Web-based 3D Visualization for Flight Mission Network Cybersecurity Analysis

The Cyber Analysis Visualization Environment (CAVE) software system is a collaboration between the Systems Engineering and Mission Systems and Operations Divisions at JPL. CAVE is an easy to use, model-based cyber threat visualization, analysis, and assessment platform designed to respond to the growing threat of cyber attacks targeting space missions. CAVE was originally designed and developed as a Python-based desktop application with integrated 3D visualization, user interface, and a cyber analysis engine, before a recent redesign to the current client/server web-based application architecture. This new client/server web application architecture allows for multi-platform usage of CAVE, requiring minimal or no software installation on local systems while still allowing for customizability at the user level. CAVE’s client/server architecture ensures that sensitive or proprietary data resides securely on the CAVE analysis server, avoiding the storage of sensitive data on the end user‘s local machine. At a high level, the CAVE web server exposes a REST API to allow the web GUI to communicate with the analysis engine. The web server has user authentication capabilities and restricts access to model data based on the assigned group of the authenticated user. The server is architected with a plugin structure in mind for analyses, so users opting to deploy the CAVE server can easily write and deploy additional model analyses. The client handles all interactions with the web server and provides feedback to users on the status of server requests. CAVE’s web-browser user interface provides an intuitive, 3D presentation of complex network models, containing both physical and virtual network assets, which allows mission cybersecurity engineers to easily swap between a selection of visual layouts and execute a variety of cybersecurity analysis algorithms designed to help users better understand possible network vulnerabilities and defenses. This web-based user interface model allows for ease of expansion and potential future additions to the user experience, including real-time collaboration and sharing capabilities, and the interactive exploration of large cybersecurity datasets. In this paper we present CAVE's software architecture and use cases, and discuss CAVE's value as an intuitive tool for cyber threat identification and assessment.