PRIA Logo
Take the PRIA Score
Title 10Armed ForcesRelease 119-73

§392 Executive agents for cyber test and training ranges

Title 10 › Subtitle Subtitle A— - General Military Law › Part PART I— - ORGANIZATION AND GENERAL MILITARY POWERS › Chapter CHAPTER 19— - CYBER AND INFORMATION OPERATIONS MATTERS › § 392

Last updated Apr 6, 2026|Official source

Summary

The Secretary of Defense must pick two senior officials, with advice from the Principal Cyber Advisor: one to run cyber and IT test ranges and one to run cyber and IT training ranges. The Secretary must give them clear duties and powers. They must make a plan every two years for test and training resources. That plan must list all testing and training ranges and facilities (government and non‑government), set priorities and standards, look for ways to share and save money, add or merge ranges as needed, raise the skills of the test workforce, and work with other agencies and industry. The plan must also define how ranges connect and work together, support secure integrated testing and science and technology work, and allow linking with other ranges. The executive agents must certify all DoD cyber range investments. They and the Chief Information Officer must choose a machine‑readable, open‑source language for sharing cyber event and threat data for the Joint Information Environment. The Secretary must make sure all parts of the Department give these executive agents the support they need and must act under Directive 5101.1. Definitions: designated cyber and information technology range — includes the National Cyber Range, the Joint Information Operations Range, the Defense Information Assurance Range, and the C4 Assessments Division of J6 of the Joint Staff. Directive 5101.1 — means Department of Defense Directive 5101.1, or any successor directive on executive agent responsibilities. executive agent — means the DoD Executive Agent as defined in Directive 5101.1.

Full Legal Text

Title 10, §392

Armed Forces — Source: USLM XML via OLRC

(a)The Secretary of Defense, in consultation with the Principal Cyber Advisor, shall—
(1)designate a senior official from among the personnel of the Department of Defense to act as the executive agent for cyber and information technology test ranges; and
(2)designate a senior official from among the personnel of the Department of Defense to act as the executive agent for cyber and information technology training ranges.
(b)(1)The Secretary of Defense shall prescribe the roles, responsibilities, and authorities of the executive agents designated under subsection (a). Such roles, responsibilities, and authorities shall include the development of a biennial integrated plan for cyber and information technology test and training resources.
(2)The biennial integrated plan required under paragraph (1) shall include plans for the following:
(A)Developing and maintaining a comprehensive list of cyber and information technology ranges, test facilities, test beds, and other means of testing, training, and developing software, personnel, and tools for accommodating the mission of the Department. Such list shall include resources from both governmental and nongovernmental entities.
(B)Organizing and managing designated cyber and information technology test ranges, including—
(i)establishing the priorities for cyber and information technology ranges to meet Department objectives;
(ii)enforcing standards to meet requirements specified by the United States Cyber Command, the training community, and the research, development, testing, and evaluation community;
(iii)identifying and offering guidance on the opportunities for integration amongst the designated cyber and information technology ranges regarding test, training, and development functions;
(iv)finding opportunities for cost reduction, integration, and coordination improvements for the appropriate cyber and information technology ranges;
(v)adding or consolidating cyber and information technology ranges in the future to better meet the evolving needs of the cyber strategy and resource requirements of the Department;
(vi)finding opportunities to continuously enhance the quality and technical expertise of the cyber and information technology test workforce through training and personnel policies; and
(vii)coordinating with interagency and industry partners on cyber and information technology range issues.
(C)Defining a cyber range architecture that—
(i)may add or consolidate cyber and information technology ranges in the future to better meet the evolving needs of the cyber strategy and resource requirements of the Department;
(ii)coordinates with interagency and industry partners on cyber and information technology range issues;
(iii)allows for integrated closed loop testing in a secure environment of cyber and electronic warfare capabilities;
(iv)supports science and technology development, experimentation, testing and training; and
(v)provides for interconnection with other existing cyber ranges and other kinetic range facilities in a distributed manner.
(D)Certifying all cyber range investments of the Department of Defense.
(E)Performing such other assessments or analyses as the Secretary considers appropriate.
(3)The executive agents designated under subsection (a), in consultation with the Chief Information Officer of the Department of Defense, shall jointly select a standard language from open-source candidates for representing and communicating cyber event and threat data. Such language shall be machine-readable for the Joint Information Environment and associated test and training ranges.
(c)The Secretary of Defense shall ensure that the military departments, Defense Agencies, and other components of the Department of Defense provide the executive agents designated under subsection (a) with the appropriate support and resources needed to perform the roles, responsibilities, and authorities of the executive agents.
(d)The Secretary shall carry out this section in compliance with Directive 5101.1.
(e)In this section:
(1)The term “designated cyber and information technology range” includes the National Cyber Range, the Joint Information Operations Range, the Defense Information Assurance Range, and the C4 Assessments Division of J6 of the Joint Staff.
(2)The term “Directive 5101.1” means Department of Defense Directive 5101.1, or any successor directive relating to the responsibilities of an executive agent of the Department of Defense.
(3)The term “executive agent” has the meaning given the term “DoD Executive Agent” in Directive 5101.1.

Legislative History

Notes & Related Subsidiaries

Statutory Notes and Related Subsidiaries

Designation and Roles and Responsibilities; Selection of Standard Language Pub. L. 113–291, div. A, title XVI, § 1633(b), (c), Dec. 19, 2014, 128 Stat. 3642, provided that: “(b) Designation and Roles and Responsibilities.—The Secretary of Defense shall—“(1) not later than 120 days after the date of the enactment of this Act [Dec. 19, 2014], designate the executive agents required under subsection (a) of section 392 of title 10, United States Code, as added by subsection (a) of this section; and “(2) not later than one year after the date of the enactment of this Act, prescribe the roles, responsibilities, and authorities required under subsection (b) of such section 392. “(c) Selection of Standard Language.—Not later than June 1, 2015, the executive agents designated under subsection (a) of section 392 of title 10, United States Code, as added by subsection (a) of this section, shall select the standard language under subsection (b)(3) of such section 392.”

Reference

Citations & Metadata

Citation

10 U.S.C. § 392

Title 10Armed Forces

Last Updated

Apr 6, 2026

Release point: 119-73