Disentangled Orchestration on Cyber Ranges

Cyber ranges require networked applications to test cyberspace events effectively. As testing becomes more advanced, it involves multiple real-world applications with flexible execution orders. However, it is increasingly challenging to orchestrate large-scale, chained, and heterogeneous Internet applications. State-of-the-art orchestration techniques face scalability issues due to inefficient representation models and entangled scheduling of events and applications. To address these issues, we present Wukong, a disentangled orchestration system in cyber ranges that disaggregates the scheduling and execution of workflows and their applications in a decentralized coordination approach. First, we overcome the heterogeneity of events with a workflow model that encodes event chains with compositional Directed Acyclic Graphs (DAGs) and unified event triggers. Second, Wukong disaggregates the execution of DAGs and applications with push-pull decentralized coordination over distributed agents. Our evaluation of Wukong on a real-world cyber range demonstrates its expressive, scalable, and efficient abilities for automatically emulating diverse event chains. The storage footprint of compositional modeling is up to 57 times smaller than that of baseline models. Wukong's response delay is 1.52 to 2.74 times shorter than state-of-the-art orchestration engines, and the scheduling delay is up to 2.16 times smaller than the baseline approach.