Blais C. L. 2005, Jones R.E.T. et al., 2010, Bell, M. I., and Bates, E. A., 2005, Onwubiko C., 2009, Lefebvre J. H. et al 2005, Jajodia S. et al. 2009 and Onwubiko, C., 2011b.
Majority of the CND SA contributions focus on addressing low-level network events, D’Amico and Whitley, 2008, Wang L., et al 2007; while these contributions on their own help to shape the situation awareness in CND discipline; unfortunately, it is still ever so challenging to achieve a mission’s objectives without a clear description of a mission’s information and system operational capability requirements. According to Lefebvre J. H. et al 2005, “research into CND situation awareness (SA) lacks a clear semantics for describing network missions, and an effective tool for modelling IT Services and network resources. Once these missing pieces are defined, and then the existing CND SA research on managing low-level network events becomes meaningful.”
We identified whilst going through these contributions (Grégoire, M. and Beaudoin, L., 2005, ESRI, 2008, Lefebvre J. H. et al 2005) that:
- 1.
Information Technology (IT) Services required by the mission to support operations need to be investigated (Juarez-Espinosa O. and Gonzalez C., 2004, Lefebvre J. H. et al 2005, Bell M. I., and Bates E. A., 2005).
- 2.
A comprehensive system modelling tool is needed which can model mission requirement IT services definitions (Lefebvre J. H. et al 2005, Endsley M. R. 20001, and Jajodia S. et al. 2009, Bares D., 2010).