Enable breadcrumbs token at /includes/pageheader.html.twig

Experimental Protocol May Speed Battlefield Bits and Bytes

Managing bandwidth over military computer networks is critical for modern combat operations. An experimental networking protocol may help get vital information to warfighters by tracking data and giving priority to specific users, such as a unit involved in a firefight.

The Military Networking Protocol (MNP) program is an effort by the Defense Advanced Research Projects Agency (DARPA) to develop new techniques to improve cybersecurity, promote dynamic bandwidth allocation and create policy-based prioritization service levels at the individual and unit levels. To improve security, program engineers are working on router technologies that include strong authentication and self-configuration capabilities. Smart networks also would reduce the need for additional network support personnel and would lower life-cycle costs for managing the network.

One of the goals of the new protocol is the ability to track data across a network, from its origin to its end point. This is something that current computer systems cannot do, explains Dr. Timothy Gibson, DARPA’s MNP program manager. The program builds on a previous DARPA effort called Control Plane, which developed devices called flow routers that managed data traffic across computer networks, he adds.

Managing a variety of data flows provides administrators with a great degree of fine-tuned control over throughput and other aspects of the system. “Before, we couldn’t really manage flows,” Gibson observes. But if data flows can be managed, they can be tracked. He explains that placing identifiers into the data moving across a network also can provide full attribution down to the individual or unit level for each data stream.

By controlling data flows and knowing to whom the information belongs, quality of service can be introduced and tailored for the individual unit, person or type of traffic. Gibson notes that old military telephones had buttons for routine calls, priority calls and flash override. “That [capability] doesn’t exist over Internet protocol [IP] data networks right now,” he says.

Aside from security considerations, tracking data also allows administrators in large organizations to locate malfunctioning computers quickly and accurately. “If you have a computer that’s giving you a problem, you should be able to track it down. You should be able to actually know everything that you need to know about the computer,” he says. Another program goal is developing the capability to track equipment down to the individual unit, user and location within 5 to 10 minutes. Gibson notes that currently it can take days to locate problem computers.

DARPA awarded contracts last fall to two industry teams to develop prototypes. The teams are led by BBN Technologies and Lockheed Martin. Phase One is 18 months long and will end in early 2011. If the technology is successful, two additional 12-month phases will follow, Gibson says.

Andy Spencer, Lockheed Martin’s chief engineer for MNP, explains, “DARPA is forcing us to look at the way packet networks work and to try to provide a little more intelligence as far as what they can do.” The effort is examining packet structures and linking them to organizational structures and field personnel. This connection will allow administrators to allocate network resources based on individual user identities, he says.

Spencer is excited about the program because “it will change the way packet networks work.” He explains that this fine-grained network control will make the military more efficient and able to support different mission needs in terms of prioritization.

The new protocol also must be compatible with existing computer networks. Data using the MNP still must be able to move seamlessly across military networks. Mike Briske, Lockheed Martin’s MNP program manager, explains that once the data enters an MNP-based network, it must be able to identify and register another user employing the protocol for attribution.

What makes MNP unique, Spencer shares, is that instead of treating networks based on the traffic type, such as prioritizing voice and data traffic over video, it looks at who is requesting the traffic and allocates resources based on their roles. He notes that this role allocation has not been a priority in the past. Although administrators classify traffic by types and try to regulate them by criteria, flow control is not linked to its source, individuals or organizations. For example, it may be possible to provide a unit under fire with more network resources and privileges than others, he relates.

A key challenge the program faces is providing the ability to trace and control network resources while providing security and confidentiality. Spencer explains that while the network needs to track the flow of data, the goal is not to have any identity information on the network that may lead to an operational security issue. He adds that DARPA also is promoting end-to-end security, both at the network level and at the user’s terminal, which would provide additional control and would create a chain of trust throughout the entire system.

If Phase One of MNP is successful, Phase Two will focus on scalability as researchers begin to build networks. The plan is to expand from a 20-node network to 100 nodes. A hundred routers will pass traffic and simulate a large number of end users simultaneously accessing the network to determine if the network can sufficiently control the bandwidth.

DARPA also is requiring higher performance with each new phase of the program. Spencer explains that Phase One requires throughput speeds of 100 megabits per second, Phase Two will increase to 1 gigabit per second and Phase Three will reach speeds of 10 gigabits per second. Phase Three also will feature tests with 200 routers simulating 100,000 users on the network. “It’s a substantial growth pattern to go from a battalion- or brigade-size element up through a division or corps element that will be deployed somewhere,” Briske says.