The research programmes 3a and 3b – Cyberspace and Data Science – mark the conclusion to this year’s annual reporting
The last two annual reports from armasuisse Science and Technology (S+T) for 2024 took place on Wednesday, 26 June 2024. The two research programmes Cyberspace, headed by Dr. Bernhard Tellenbach, and Data Science, with Research Programme Director Dr. Gérôme Bovet, concluded the reports.
Sarah Trösch, Staff, competence sector Science and Technology
An evaluation from 2023 revealed the following: Over the past year, a record number of reports were noted by the National Cyber Security Centre (NCSC). Altogether, more than 30,000 incidents were reported. This corresponds to double the figures from 2022 to 2023. New technologies are thus constantly needed for security in cyberspace.
Cyberspace – a research programme to strengthen cyber defence
Together with its research partners, the research programme Cyberspace is supplying knowledge about cyber defence and thus empowering the DDPS, the Confederation and the whole of Switzerland in internationally competitive cyber defence. Research is also enabling the maintenance and strengthening of operational skills, early access to new technologies and methods as well as cooperation with trustworthy national and international partners from academia and industry.
Cyberspace encompasses wide-ranging fields of competence. On the one hand, the focus is on cyber protection. This means that technologies are examined for vulnerabilities, investment is made in Blue Team technologies and early detection as well as assessment of cyber risks is pursued. This is linked with the evolution of new security technologies, in other words, the preparation of robust and highly secure cyber infrastructure. Researchers need to be able to detect and assess cyber risks early on for this purpose. Two other focal points are cyber operational capability and cyber operational pictures. With cyber operational capability, the focus is on the evolution of offensive countermeasures, in particular the automation of Red Team activities. Deception capabilities in cyberspace are also being examined. The focal point cyber operational pictures deals with research on the secure distribution of cyber information, compliant with data protection requirements.
Generally, it can be said that research in the field of cyberspace means verifying concepts and validating new technologies. The outputs here are that research can result in procurement or in adjustments and the introduction of new methods. The research also helps to provide information on the technological change and thus to support decision-making processes.
Infobox on Blue and Red Team activities
A Blue Team attempts to repel a hacker attack and by contrast, a Red Team attempts to hack into a network. Red Teams are deployed to train Blue Teams by simulating attacks and to disclose deficits in defence deployment. One of the largest Red Team versus Blue Team exercises is the annual Locked Shields exercise organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), in which Switzerland also takes part.
Data Science is dealing with cyber security in Switzerland
The research programme Data Science is comprised of the three components IT, business knowledge as well as mathematics and statistics. Together with its national and international partners from academia, industry and defence, it deals, for example, with machine learning. The Data Science community brings together stakeholders with overarching research projects, hackathons and start-up challenges at one table. The entire DDPS thus benefits from the research focus in the area of Data Science. For example, in the area of cyber defence, the group Defence benefits, in particular the Armed Forces Cyber Command, which represents protection in cyberspace. Or in the area of cyber security, in which the National Cyber Security Centre (NCSC) in particular is active and is, among other things, responsible for combating cyber crime in the Federation. The third focus is on cyber prosecution, which is carried out by FEDPOL.
The current focal points of Data Science research
Evaluation support for intelligence activities forms part of the focus. As a very large amount of intelligence needs to be generated for intelligence exercises in the Armed Forces, a solution is required which can be used to create these automatically and with little effort. Trials are thus being carried out with Large Language Models (LLMs) as not all languages are supported satisfactorily.
A further research focus is in the area of AI support for automating leadership processes. Here too, LLMs play a major role – how can non-commissioned officers, for example, use ChatGTP to create and issue orders? However, care must be taken here to ensure that no confidential information is fed into the system.
The research programme Data Science is also working on a solution in the area of hazards emanating from generative AI – hackers can generate malicious ransomware very quickly today. The researchers are now working on a programme which aims to rapidly detect such software.
In the OODA loop – Observe, Orient, Decide and Act – it is also planned to increase connection between AI and Defence in the future. This will mean that artificial intelligence will create operational pictures and issue specific commands to machines.
Until next year…
On the last day of this year’s annual reporting, armasuisse S+T can look back on a fascinating and informative presentation of the research programmes and is already looking forward with interest to the future.
