Defense

The United States quickly must adopt a segmented approach to its military forces to ensure that key elements can survive a comprehensive cyber attack, according to a recently released Defense Science Board (DSB) Task Force on Resilient Military Systems. This approach entails a risk reduction strategy that combines deterrence, refocused intelligence capabilities and improved cyber defense. The effort must constitute “a broad systems approach … grounded in its technical and economic feasibility” to face a cyber threat that has “potential consequences similar in some ways to the nuclear threat of the Cold War,” the DSB report says.

The report declares that the United States cannot be confident that its critical information technology systems will work under attack from sophisticated adversaries combining cyber capabilities with conventional military and intelligence assets. In particular, the Defense Department’s dependence on vulnerable information technology “is a magnet” to U.S. opponents. U.S. networks are built on “inherently insecure architectures with increasing use of foreign-built components.” The report states that the department and its contractor base already have sustained “staggering losses” of system design information representing decades of combat knowledge and experience.

No silver bullet exists to eliminate cyberthreats, the report allows. Instead, it recommends an approach analogous to that employed against U-boats in World War II. Risks are not reduced to zero, but the challenge can be contained and managed through broad systems engineering of a spectrum of techniques.

Homeland Security Conference 2013 Show Daily, Day 3

Although many in government are moving as quickly as possible to adopt new technologies, such as cloud computing and mobile devices, individual agencies still face cultural challenges that sometimes prevent them from moving forward, according to officials speaking as part of the Chief Information Officer Council at the AFCEA Homeland Security conference in Washington, D.C.

Richard Spires, chief information officer for the Homeland Security Department (DHS), reminded the audience that DHS was created by joining a lot of disparate agencies, all of whom owned individual networks. While the department is working to integrate the information technology infrastructure and consolidate data centers, officials still meet some resistance at the individual agency level. “There’s still have lot of duplication and in some ways duplication is holding us back. I’d like to say we’re making progress, but I’ll let others grade us on that,” Spires said.

Other officials agreed that they meet resistance as well. Robert Carey, deputy chief information officer for the Defense Department cited a culture of change and said a constrained budget environment can be a power catalyst for action in moving toward a more centralized environment.

Cybersecurity itself can present challenges, according to Luke McCormack, chief information officer for the Justice Department. “Cyber’s hard. The individual pieces of that can be very difficult,” he said. He also cited the need to bring people together on emerging technologies, such as cloud-as-a-service, as a challenging issue.

Significant fuel savings and operational efficiencies are some of the benefits of an intelligent power management system that includes multiple energy sources.

The U.S. Army has tested a proof of concept for a smart electrical grid that would support tactical operations in the field. The concept, which was tested last summer, could save potentially billions of dollars in fuel use at remote forward positions. By eliminating the need to transport fuel for generators at such encampments, the new Tactical Operations Smart Grid also carries with it the potential of saving the lives of warfighters.

The smart grid, which takes advantage of multiple off-the-shelf electrical energy technologies, is being developed and tested by the Army’s Research, Development and Engineering Command’s (RDECOM) Communications-Electronics Research Development and Engineering Center (CERDEC). Along with helping set specifications for a future vendor-developed system, data from the tests also are being compiled as part of the Defense Department’s longer-term program of reducing both manpower and fuel use for energy generation.

“These systems are designed to integrate existing military-standard tactical generators managed by portable electric power systems out in the field, providing the ability to intelligently work within a grid operation,” says Michael Zalewski, a project mechanical engineer with CERDEC’s Command, Power and Integration (CPI) directorate. The tactical microgrid is being developed as part of the HI Power program, for Hybrid Intelligent Power. Newly developed digital controllers allow the system to balance electrical production, storage and demand dynamically, he explains, “and by doing this, we’re able to right-size the production of power to the load and demand at that point in time.”

Officials work to provide a new cloud approach across 
the service as well as the Defense Department.

U.S. Army officials estimate that by the end of the fiscal year, they will go into production on a new cloud computing solution that could potentially be made available across the Defense Department and could eventually be used to expand cloud capabilities on the battlefield. The platform-as-a-service product incorporates enhanced automation, less expensive software licensing and built-in information assurance.

During the past year, officials with the Army’s Communications-Electronics Command (CECOM) Software Engineering Center (SEC), Aberdeen Proving Ground, Maryland, have been working on a cloud computing approach known as Cloud.mil. A four-person team took about four months to deliver the first increment, which is now in the pre-production phase and is being touted to Army leaders, as well as to Defense Department and Defense Information Systems Agency (DISA) officials, as a possible Army-wide and Defense-wide solution.

The whole becomes greater than the sum of the parts in a networked software engineering realm.

A network built after its major move to a new base is allowing the U.S. Army Communications-Electronics Command to link diverse communications systems into an overarching network. This enables capabilities ranging from debugging software updates before they are sent to the front to a multinational exercise for validating operational activities.

When the Communications-Electronics Command (CECOM) relocated from Fort Monmouth, New Jersey, to Aberdeen Proving Ground, Maryland, under the Base Closure and Realignment program (BRAC), it used the opportunity to consolidate capabilities and build new facilities from the ground up that would allow the command to take advantage of the latest technologies. Among these facilities is the Joint On-demand Interoperability Network, or JOIN. This network connects with other laboratories and communications facilities, including some in theater, to share resources and solve problems by using all of their capabilities.

The network has existed in some form for more than two decades. Today’s JOIN community includes research, development, testing and evaluation as well as life-cycle support. JOIN serves as the nexus for these diverse elements. It provides two capabilities: services and interconnectivity as a technical hub.

John Kahler, chief of JOIN, allows that the network was established to integrate the entire command, control, communications, computers, intelligence, surveillance and reconnaissance (C⁴ISR) community and to provide a technical hub so that organizations could exploit each other’s resources as well as work in “a collaborative, common operating environment.” Participants can conduct research, development, testing and engineering along with life-cycle support.

Aberdeen Proving Ground becomes the home of high-techology development, validation and deployment.

Consolidating its communications-electronics assets in a single location has given the U.S. Army vital resources and flexibility that it needs to address its changing information technology demands during a time of transition. This transition is twofold: not only is Army communications absorbing new commercial technologies and capabilities, the Army itself also is facing substantial changes as a force that has been overseas for more than a decade is redeploying back to its U.S. bases.

Some long-established programs have evolved to, or have been transitioned into, wholly new programs. These programs lend themselves to the new centralized approach, which is improving their implementation processes. Having research elements in the same location, as well as access to networked laboratory facilities at distant locations, is generating efficiencies that continue to be discovered as advanced communications and electronics technologies are developed for incorporation into the force.

The Base Closure and Realignment, or BRAC, process consolidated several Army elements, including the Communications-Electronics Command (CECOM), at Aberdeen Proving Ground, Maryland. They are grouped under the umbrella Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C⁴ISR) Center of Excellence. One of these elements, the Program Executive Office (PEO) Command Control Communications-Tactical (C3T), is tasked with providing soldiers with tactical communications and computer systems.

The plug-and-play technology will close large capability gaps in the field.

The U.S. Army is developing the first airborne intelligence, surveillance and reconnaissance platform fully enabled to connect analysts with the Distributed Common Ground System-Army. That system will help remedy problems currently hindering soldiers from having all data feed into a single repository. With the new aircraft, the process will be streamlined from the flying support, so information reaches ground commanders faster to facilitate more timely decision making.

Units will begin enjoying these connected benefits of the Enhanced Medium Altitude Reconnaissance and Surveillance System (EMARSS) aircraft in 2014, with the Army accepting deliveries from Boeing beginning later this year. In the past, all airborne intelligence platforms employed their own unique processing, exploitation and dissemination procedures that transmitted to specific ground stations. Personnel then had to find workarounds to share it with the troops who needed it. Through the Distributed Command Ground System-Army (DCGS-A), analysts can query the single system and retrieve the sensor data remotely.

Soldiers have used the DCGS-A extensively throughout their operations in both Iraq and Afghanistan. However, the Defense Acquisition Executive only approved the system for full deployment across the force in mid-December of last year.

The Army’s Guardrail platform is also DCGS-A capable, but it does not have operators of the system on board nor does it have imagery intelligence (IMINT) capability. Guardrail is designed to support only signals intelligence (SIGINT) to the DCGS-A, while EMARSS will bring in the imagery piece at the secret Internet router protocol network level. In addition, EMARSS will be the first platform that can provide data from secret to top secret immediately into the Army's distributed system.

Officials aim to have a solution in place by year's end.

The U.S. agency responsible for the management and security of the nation’s nuclear weapons, nuclear proliferation and naval nuclear reactor programs is racing to put unclassified data on the cloud this year. Cloud computing is expected to provide a wide range of benefits, including greater cybersecurity, lower costs and networking at any time and from anywhere.

Officials at the National Nuclear Security Administration (NNSA), an agency within the Department of Energy, expect to have a cloud computing capability this year. The solution, known as Yourcloud, will provide the NNSA with its own cloud computing environment to manage data more securely, efficiently and effectively. It is part of an overall effort to modernize the agency’s information infrastructure. Yourcloud replaces an aging infrastructure that resulted in too many data centers and an inability to refresh equipment as often as necessary.

The Yourcloud infrastructure will be built and owned by industry, while the NNSA will control the data residing in the cloud. “We’ll be using a commercial data center space with a managed cloud provider as well as a managed security provider to offer us fee as a service back to our customer base,” says Travis Howerton, NNSA chief technology officer.. I don’t want to own my own infrastructure on the unclassified side, but I do want to own my own data. That’s why we’ve been pushing the innovation agenda around security, taking advantage of the lower-cost industry options while not compromising our security posture. What we really have to do is figure out how to insource security and outsource computing, to keep the keys of the kingdom inside, to protect the crown jewels, to make sure we own the security of our data, but then to take advantage of low-cost computing wherever it may be. We are evolving to that model.”