Resilient DDDAS as a Service (rDaaS)
PI: Salim Hariri, Co-PI: Cihan Tunc
With the proliferation of cyber information services integrated in all aspects of our life, economy, defense, and safety; it is a challenging research task to secure and protect the cyber services against any type of attacks, malicious events, faults or accidents triggered by natural or intentional causes. To overcome this challenge, we need a 24/7 full visibility and awareness of cyber situations on the network, data transfer, and cyberspace applications, especially in crisis and battle management systems. Furthermore, applying analysis, synthesis, and predictive modeling techniques to all cyber operations with human interaction would be impractical. Designing cyber systems for human monitoring requires novel methods to assess real-time data and information for rapidly changing situations.
To overcome the cyberspace management challenges, we propose to investigate and develop a cloud service that we refer to as resilient DDDAS as a Service (rDaaS) that integrates the Service Oriented Architecture (SOA) and Dynamic Data Driven Application Systems (DDDAS) paradigms to offer the next generation of resilient and agile DDDAS-based cyber applications for critical applications such as Battle and Crisis Management applications. The rDaaS will provide transformative capabilities to achieve superior situation awareness (assessment, visualization, and understanding), mission planning and execution, and resilient operations.
In this project, we will design an approach that will assist commanders and DDDAS developers to access rDaaS from anywhere and using any device (mobile or stationary) with Internet connectivity to quickly develop resilient and trustworthy DDDAS-based battle management applications. The rDaaS ensures resilient services by obfuscating their cloud execution environments using Software Behavior Encryption (SBE) and Moving Target Defense (MTD) techniques. The rDaaS infrastructure supports the two critical capabilities (Agility and Resiliency) that were identified as the main challenges facing the Air Force in the next 30 years.
The DDDAS paradigm is a transformative framework for integrating theoretical models, experimental and computational techniques to better understand complex dynamic and distributed systems, and has been successfully applied to a wide range of large scale applications such as smart materials, grids, atmospheric modeling, unmanned aerial systems, volcanic ash tracking, manufacturing and resilient grids and applications (www.1dddas.org). The novel feature of the DDDAS programming and runtime management paradigm is the continuous bi-directional interactions between measurement data, sensors and instruments, and computational models to improve performance, accuracy and scalability, and the ability of the computations to guide the measurement, and instrumentation tools used in the application systems.
The rDaaS infrastructure to be developed in this project will provide unprecedented cyber resilient and agile capabilities that will provide military with a tremendous asymmetric advantage. According to CJCS Gen Martin Dempsey, the “military that maintains the most agile and resilient networks will be the most effective in war.” . Specifically, the project objectives can be highlighted as follows:
• A cloud service infrastructure (rDaaS) that integrates SOA and DDDAS paradigms for the synthesis, enactment, and runtime management of dynamic and data driven workflows for Battle Management (BM) and crisis management applications.
• A general methodology to develop resilient computations and communications services to enable critical applications such as cyber battle management systems to tolerate any type of attacks, malicious events/faults or accidentals.
• Analytical models to analyze and quantify resilient and trust in large scale DDDAS services that are geographically dispersed and use a wide range of actors, entities and assets with varying security and trust levels.
• A framework to dynamically integrate design stage with runtime stage in a transparent manner such that we can easily compose several competing cyber battle management scenarios and assess their resilience and uncertainty in data-model fusion.
Figure 1 shows the main modules that are required to develop the proposed rDaaS infrastructure that can be accessed from anywhere to develop resilient and trustworthy cloud-based event-driven DDDAS-based services. In this implementation, we leverage the DDDAS paradigm to combine the design stage with the runtime stage. The inseparability between design time and runtime makes it possible to deal with unpredictable event and enable prompt responses to confine and manage them. At the design stage, the resilient SOA Editor (RSE) helps application developers express their response plans in an abstract manner and to develop effective and trustworthy resilient responses even when they are experiencing cyber-attacks. At the runtime stage, the Cloud Runtime Manager (CRM) transforms executable response services into equivalent resilient and trustworthy services using the Resilient Cloud Middleware (RCM).
