|Advanced Visualization & User Interfaces for Cyber Situational Awareness (ADVICE)|
The ADVICE initiative is designing and assembling an innovative experimental framework for developing cyber security controls, providing cyber situational awareness and analysis of cyber security control architectures. The ADVICE framework supports state-of-the-art computer-human interaction technologies and newer visualization paradigms to maximize the situational awareness (SA) of cyber systems.
Cyber attacks have increased in number and severity over the past several years, making the addition of systems providing detection, avoidance, and recovery against attacks, intrusions, and malicious behavior a must for the security infrastructures of most organizations. Central to this security upgrade is improving Situation Awareness (SA) for cyber defense actors and decision makers, allowing them to adjudge attack postures and defense vulnerabilities in a highly dynamic environment.
Fundamental to achieving this kind of comprehensive SA is effectively processing the tremendous amounts of information--each with varying degrees of trustworthiness and certainly--that decision makers must consider. During high rate dynamic events like cyber attacks or the coordination of multiple operations, trustworthiness metrics can also be dynamic. This means that cyberspace operations much work within a real-time, high abstraction interface that enables them to perform on-the-fly changes and updates to autonomic systems.
KBSI and SA Technologies, Inc. are designing and assembling an innovative experimental framework that will provide the capabilities for Advanced Visualization and User Interface for Cyber Situational Awareness (ADVICE). The ADVICE framework will be a suite of tools an extensible framework that supports the use of state-of-the-art computer-human interaction technologies and newer visualizationparadigms to maximize the SA of cyber systems. ADVICE will include interface abstractions that allow the framework to accommodate new input paradigms [e.g., Tangible User Interfaces (TUIs) and Tactile Output Interfaces (TOIs)]. These abstractions are driven by SA-oriented design (SAOD) principles including SA requirements analyses like Goal-Directed Task Analysis (GDTA). Additionally, ADVICE will let cyber SA designers derive measurements and develop metrics regarding the computer-human experience, allowing SA designers to determine which user interfaces are most effective under which situations.
There are a number of technological gaps in human computer interaction technologies specifically aimed at the application of cyber SA. The initial phase of this effort will result in an experimental framework that will help in developing, testing and deploying innovative human computer interaction and visulatization technology for centralized and distributed cyber situational awareness on a wide range of information and sensor networks. The ADVICE technologies will provide a robust experiementation framework for developing cyber security controls, providing cyber situational awareness and evaluating cyber security control architectures.