The Cyber Defense Lab (CDL) is a facility that enables JPL to assess mission vulnerabilities to evolving cyber threats utilizing a controlled and protected environment. It contains test environments consisting of computer systems representative of those used at JPL for flight missions and other projects (e.g., non-NASA projects). The actual mission software can be deployed onto these systems, enabling them to look and act just like the systems they are intended to replicate. In this controlled environment, the mission systems and software can then be subjected to a flurry of carefully chosen attacks. This allows Cyber Defense Engineering and Research (CDER) personnel to study the effects of different attacks, how to recognize them, and how to mitigate them.
- Reference mission configurations can be deployed and subjected to aggressive assessment testing.
- JPL services can be replicated and/or simulated to provide mission system clones of the services they need while keeping the original clones unmodified.
Institutional Use and Value:
- Supports the verification and validation of detection and diagnosis products and techniques, ensuring that they function effectively.
- Provides the opportunity to test out various mitigation strategies and mechanisms for cyber attacks in the mission environment.
- Provides a venue for Cyber Operational Readiness Testing for missions, where cyber contingency response plans can be exercised and validated.
- Provides a venue for training cyber-savvy mission engineers, increasing JPL expertise in this emerging and highly dynamic field.
- Enables proactive assessment of technologies for next generation JPL systems in an intentionally hostile environment.
- Provides means of expanding reimbursable work opportunities in the Cyber Defense field.
- Affords the opportunity to maintain pace with adversaries.
The CDER Group is working to ensure that JPL’s critical flight systems, including both mission-specific and multi-mission assets (including MGSS and the DSN) are protected from cyber attacks. The CDL will allow for those responsible for creating information assurance plans for these systems to verify their success via realistic test bed exercises.
Additionally, the JPL CDER Group has conducted external cyber security work in the form of a Smart Grid demonstration project for the Los Angeles Department of Power and Water (LADWP). Smart Grid security is a complex problem involving diverse components, many of which have not historically been evaluated from a security standpoint. The CDL allows JPL cyber security engineers to build representative test beds to simulate attacks against such complex systems.
Finally, an overarching goal of the CDL is to facilitate interactive education for those involved in cyber security work at JPL. Interactively launching attacks, understanding where and how to look for them, and seeing cyber-defense strategies succeed or fail on real computer and software systems is an invaluable experience. A strong mission cyber security capability helps to ensure the resilience of internal systems as well as open more doors to future opportunities for external work in this rapidly growing field.