Software Security Requirements for Military Computer Generated Forces System Architectures

Military computer generated forces (CGFs) continue to increase in fidelity and breadth of capability, which has resulted in increasing adoption of these systems in military simulation environments in order to increase exercise fidelity. The success and fidelity of CGF software and data are making them increasingly popular targets for software piracy, reverse engineering, and other forms of misuse. The increasing hazard to CGF software can only be expected to increase as the fidelity of the CGF systems and of their data correspondingly increases. Coupled with the ever more tempting target of CGF software and data is the coming increase in computing and networking capabilities that can provide attackers with the tools and computing power needed to mount ever more sophisticated and powerful attacks. Because of the coming cyber threat and the effectiveness with which it can be mounted, current software development practices and CGF architectures must be modified in anticipation of the threat so that CGF software and data are protected. The development and maintenance of CGF software and data must be undertaken with the understanding that the software and data will come under attack in unpredictable ways using unforeseen techniques over the course of their deployment and use. Therefore, the software architecture and its implementation must be written so that it is inherently secure and can exploit continued advances in software and network security technologies. Unfortunately, there are few broad-based technical efforts that are focused on addressing the CGF software and data security need at either the architecture or implementation level. In response to this need, we identified software architecture requirements for CGF software and data security. Until recently, the need for application software protection and security for its data has been addressed indirectly through efforts to provide security for the simulation environment at the network level. The intended targets of the attacks, the software and the data relied solely upon network-based defenses and the operating system for protection. It has become obvious that merely securing the traffic on the network and login access to computers, while necessary, is not sufficient to provide the necessary security for the software and data involved in distributed simulation environments. Indeed, it is apparent that simulation software and data must be protected using a variety of technologies that are embedded in the software and data. These technologies prevent piracy, theft, and reverse engineering of software and data. Additional techniques are algorithms for detection of attempted compromise of software or data, techniques to allow applications to autonomously detect attempts at tampering, and metrics to permit the objective measurement and comparison of software and data protection techniques. All of these CGF security issues come to a point and can be addressed to some degree in the CGF architecture and design. In this paper, we discuss the architectural issues that must be addressed for CGF software and data security. However, current technologies are not sufficient to address the need, so we also present suggestions for future work.