Using Virtual Reality to Identify Cybersecurity Threats for Navy Midshipmen
This research is investigating the training of U.S. Navy Midshipman enrolled in the Reserve Officer Training Corps (ROTC) at Embry-Riddle Aeronautical University (ERAU) to identify cyber and security threats in a simulated bridge of a Navy vessel. Midshipmen will receive classroom instruction, as well as training in a virtual reality bridge simulator. The knowledge and skills training the midshipmen received is intended to transfer to the applications of midshipmen’s future positions and careers.
Cyber and security threats are burgeoning tactics being used in wartime affairs. The first line of defense of a vulnerable vessel is for the crew to distinguish misinformation from factual information. To increase the preparedness of cybersecurity threat awareness, the Office of Naval Research is interested in innovative training initiatives at colleges and universities that support Reserve Officer Training Corps (ROTC) programs. Twenty Embry-Riddle Aeronautical University (ERAU) enrolled in Navy ROTC will be recruited to participate in an 8-week long training program. These 20 midshipmen will participate in traditional classroom instruction, practice on a bridge (i.e., ship control room) virtual reality (VR) simulator, and participate in a specifically designed VR bridge application. This VR application is being designed by the XR Lab in the College of Aviation.
In the classroom setting, midshipmen will receive instruction in theoretical and practical applications to identify cyber and electronic warfare threats. This instruction will go beyond any cybersecurity training that may have been received in previous courses offered by the Naval Sciences curriculum. Group discussion and activities to encourage inquiry-based learning will fulfill some of the classroom requirements and when participating in the VR bridge application.
Midshipmen will also receive a few hours of practice in the Conning Officer Virtual Environment (COVE) simulator. The Cove simulator is designed to allow students to practice navigating ship maneuvering without the risk and expense of operations at sea. However, the COVE simulator does not permit the injection of misinformation experienced in a cyber-intrusion situation.
A VR application will replicate the bridge of a Navy vessel and immerse the operators in a VR environment. This application will permit subtle cyber threats to be introduced during the scenario. The first phase of the application will include three primary resources of the bridge: the Automatic Identification System (AIS), the Voyage Management System (VMS), and Radar. The AIS is based on a transponder system and functions as a broadcast messaging system. The VMS functions as the navigation charting display and is partially based on the Global Positioning System (GPS). Threats such as misinformed broadcast information, erroneous navigation position (e.g., showing own vessel traveling in an untrue heading), and radar misinformation (e.g., showing a friendly ship as an enemy ship) are potentially vulnerable by hacking and other nefarious actions.
Midshipmen in the Trainee position will spend several hours in the VR simulator identifying these cyber threats. Midshipmen will also spend time in the Instructor position to execute command functions that introduce the misinformation. This role of Instructor will show the midshipmen when a threat is introduced and how the Trainee responds. There will be three to four midshipmen observers during any given scenario. After each scenario, the Trainee, Instructor, and Observers will discuss hits and misses that occurred during the scenario. In addition to cohort discussion periods, performance feedback will be given by the instructors.
This research will utilize a 2 x 2 mixed quantitative design. Twenty midshipmen (the experimental group) will complete a pretest before starting the curriculum and a posttest after completing all aspects of the curriculum (traditional classroom instruction, participation in the COVE simulator, and participation in the specifically designed VR simulation). A control group that will receive the pretest and posttest will be compared to the experimental group. Evaluation metrics will include accuracy and response time to threats in the VR simulations and measurements of the skills developed in the COVE simulator and knowledge acquired in classroom instruction and the specifically designed VR simulation. At the end of the study, participants will complete a survey consisting of forced-choice and open-ended questions about their experience, self-efficacy, and opinions about the 8-week long study.
This study intends to train midshipmen to be better prepared to identify cybersecurity threats in their future positions and career following graduation from the program. The specific VR application is being designed to be sustainable to be further utilized for the future Naval curriculum and other applications.
XR Lab, VR, ROTC, Cyber Security, Simulation