U.S. Cyber Command’s new training platform is slated to deliver the second iteration this fall providing additional capabilities and user capacity, program officials said.
The Persistent Cyber Training Environment (PCTE) is an online client that allows Cyber Command’s warriors to log on from anywhere in the world to conduct individual or collective cyber training as well as mission rehearsal. The program is being run by the Army on behalf of the joint cyber force and Cyber Command.
Officials delivered the first version of the program to Cyber Command in February and the environment was used for the first time in Cyber Command’s premier annual tier 1 exercise Cyber Flag in June. The second version is expected to include additional capabilities, including allowing more users to conduct team or individual training.
U.S. Cyber Command’s annual training exercise will rely entirely on a new platform this year, a move that will allow most participants to compete remotely.
“Things like to be able to schedule, have a calendar to be able to auto-schedule things, to be able to allocate resources because right now it’s you can get in and you can do it but how do you deconflict? If you’re running a team based event across x number of services how does somebody else come in and do an individual training,” Amit Kapadia, chief engineer for the program, told C4ISRNET in an interview. “Do you have the right infrastructure underneath?”
Kapadia added that during the COVID-19 pandemic, there was a surge in platform use due to the remote working, thus, by the end of this year, the program seeks to push additional compute and network capabilities.
Leaders are targeting final testing in September and then a roll out in late fall for version 2.0.
The program has also sought to deliver incremental capability along the way through what it calls cyber innovation challenges. These are competitions to awards and layer new technologies onto the platform.
There was a notice informing industry of the fourth such innovation challenge released recently. Officials told C4ISRNET they expect to release a formal solicitation around August, with plans to award contracts by the end of the year or early next year.
The officials noted that just like with the previous innovation challenges, there could be multiple vendors awarded and specifically non-traditional defense vendors. Moreover, they also anticipate to continue these challenges for the foreseeable future even when a vendor is selected to be the integrator for PCTE through what’s known as the Cyber Training, Readiness, Integration, Delivery and Enterprise Technology (TRIDENT), a contract vehicle to offer a more streamlined approach for procuring the military’s cyber training capabilities. The contract is valued at up to $957 million. This approach, officials said, prevents vendor lock and ensures the program is at the tip of the technological spear.
The fourth cyber innovation challenge seeks to ask industry for assistance in traffic generation – which means emulating fake internet traffic on the platform – and assessment, which was a key requirement directly from Cyber Command.
“I would say what we’ve been driven towards right now are high priorities coming down from [Cyber Command commander] Gen. [Paul] Nakasone and Cyber Command for things like CMF assessment,” Kapadia said. “They want to be able now … all these reps and sets that are happening within PCTE, how am I assessing the performance of the individuals in my teams.”
An integrated and agile approach
Since the platform was delivered to Cyber Command in February, command leaders have officially taken the burden of running training exercises from the program office, freeing it up to focus on pursuing new technologies and fixes as well as the overall acquisition.
At air bases across Europe, networks are under attack. But cyber operators from around the world are on the case.
In the past, the program office worked with specific units to conduct training events in order to stress the platform and gain valuable feedback. Now, Cyber Command has created what is called the Joint Cyber Training Enterprise, which is the non-material companion to the PCTE platform and seeks to operate and synchronize training hosted by PCTE for the joint force.
“The JCTE is a lot like the combat training center ops group where they are managing the platform, they are running the platform, they are running the training,” Lt. Col. Thomas Monaghan, product manager of cyber resiliency and training at Program Executive Office Simulation, Training and Instrumentation, told C4ISRNET. “So we delivered the platform to them and they’re using it I would probably say on a weekly basis. They’re doing cyber training events that we don’t manage that anymore. We don’t stand them up. The platform is being used, we’re able to concentrate on specific capability, platform enhancements.”
JCTE has formalized the cyber training and use of the environment while also coordinating which cyber mission force units need to conduct which types of training, something the program office wasn’t equipped to do.
Monaghan said his office is in almost hourly, or at least daily, contact with JCTE to better understand what users like, don’t like or needs to be fixed.
“We’ve got the program office, we’ve got the user community, we’ve got the operational arm of the user community, which is JCTE, we’ve got the Army capability manager codifying the requirements all working together. We literally talk to each other at least daily,” Monaghan said. “That direct feedback loop is one continuous circle of information. That’s the only way a program this robust can be successful.”
Program officials said they gained valuable insights from the recently concluded Cyber Flag, which created roughly six months worth of data.
They explained that while not every element worked exactly as planned, the nature of the program allows for incremental and ongoing adjustments to be made. By leveraging specific flexible acquisition tools, the program is not as rigid as other typical military platforms, such as tanks.
“It’s a perfect one for PCTE because it created that box basically saying in laymen’s terms we have no idea what this specifically looks like but we have some eye level things that it should do,” Liz Bledsoe, deputy product manager, told C4SIRNET, regarding the types of acquisition mechanisms PCTE is being run under.
Monaghan added: “That’s the way the platform and the program were structured when the requirements were written, some of them were listed as evolving or threat based or capability … They’re ever evolving, ever enhancing based off the needs of the cyber mission force.”