dark portal MMOWGLI is now complete!
Thank you National Defense University (NDU) students, staff and faculty!
The darkportal game ran 30 September-26 November 2013. Players participated by using
Dark Portal is a cyber-war-game produced by NDU's Center for Applied Strategic Learning. The Dark Portal exercise provides a forum for information exchange and consensus decision-making in the context of a major national security event. Participants will examine the gravity, complexity, and difficulty inherent in responding to a series of physical and cyber incidents affecting critical infrastructures and key assets in the United States and will explore potential responses to those incidents. Special emphasis is placed on critical infrastructure interdependencies and challenges to the nation's defense and economy.
Dark Portal MMOWGLI is supported by the NDU 6003 elective Wicked Problems in Complex, Chaotic National Security Problems, Center for Applied and Strategic Learning, iCollege, NDU Library and the Naval Postgraduate School (NPS). We will be using MMOWGLI (Massive Multiplayer Online War Game Leveraging the Internet) an NPS game platform designed to find and collectively grow breakthrough ideas to address urgent problems. You do not have to be experts in cybersecurity or wicked problems to play and participation is voluntary.
Why We Are Playing the Game
The goal of Dark Portal MMOWGLI is to introduce the NDU Community to the challenges of effective decision-making in a complex, surprise-filled world that is increasingly influenced by cyber power.
- Get an overview of Cybersecurity issues and work together to offer innovative strategies in Action Plans.
- Acquire a basic framework for approaching wicked problems.
- Experience how this type of gaming platform can be used for education, brainstorming, and addressing complex problems. Crowd sourcing has proven to be a very effective way to find creative approaches to tough issues and participating in this MMOWGLI will give you a hands-on understanding of how this is accomplished.
This is the first NDU-wide project that's ever been undertaken to harness the minds of the faculty and students to generate innovative approaches to a significant National Security problem. You can win NDU awards for your game play for yourself as an individual and for your component. Awards will be presented at an NDU townhall.
- If your component is interested in playing as a team: There will be a drop-down field in your Player Profile with a list of NDU components for you to choose from. After you have registered and are in the game, make sure you have your component listed in your Player Profile, in the box labeled "location." To get to your Player Profile, click on your avatar/screen name on the upper left corner of your screen.
Access and Game Dates
Dark Portal MMOWGLI is intended for NDU community members and will run over the course of 3 Rounds:
- Round 1: 30 September - 14 October, Define the Environment
- Round 2: 15 October - 4 November, Define the Problems
- Round 3: 5 November - 26 November, Alternative Formulations
Each phase of the game will start by the partners posting ‘root' cards which pose questions on the topic for that phase. Players then post ‘Idea Cards' that other players can respond to by either building on, countering, redirecting, or calling for further expertise. Points are earned based on each idea card's influence and perceived value. Individuals contributing to particularly intriguing concepts are invited to collaborate on an "Action Plan" to move that idea forward. Published action plans are awarded further points by all players providing ratings and additional comments. Significant achievements will be recognized.
Dark Portal MMOWGLI Resources
- Dark Portal Flyer (jpeg)
- Dark Portal blog
- Dark Portal game
- Dark Portal videos
- Round One Idea Cards Summary
Cyber Security Resources
- Tehan, Rita. Cybersecurity: Authoritative Reports and Resources. Congressional Research Service. 2013. This report provides links to selective authortative resources related to cyber security issues.
- United States Government Accountability Office (GAO). GAO Cybersecurity Report: National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented. 2013.
- The Economist Explains: How Does a Denial of Service Attack Work? 27 August 2013.
- Paradigm Change: Cybersecurity of Critical Infrastructure. 2013. This paper analyzes two decades of cybsecurity policy through the lens of Thomas Kuhn's change theory and makes the case for a fundamentally different paradigm for the cybersecurity of critical infrastructure.
- United States Government Accountability Office (GAO). GAO Report: Critical Infrastructure Protection. Report to the Chairman Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, House of Representatives Committee on Homeland Security.
- Moteff, John. Critical Infrastructures: Background, Policy, and Implementation. Congressional Research Service. 2011. This report discusses in more detail the evolution of a national critical infrastructure policy and the institutional structures established to implement it.
- Securing Critical Information Infrastructure: Trusted Computing Base. SecureList. 2012.
- Wilshuesen, Gregory. Challenges in Securing the Electricity Grid. GAO. 2012. Statement delivered to the Senate Committee on Energy and Natural Resources.
- Electrical Grid Vulnerability: Industry Reponses Reveal Security Gaps. 2013. Written by the staff of Congressman Edward J. Markey (D-MA) and Henry A. Waxman (D-CA).
- Lexington Institute. Ensuring the Resilience of the US Electrical Grid. 2013.
- Terrorism and the Electric Power Delivery System. 2012. Report by the National Academy of Sciences. New York Times summary here.
- The Electric Grid as a Target for Cyber Attack. James Lewis. 2010. Center for Strategic and International Studies.
- Willingham, William F. Bonneville Dam's Contribution to the War Effort. This short article provides an historical perspective on the critical role BPA played in WWII and its links in particular to the shipyards, aircraft production, and the Hanford plutonium efforts.
- BPA Statutes. This lengthy document has deep legislative information that bears on the operation of BPA. Note in particular the Bonneville Project Act, the DOE Energy Organization Act, the Government Corporation Control Act, the Energy Policy Act of 2005, and the Pacific Northwest Electric Power Planning and Conservation Act.
Statement of Acting Deputy Under Secretary Greg Schaffer, National Protection and Programs Directorate, before the House Committee on Financial Services, Subcommittee on Financial Institutions and Consumer Credit, "Cybersecurity: Threats to the Financial Sector." 2011.
Financial Services Sector Coordinating Council for Critical Information Protection and Homeland Security.
The CIP Report, October 2013. The Center for Infrastructure Protection and Homeland Security (CIP/HS) at the George Mason University School of Law. This edition is on the Financial Services Sector.
- Kramek, Joseph. The Critical Infrastructure Gap: US Port Facilities and Cyber Vulnerabilities. Brookings. 2013.
- Parfomak, Paul. Pipeline Cybersecurity: Federal Policy. CRS. 2012.
The White House
- Executive Order 13636 Improving Critical Infrastructure Cybersecurity
- 2009 National Infrastructure Protection Plan (NIPP)
- Presidential Policy Directive 21. Critical Infrastructure Security and Resiliency.
Department of Homeland Security
- 2013 National Response Framework
- National Response Plan (NRP): Cyber Incident Annex. December 2004.
- Preliminary Framework to Reduce Cyber Risks to Critical Infrastructure (Draft). 2013.
- National Preparedness Report. March 2013.
Department of Defense
- Cyber Infrastructure Protection, Volume II. Strategic Studies Institute, US Army War College. 2013.
- Memorandum of Agreeement Between DHS and DOD Regarding Cybersecurity. 2010.
- Defense Science Board Task Force Report. Resilient Military Systems and the Advanced Cyber Threat. 2013.
Department of State
- Council of Europe - Convention on Cybercrime. 2001. The United States is a signatory.
- Smart Grids in a North American Context: A US-Canada Clean Energy Dialogue Event. 2011.
- Emabssy of the United States, Ottawa, Canada. US-Canada Energy Relations.
- Parfomak, Paul. The U.S. - Canada Energy Relationship: Joined at the Well. CRS. 2011.
Department of Justice
- The FBI's Ability to Address the National Security Cyber Intrusion Threat. DOJ Office of the Inspector General. 2011.
Gordon M. Snow, Assistant Director, Cyber Division, Federal Bureau of Investigation. Statement before the House Financial Services Committee, Subcommittee on Financial Institutions and Consumer Credit, "Cybersecurity: Threats to the Financial Sector." 2011.
Internet Denial of Service Attacks and the Federal Response. Testimony of James X. Dempsey, Center for Democracy and Technology, before the Subcommittee on Crime of the House Judiciary Committee and the Subcommittee on Criminal Justice Oversight of the Senate Judiciary Committee. (this is an older testimony, but still very relevant today).
Department of Treasury
- Terrorism Risk Insurance Program
- Evolving DDOS Attacks Provide the Driver for Financial Institutions to Enhance Cybersecurity. Banking Law Journal. 2013.
- National Infrastructure Protection Plan: Banking and Finance Sector
- Cyber Conflict and the War Powers Resolution: Congressional Oversight of Hostilities in the Fifth Domain. Atlantic Council Issue Brief.
Wicked Problems Resources
"Wicked" problems are hard or impossible to solve due to requirements that are contradictory, incomplete and changing, and often hard to recognize. Dr. Nancy Roberts, of the Naval Postgraduate School (NPS), Monterey, describes a class of problems "that defy solution, even with our most sophisticated analytical tools." In her words (Roberts, 2000, p.1):
These problems are called "wicked" because they have the following characteristics: 1).There is no definitive statement of the problem: in fact, there is broad disagreement on what ‘the problem' is. 2). Without a definite statement of the problem, the search for solutions is open ended. Stakeholders – those who have a stake in the problem and its solution – champion alternative solutions and compete with one another in a way that directly connects their preferred solution and their preferred problem definition. 3). The problem solving process is complex because the constraints, such as resources and political ramifications, are constantly changing. 4). Constraints also change because they are generated by numerous interested parties who "come and go, change their minds, fail to communicate, or otherwise change the rules by which the problem must be solved."
Also focusing on government officials and public managers, she defines three types of problems (simple, complex and wicked), and characterizes them by the degree of conflict in problem definition and solution.
Wicked Problems and Network Approaches to Resolution, by Nancy Roberts.This article offers three coping mechanisms for taming wicked problems.
Dilemmas in a General Theory of Planning, by Horst Rittel and Melvin Webber. This is the definitive paper which coined the term "Wicked Problems."
Wicked Problems & Social Complexity, by Jeff Conklin. This paper provides a detailed discussion on wicked problems and complexity.
Commander's Appreciation and Campaign Design, United States Army. This is intended for use by commanders charged with designing, planning, and executing a campaign. "Wicked" problems are called "Ill-Structured."
Solving Wicked Problems, by Steve Nixon. A short video introduction to wicked problems.
Nancy Roberts: Solving wicked problems and #MillionPeopleMarch, interview on Rappler.com