Ben Morton’s scientific contributions

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (2)


Metrics Framework of Cyber Operations on Command and Control
  • Conference Paper

July 2012

·

192 Reads

·

10 Citations

Melanie Bernier

·

·

Ben Morton

The reliance of modern military forces on networks and information systems makes them susceptible to cyber attacks and highlights the importance of cyber operations. This increased awareness of cyber operations has led to a need for concept development and experimentation. Concept development and experimentation work must be assessed, which requires measurement and metrics. To date, little work has been done to measure the impact of cyber operations on military command and control. This paper will address this requirement by putting forward a framework for the measurement of the impact of cyber operations on the effectiveness of the command and control of military missions. There have been many research efforts to describe measurement in the following capabilities: Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR), Network Enabled Operations (Net Enabled Ops), and Command and Control (C2). While these related fields have strong links to cyber operations, none of the associated measurement efforts specifically address the particular measurement requirements of the cyber realm. We propose a metrics framework for cyber operations that is adapted from the measures development work of the US Department of Defence Director of Operational Test and Evaluation, which recommends conducting the assessment at the mission, task and system level. We pay particular attention to the mission and task levels, which describe what is being done, why it is being done, and how well it is being done. The framework elements are "Mission Objective", "Desired Effects", "Functions", "Attributes", and "Metrics". This paper will describe how the framework measures the cyber effects described in Simulation Approach for Military Cyber Operations (also submitted to this conference). The major contribution of the paper will be the application of the attributes and metrics discussed in the related capabilities of C4ISR, Net Enabled Ops, and C2 to the measurement of cyber effects.


Simulation approach for military cyber operations

July 2012

·

59 Reads

·

2 Citations

Cyber operations are expected to become more important, and thus military commanders and staff will need to be trained in these operations. The aim of this paper is to describe an approach for simulating the effects of cyber operations in constructive simulations used for training by modern military forces. The paper argues that it is not currently possible to realistically simulate military cyber operations in a cost-effective manner, due to of the lack of existing data on the subject and the fact that it is not possible to validate available data from the civilian realm against military cyber operations. However, we argue that to educate senior military leaders, it is more important to simulate the effects of cyber attacks than to simulate the actual attacks themselves with a high degree of fidelity. The paper will discuss a set of cyber effects, and introduce an attack taxonomy that focuses on these effects. This taxonomy will discuss the effects of various attack types, along with the level of access to the target computing resource that is required to prosecute the attack. The effects of attacks will be described in terms of their impact on the computing network, computers or other devices. From this, we will derive impacts on mission capabilities, and discuss how these could be implemented inside constructive simulations. For example, to demonstrate the effects of a denial-of-service (DoS) attack, it is not necessary to carry out the attack itself; it may be sufficient to disconnect the server that is the target of the DoS attack. When prosecuting an attack, adversaries must always contend with limited resources and time. In order to integrate cyber operations in constructive simulations with a measure of realism, the paper will discuss a mechanism to limit the cyber attacks available to an attacker in terms of available resources and time. The approach will also introduce the concept of stochastic attack success by assigning probabilities of attack success against known defences. Finally, the paper will discuss avenues of future and related work, including the relationship of this work with the Metrics Framework for Cyber Command and Control paper, (Bernier et al. 2012) also presented at this conference.

Citations (2)


... Command and control is defined as "The exercise of authority and direction by a commander over assigned, allocated and attached forces in the accomplishment of a mission" (Bernier et al. 2012). In a scoping review related to disaster exercise evaluations, Beerens and Tehler (2016) identified them as "lessons learned areare primarily derived from observations or collected after debriefings". ...

Reference:

Performance in Command and Control: Results From a Scoping Review
Metrics Framework of Cyber Operations on Command and Control
  • Citing Conference Paper
  • July 2012

... In their paper (Musman et al. 2010) propose a categorical description for cyber attack effects as shown in Table 1. In other related research by the authors, and also presented elsewhere at this conference (Morton et al. 2012), cyber attacks effects were related to a taxonomy of cyber attacks presented in (Chapman et al. 2011). By successfully applying the types of attacks from the taxonomy to these categories, the authors agree that the six proposed categories of effects are sufficient to gain an initial understanding of the effects of cyber operations on C2. ...

Simulation approach for military cyber operations
  • Citing Conference Paper
  • July 2012