-
CENTRES
Progammes & Centres
Location
PDF Download 
Rahul Rawat and Arun Sahgal, “Red-Teaming for India’s Military Establishment: Concepts, Contexts, and Consequences,” ORF Occasional Paper No. 476, June 2025, Observer Research Foundation.
Wargaming has been described as the “one tool that enables defence professionals to break out of the stories we have locked ourselves into.”1 The exercise helps in the examination of concepts and doctrines under simulated operational environments, thereby aiding the assessment of operational plans and their efficacy. Wargaming is also an analytical tool for how operational scenarios might unfold under various contingencies, including unforeseen and worst-case scenarios.
The criticality of testing the efficacy of operational planning is thus based on a deep understanding of one’s own and the adversary’s political and military objectives, judgment, and decision-making process. Therefore, there is a need for a deep and clear understanding of strategic (including cognitive) and operational thinking. For instance, the People’s Liberation Army’s (PLA) Chinese Science of Military Strategy document offers insights into drivers of Chinese strategic thinking, judgement, decision-making, planning, implementation, and strategic evaluation[2] to evaluate how the intentions of an adversary will impact the PLA’s overall operational strategy and planning. This understanding is best gained through employing the ‘red team’,[a] which plays the role of an adversary and is tasked with identifying vulnerabilities and weaknesses in one’s own defence strategies and operational planning. In the absence of a critical evaluation of threats and vulnerabilities, the tendency is to mirror one’s own operational perceptions on the adversary, resulting in the blue-team[b] bias prevailing in real-time situations and leading to faulty conclusions.
The red team ensures that blue-team commanders understand the depth and dimensions of adversaries’ critical operational thinking, defined by their doctrines and capability augmentation. This approach entails evaluating the nature of threats and vulnerabilities and determining how these challenge preconceived assumptions. Such a detailed assessment is required to develop one’s own credible operational concepts and doctrines to meet future operational challenges.
The Indian Army has been deliberating on the feasibility of developing a dedicated red-team infrastructure[3] to enhance its decision-making and effectiveness against adversarial scenarios in future conflicts. The absence of structured decision-making in terms of red-teaming infrastructure and efforts to establish a culture of understanding opponents, capabilities and doctrines must be the starting point in policy discussions. This becomes more important in hi-tech, multi-domain conflicts like the Russia–Ukraine war and hybrid operations by the PLA in the continental domain with India along the Line of Actual Control (LAC) and in the maritime domain against Taiwan.
This paper attempts to frame an approach to contextualise the need for red-teaming infrastructure, not just for the Indian armed forces but also as an integral part of larger national security decision-making. The paper establishes the purpose and utility of red-teaming, highlights existing good practices and notes the psychological biases and precautions that need to be accounted for when developing a credible red-team infrastructure. An assessment of the emergent threat landscape forms the basis of a prospective structure of red-teaming infrastructure in India’s security establishment.
The value of war gaming hinges in large part of the quality of the opposition force—the ‘Red.’
- Dale C. Rielage[4]
Wargaming is viewed as a testbed or laboratory for novel and regular ideas, concepts and theories associated with statecraft, military threat, and use of force. Red teaming is a multidisciplinary concept defined as “any activity that analyses plans, processes, systems or equipment by using an alternate perspective, typically relating to an adversary.”[5] Red teaming in wargaming, also known as “devil’s advocacy”, “alternative analysis”, “team A/team B” and “threat evaluation”, entails undertaking vulnerability assessments using analytical techniques. It is “the practice of viewing a problem from an adversary or competitor’s perspective…specifying the adversary’s preferences and strategies or by simply acting as a devil’s advocate.”[6] Red teaming is aimed at “seeking to get inside the heads of adversaries, not asking what we would do if we were them but creatively trying to ask what they might do given their own goals, culture, organization, and the like.”[7]
The scope of activities for testing can be framed as follows:
The ideal approach to red teaming is to be “rigid about flexibility”. Flexibility in red teaming enables it to adapt its approach based on the evolving situation and opponents’ responses. This manifests in unexpected obstacles and developments that may challenge core assessments and require a realignment of approaches to achieve objectives.
Red teaming supports threat evaluation, planning, and broader decision-making by providing valuable insights into the opponent, its doctrines, force deployment and postures. This is done by:
Red-teaming’s utility lies in providing the blue team with an understanding of an enemy’s real-world capabilities, warfighting doctrine, and national security imperatives, based on the red team’s capacity for research and analyses.
Source: University of Foreign Military and Cultural Studies[11]
Source: Australian Government, Department of Defense[12]
Once the context as defined by the nature of an activity (e.g., wargaming, field/deployment exercise, as outlined in Figure 3) is established, the red team process is guided by the purpose. Red teaming in the military aims to cater to four purposes: understand, anticipate, test, and train:[13]
Besides the purpose-based categorisation, there is an active and passive classification[14] of the red-teaming process. The ‘active’ includes those that require a physical playing-out of the situation in the form of deployment or other functional elements. Passive activities include those with an emphasis on simulation and analytical and computational components. Passive activities are gaining traction in the context of multi-domain warfare.
Source: Based on the frameworks developed by Matthew Lauder and Mark Mateski[15]
The spectrum of activities as outlined in Figure 3 are catered through the purpose-based requirements and determine the specific methods.
Source: Sallot[16]
Red teams question and challenge the basic assumptions underlying the blue team’s strategic plans. They help in the identification of inherent biases and blind spots in the planning process. More importantly, they provide alternative perspectives and scenarios based on repeated iterations of the planning process. It can also help promote ‘Black Swan’[d] thinking in military organisations, which is otherwise overlooked by warfighters and military planners. Therefore, red teaming can help decision-makers become more flexible and adaptive in their thinking process.
Two primary means of evaluating one’s own plans are:
Some of the tools used by red teams include developing credible databases regarding an adversary. Artificial Intelligence (AI) and Large Language Models (LLMs) can play an important role in this process. Another tool is threat modelling, which is used to identify potential threats, vulnerabilities, and attack vectors to be followed by creating realistic scenarios of the target’s defences and vulnerabilities, which are to be tested through wargaming. Computational red teaming already exists and is used to perform the information search and threat intelligence, adjudication and analysis components of red teaming to provide more structured perspectives.[e]
It is vital that red teams have the expertise to operate in a multi-domain technology environment. To ensure credibility, it is important for red teaming to develop best practices, establish clear communication channels and protocols, and develop realistic scenarios to test adversaries’ capabilities.
A robust red team and red-teaming mechanism can have multiple benefits:
The following are crucial challenges that red teams will face:
The implementation of red-teaming outputs is hindered by many challenges, which include people, organisation, structure and their dominating beliefs. The hindrances are cultural, organisational, situational and structural, which can create psychological barriers in the decision-making processes.
The UK Red Teaming Handbook outlines four conceptual and crucial components of decision-making processes: information gathering; sense-making; decision-taking; and planning.[18] The associated biases, challenges, and optimum solutions to overcome challenges in each of the four phases is critical in the red-teaming process.
1. Information Gathering: The manner in which information is gathered is vital. The direction and motivation to look for information need to be free from internal pressures from senior authorities. Information gathering may be hindered by aspects such as limited readiness and availability of resources, lack of time and effort, and pre-determined goal-directed search for information. The means to ensure no pressure from authorities or seniors, the availability of more time and effort and the presence of language experts can help shape the right line of enquiry.
2. Sense-Making: This stage deals with the interpretation of gathered information. How a particular statement of a problem is framed[f] determines the appetite for risk and the element of (over)exposure, which leads to (un)familiarity to a certain context, which create an inherent bias. The solution is to conduct a scenario-based (what-if) analysis and a deep dive into the risk assessment and potential implications of the possible framing for an issue at hand. Here, the critical analysis of information gaps and critical assumptions and the generation of alternative hypothesis can help streamline the process.
3. Decision-Taking: The manner in which information is processed is critical for the decision cycle. Challenges to this process include an over-commitment to ideas or actions laid out in doctrinal maxim(s) or conventional wisdom; excessive reliance on past solutions without considering the changes, even minor, in existing circumstances; and the selection of a solution with critical assessment.[19] Excessive ownership and emotions attached to one’s own developed plan is another problem. The red team can lay out a step-by-step assessment of each component of the plan and highlight the existing, negative and positive expectations of each move made by the blue team (i.e., commander). Finally, to avoid commanders utilising heuristics, the plans need to be well-rehearsed and analysed through brainstorming. The problem of groupthink[g] also becomes prevalent among blue team members and can be tackled through a process called mind-guarding.[h]
4. Planning: The outcomes of the planning process need a thorough assessment. A major challenge is optimism bias, which makes the plan appear perfect along with a confident belief that the plan will work.[20] Another aspect is the planning fallacy, which tends to underestimate the time[21] that is required to execute a plan. Therefore, the need arises to pursue the devil’s advocacy and question the underlying assumptions that inflate the air of overconfidence around a plan.
A set of standardised best practices should be followed to cover a range of applications in red teaming. Some best practices[22] are as follows:
In addition to these, Micah Zenko outlines the following six principles drawn from the experiences of red teamers:[23]
It is vital that red teaming is not underappreciated nor overhyped. A delicate balance about its role and utility should be maintained to realise the purpose of red teaming. Therefore, precautionary measures are required to avoid misuse. The following are the five worst use cases of red teaming:[24]
These best practices should be codified in standard operating procedures (SOPs) and followed in order to establish a robust red-team infrastructure.
India continues to face multiple security challenges in a vitiated security environment. Relations with China are tense, shaped by China’s coercive grey-zone tactics along the Line of Actual Control (LAC). Both sides are maintaining force deployments as a form of deterrence. Despite the disengagement in Eastern Ladakh, Chinese infrastructure build-up and forward deployment of its forces continue.
The maritime domain is also facing increasing challenges owing to the increasing bases of People’s Liberation Army Navy (PLAN) and its maritime collaboration with Pakistan. The exponential increase of Chinese military and technological capacities and multi-domain and asymmetric capabilities further exacerbates the situation. India, at best, possesses dissuasive deterrence against China, whereas it has more credible deterrence against Pakistan.
Source: University of Foreign Military and Cultural Studies[25]
Some of the specific areas that red teams can be used to address are as follows:
o Simulating the TTPs of terrorist organisations.
o Evaluating one’s own counter-terrorism strategies to assess the effectiveness and identify areas for improvement through innovative scenarios.
o Enhancing intelligence gathering and identifying potential vulnerabilities to improve intelligence collection.
o Simulating Chinese and Pakistani military strategies and ways of warfare to test the efficacy of Indian response and options.
o Enhancing military preparedness through testing Indian preparedness, including through responses to conventional and nuclear threats, in an escalatory situation. Such issues, when simulated, can help evaluate the efficacy of strategic thinking and define gaps.
o Conducting cybersecurity and information warfare by simulating the TTPs of Chinese and Pakistani cyber actors to test Indian cyber defences, including in the critical infrastructure sectors. This includes reconnaissance and information-gathering processes and performing enemy-like attacks to assess time-to-detect and time-to-mitigate factors to understand the effectiveness of the response of the blue team. The red-teaming simulation will also help evolve responses, including kinetic, non-kinetic, or a combination of both. Developing a ‘cyber range’ to simulate a real-time operational environment is essential to highlight critical gaps and vulnerabilities in the compliance, capabilities and TTPs of the blue team.
o Enhancing information-warfare capabilities by having red teams coordinate with cyberspace stakeholders.
o Ensuring strategic decision-making and policy development by offering alternative perspectives on strategic issues and challenging assumptions and biases, such as the issue of the two-front or two-and-a-half-front war, by assessing the nature of collaboration and objectives.
o Evaluating policy options by helping to define priorities for force development and capacity enhancement.
o Enhancing strategic decision-making by testing blue-team capabilities in responding to complex and dynamic situations.
By adopting red-teaming infrastructures and processes, India can enhance its national security posture through effective planning for medium- to long-term challenges.
What is also lacking is an integrated approach and the tools used by red teams in advanced militaries in terms of structures, credible database, threat modelling based on opposing sides’ doctrines, and operational thinking, which can help identify the nature of potential threats, vulnerabilities, attack vectors, and realistic scenarios. The understanding of multi-domain warfare (i.e., synergy between different domains) as perceived by opponents, is limited. The attritional “air-land battle” concept, still central to India’s doctrinal thinking, requires re-evaluation in light of evolving technologies, shifting strategic paradigms, and emerging doctrines. It is also increasingly imperative to plan for the use of emerging and disruptive technologies.
Mindset shapes the psychological orientation of an organisation, both vertically and horizontally. For red teaming to be effective, it must be endorsed from within the military and security establishments to overcome their insularity from existing or potential sources of information and assumptions. The extent to which these organisations are willing to accept divergent views, involve subject matter experts, and integrate external perspectives will be a key indicator of red teaming’s long-term viability and impact.
Source: Authors’ own
Red teams are therefore essential for detailed threat evaluation in future warfare, enabling India to refine its operational planning and identify technological gaps.
Recent wars have evolved into prolonged attrition warfare, largely driven by technological advancements. Despite relative asymmetry in capabilities, there have been no quick victories. Modern conflicts are likely to be prolonged, imposing costs that test the resilience of participants in terms of sustainability and operational tempo. From the decision-making perspective, these developments demand closer scrutiny and coordination among internal and external stakeholders.
Source: Authors’ own
To ensure the credibility of red-teaming efforts and the availability of their assessments, the following broad levels are suggested:
At the apex level—where the Chief of Defence Staff (CDS) and the other three service chiefs deliberate on strategic-operational planning and approve key decisions from higher civilian authorities—there is a need for a first layer of red teaming. This would help create congruity among these perspectives and ensure that detailed threat assessments are evaluated by the National Strategy and Operational Assessment Directorate. The aim will be to ensure optimum alignment between the civilian directives and military potential in both maximalist and minimalist circumstances to deliver intended objectives. It is also important to highlight capability deficiencies and suggest their impact on the operational environment.
Often, apex-level thinking may remain isolated from more rigorous debates due to constraints from political directives and strategic guidelines. In such cases, excessive information and the lack of optimum resources for analysis pose challenges.
At this stage of decision-making, the individual Theatre Commanders should use red teams to gain theatre-level perspectives. By integrating domain experts, red teams can enhance operational planning through simulated scenarios, optimising the use of forces and capabilities within their respective theatres. More in-depth planning and decision-making is involved at the operational level of warfare. At this level, the red teams of each component and support force carry out detailed assessments, which are then fed to the Theatre-level red team cell to be integrated into an operational picture and unified assessment.
Cyber, space, information and electromagnetic spectrum (EMS) related non-kinetic warfare require the inclusion of technical domain experts alongside skilled non-domain analysts in red teams. Their participation in rigorous live or simulation wargaming exercises can help test, validate, and rectify existing capabilities, concepts, and tactics.
Source: Authors’ own
Red Teams at Training Institutions
A red-team structure such as that proposed at the Component Command Level needs to be created in the three war colleges and the National Defence College. All red inputs in various exercises at senior and higher command courses should emerge from these teams, which could operate under the Head of Faculty of Doctrinal Studies. This development would be a critical step in integrating a robust red-teaming culture within analytical wargaming simulations within the Professional Military Education of the Indian military.
Red teaming is not just about flexibility and alternative assessments but also provides a critical and constructive way to validate existing decision-making and plans. While the success of red teams is difficult to gauge, some important outcomes are inevitable: developing new insights into existing problem statement(s); identifying new techniques and approaches; and revealing the thought process and biases in the blue team of the concerned organisation.[26] However, red teaming will remain incomplete until the blue team is open to the insights and assessments of the red team(s).
For India to effectively incorporate red teaming within its military and higher national security establishments, it requires structures, resources, personnel, skills, knowledge, and training. A clear timeline is essential to set up, integrate and operationalise red teaming across planning, operational readiness, training, and education.
[a] The authors are employing the red-teaming concept in the context of the Indian military establishment, including the civilian decision-making agencies and armed forces, to advocate for developing a robust analysis of threats and challenges. In this context, terms like ‘plan’, ‘planning’ and, broadly, ‘decision-making’ are subjective references with strategic, operational and tactical meanings depending on the stakeholders. This approach is motivated by two reasons: to cover a comprehensive utility and immersion of red teaming for various issues and levels of planning and to highlight some common issues that need addressal mechanisms to develop robust frameworks for comprehensive planning to manage the future security environment.
[b]Blue team’ refers to the friendly or defending forces that participate in a simulation activity to protect and defend its objectives and test and validate its plans and decision-making.
[c] In Kargil, the Indian Army operated on an assumption that the nuclearisation of the subcontinent had negated any possibility of open conflict between India and Pakistan. Therefore, according to the Army’s analysis, Pakistan would continue with “infiltration” of militants into Kashmir but would not attempt a military “intrusion”. When the R&AW assessed in October 1998 that “a limited swift offensive” by Pakistan was possible, the Indian Army showed resistance since the conclusion contradicted its analysis. IN the absence of specific data about Pakistan’s aggressive intentions (a closely guarded secret known to only four members including General Parvez Musharraf), the R&AW was incapable of convincing the Army to re-evaluate its assumptions. Therefore, when the Indian Army was taken by surprise on the Kargil heights, there was no intelligence failure. Rather, it was the Army’s failure to pay heed to the R&AW’s assessment that caused its misunderstanding of the strategic environment. See: https://casi.sas.upenn.edu/iit/dheeraj-paramesha-chaya
[d] The term is derived from Nassim Nicholas Taleb’s book, The Black Swan. He defines this as a highly improbable event that has three primary characteristics: it is unpredictable; it has enormous effects on things; and once it has happened, we work hard to delude ourselves that we could have predicted it. See: http://www.jstor.org/stable/24910301.
[e] For more about Computational Red Teaming, see: https://www.dst.defence.gov.au/sites/default/files/publications/documents/DSTO-TN-1104%20PR.pdf
[f] Framing has an important bearing on the course of action.
[g] ‘Groupthink’ refers to internal social pressures that lead to teammates possessing partial solutions to a certain problem. See: Irving Lester Janis, Groupthink (Houghton Mifflin, 1982), 1-72.
[h] ‘Mind-guarding’ involves letting team members freely express their ideas among themselves with selective participation of team leaders only once the plans reach a certain degree of maturity. Participation from external experts on the matter can be helpful to avoid groupthink.
[i]Red Team(ing) as a process is about testing and challenging Blue Team’s plans and assumptions. Red Side on the other hand is more about representing and simulating the adversary.
[j] One of the authors of this paper was responsible for its planning and conduct.
[k]‘Net Assessment’ is “the comparative analysis of military, technological, political, economic, and other factors governing the relative military capability of nations’, and its purpose as being ‘to identify problems and opportunities that deserve the attention of senior defense officials.” There are four categories of net assessment: foreseeing potential conflicts; comparing strengths and predicting outcomes in given contingencies; monitoring current developments and being alerted to developing problems; and warning of imminent military danger. See: https://theforge.defence.gov.au/article/net-assessment-enhancing-strategic-decision-making-senior-defence-leaders#26a
[1] Ed McGrady, “Getting the Story Right about Wargaming,” War on the Rocks, November 8, 2019, https://warontherocks.com/2019/11/getting-the-story-right-about-wargaming/.
[2] China Aerospace Studies Institute, In Their Own Words: 2020 Science of Military Strategy, January 2022, Montgomery, Air University (AU), 2022, https://www.airuniversity.af.edu/CASI/Display/Article/2913216/in-their-own-words-2020-science-of-military-strategy/.
[3] Bhaswar Kumar, “Indian Army Plans Aggressor Red Team, Test-Bed Units in Modernization Drive,” Business Standard, April 5, 2024,
[4] Captain Dale C Rielage, “War Gaming Must Get Red Right: An Expert In-House Adversary is a Powerful Tool for the Fleet,” Proceedings 143, no. 1, January 2017, https://www.usni.org/magazines/proceedings/2017/january/war-gaming-must-get-red-right/
[5] Moique Kardos and Patricia Dexter, A Simple Handbook for Non-Traditional Red Teaming, March 2017, https://www.researchgate.net/publication/314247267_A_Simple_Handbook_for_Non-Traditional_Red_Teaming
[6] Mark Mateski, “Red Teaming: A Short Introduction 1.0,” Project White Horse, http://www.projectwhitehorse.com/pdfs/Ed9/5.%20A%20Short%20Introduction%20to%20Red%20Teaming.pdf.
[7] Gregory F. Treverton, The Next Steps in Reshaping Intelligence, Santa Monica, RAND Corporation, 2005, p. 17,
https://www.rand.org/content/dam/rand/pubs/occasional_papers/2005/RAND_OP152.pdf.
[8] “A Simple Handbook for Non-Traditional Red Teaming”
[9] Dheeraj Paramesha Chaya, “Kargil to Galwan: Distinguishing Intelligence Failures and Response Failures,” Centre for the Advanced Study of India, University of Pennsylvania, January 6, 2025, https://casi.sas.upenn.edu/iit/dheeraj-paramesha-chaya.
[10] University of Foreign Military and Cultural Studies, Red Teaming Handbook, April 2011, Kansas,
https://newandimproved.com/wp-content/uploads/2014/04/ufmcs_red_team_handbook_apr2011.pdf.
[11] “Red Teaming Handbook, April 2011”
[12] “A Simple Handbook for Non-Traditional Red Teaming”
[13] Mark Mateski, “Toward A Red Teaming Taxonomy Version 2.0,” Red Team Journal, 2004,
https://web.archive.org/web/20050301080203/http://redteamjournal.com/methods/methodsTaxonomyTwo.htm
[14] “A Simple Handbook for Non-Traditional Red Teaming”
[15] Matthew Lauder, “Red Dawn: The Emergence of a Red Teaming Capability in the Canadian Forces,” Canadian Army Journal 12, no. 2 (2009): 25-36, https://publications.gc.ca/collections/collection_2010/forces/D12-11-12-2-eng.pdf ; Mateski, “Toward A Red Teaming Taxonomy Version 2.0”
[17] Insights provided by a wargaming expert.
[18] United Kingdom, Ministry of Defence, Red Teaming Handbook (3rd Edition), 2021, pp. 13-54,
[19] United Kingdom, Ministry of Defence, Red Teaming Handbook (3rd Edition), 33-42.
[20] David Hardman, Judgement and Decision Making: Psychological Perspectives (United Kingdom: Wiley-Blackwell, 2009), pp. 104.
[21] Hardman, Judgement and Decision Making: Psychological Perspectives.
[22] Tom Longland, “Red Teaming and Course of Action Wargaming,” Professional Wargaming, https://www.professionalwargaming.co.uk/RedTeamingAndCOAGaming.pdf.
[23] Micah Zenko, Red Team: How to Succeed by Thinking Like the Enemy, (United States of America: Basic Books, 2015), pp. 1-23.
[24] Zenko, Red Team: How to Succeed by Thinking Like the Enemy, pp. 216-228.
[25] “Red Teaming Handbook, April 2011”
[26] Zenko, Red Team: How to Succeed by Thinking Like the Enemy, pp. 212-214.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.
Rahul Rawat is a Research Assistant with ORF’s Strategic Studies Programme (SSP). He also coordinates the SSP activities. His work focuses on strategic issues in the ...
Read More +
Brig Arun Sahgal is Senior Fellow at the Delhi Policy Group, a policy think tank focusing on international and national security. He was previously the ...
Read More +
PREV
