NITECH: NATO Innovation and Technology – Issue 8

FAST NEUTRALIZATION OF BALLISTIC MISSILE THREATS

PLANNING , TASKING AND EXECUTION AT THE SPEED OF RELEVANCE

NITECH

NATO Innovation and Technology ISSUE 8

| DECEMBER 2022

Editors Adelina Campos de Carvalho, Simon Michell, Lara Vincent-Young (interim)

Project Manager Andrew Howard

Editorial Director Emily Eastman

Art Direction Errol Konat

Layout Billy Odell

Contributing Photographers Marcos Fernandez Marin, Conrad Dijkstra, Francesc Nogueras Sancho

Cover Errol Konat

Cover photograph Conrad Dijkstra

Printed by Pensord Press Limited

Published by

On behalf of

Chantry House, Suite 10a High Street, Billericay, Essex CM12 9BQ

United Kingdom

Tel: +44 (0) 1277 655100

NATO Communications and Information (NCI) Agency Oude Waalsdorperweg 61, 2597 AK The Hague, Netherlands

© 2022. The views and opinions, expressed by independent (non-NATO) authors, contributors and commentators in this publication, are provided in their personal capacities and are their sole responsibility. Publication thereof, does not imply that they represent the views or opinions of the NCI Agency, NATO or Global Media Partners (GMP) and must neither be regarded as constituting advice on any matter whatsoever, nor be interpreted as such. References in this publication to any company or organization, as well as their products and services, do not constitute or imply any direct or indirect endorsement, recommendation or preference by the NCI Agency, NATO or GMP. Furthermore, the reproduction of advertisements in this publication does not in any way imply endorsement by the NCI Agency, NATO or GMP of products or services referred to therein.

CREATING DIGITAL FUTURE

FOR ALL OF US. AND GENERATIONS TO COME. We specialize in advanced ICT solutions that positively impact businesses and society.

Are you looking for technologies that will help you modernize and digitalize your business operations? Here’s what we recommend:

Cyber Security Solutions

Modern security solutions are the most effective defense against cyber attacks. They use artificial intelligence and automation technologies to identify attacks and respond automatically. By integrating several tools, you will extend defense to the entire organization immediately.

A good company network assures safe and uninterrupted communication of all business applications and systems. It allows secure collaboration of employees that access the company network from various locations. High-quality bandwidth, stability, and data security characterize top network performance.

Data Center Infrastructure

Designed by the latest trends and equipped with the highest level of technology, data centers support companies’ business operations. They provide options to connect to public clouds or build a private one safely.

Networking Solutions IT Infrastructure

The main tasks of a good IT infrastructure consist of meeting high expectations; such as providing business support, enabling uninterrupted operation flow, and providing secure storage and data access. Most importantly, it must be fast, upgradeable, and managed efficiently.

www.king-ict.com / info@king-ict.hr

DEFENCE IS FORCE FOR GOOD

Helping to keep the world a beautiful place, Airbus provides countries with military solutions to protect their citizens, values, and vital infrastructure. With advanced technology across the domains of land, sea, air, space, and cyber, it is our mission to pioneer sustainable aerospace for a safe and united world. That’s why protecting it is at the heart of all we do, ensuring frontline personnel and entire communities get the support they need, at the time they need it most.

When we were planning the first of our new flagship event, NATO Edge, we had no idea that there would be war in Europe. What we did know was that whatever challenge the Alliance may face, technology would play a key role in finding solutions, and so that is why we put a focus on technology.

EMPOWERING NATO’S TECHNOLOGICAL EDGE

When focusing on technology, emerging and disruptive technologies (EDTs) are at the top of the agenda, including artificial intelligence (AI) and data. EDTs are a crucial facet of the NATO 2030 agenda. Thus, the Agency continues to work closely with relevant partners in academia and the private sector to maintain NATO’s technological edge and military superiority.

It is important to remember that EDTs, while providing new opportunities for NATO militaries, helping them become more effective, resilient, cost-efficient and sustainable, also present risks for NATO and Allies. It is the Agency’s job to understand and mitigate these risks to ensure that the Alliance remains ready to face tomorrow’s challenges.

The path towards the establishment of a fully digital NATO is complex. NATO’s digital transformation vision

is ambitious, though realistic. Collectively, we need to make sure we set the right foundations to establish a solid NATO digital context.

This edition boasts a host of impressive and thoughtprovoking articles from the likes of Dr Luis Astorga, Chair, of the Agency Supervisory Board, who offers a comprehensive introduction, as well as a lead article by the newly appointed Commander of Allied Joint Force Command Brunssum, General Guglielmo Luigi Miglietta, on how his organization supports deterrence. Portugal’s Minister of Defence, Helena Carreiras, discusses the role of the NCI Academy in Oeiras, and you can get an in-depth look at the very successful first installment of the NCI Agency’s new flagship event in the NATO Edge review. Meet the NATO Innovation Challenge Winners and learn more about their groundbreaking work on Non-Visible Data. Finally, don’t miss the interview with Dr Alice Toniolo of St Andrews’ School of Computer Science on AI for Intelligence Analysts. This issue is a great read!

When creating NITECH, we aim to show you the remarkable depth and breadth of technical expertise at the Agency and across the Alliance. This edition is no exception. Without further ado, happy reading and thank you for your continued support and engagement with the NCI Agency.

ENSURING NATO’S COMPETITIVE EDGE

The NCI Organisation is celebrating its 10th anniversary this year. Its executive body, the NCI Agency, delivers IT services and capabilities to the NATO Enterprise, and ensures that the Forces on the ground remain connected with the proper C5ISR (command, control, communications, computers, cyber, intelligence, surveillance and reconnaissance) systems and services to perform their missions.

Looking back at these past 10 years, we can say that the Agency has succeeded in its mission and that it continues to be a critical enabler of NATO’s core tasks. It is worth keeping this in mind. This is visible to every NATO employee whenever they enter into the NATO Secret Wide Area Network, it is visible to the forces on the ground when they exchange tactical data through NATO satellite networks using, for example, NATO Internet Protocol Routing in Space (NIRIS). Obviously, for any IT organization, there is no specific point of arrival or final goal to be achieved. Transformation, continuous improvement and incorporation of new technologies are essential for keeping the edge over competitors and adversaries. This approach has been vital for NATO, and it is going to be more crucial in the future. The NCI Agency will continue to play a central role for NATO in this exciting and complex journey.

After recognizing that the Agency adds value, we must also acknowledge the challenges and setbacks. The Agency, just like any other organization, is not perfect. There is always room for improvement, and such progress can be made through permanent Agency commitment, steady governance and the engagement of the relevant stakeholders, as collectively, we hold a responsibility for the Agency’s future. Continuous improvement will happen thanks to the Agency’s employees and the coordinated efforts of the NCI Agency General Manager, Ludwig Decamps, within the governance structure that I have the honour to chair.

Some 10 years ago, the fusion of several NATO agencies under a single entity, the NCI Agency, was successfully achieved, aimed at increasing synergies and efficiencies whilst reducing costs through economies of scale. Many of those efficiencies were achieved, but a lot of complexity was added as well. The Agency has more than 3,300 employees at four main locations (Brussels, The Hague, Mons and Oeiras) and at 20 different CIS Support Units (CSUs) spread all along the NATO geographic footprint. This is a complex structure which mirrors other complex organizations, often operating under very specific constraints. After all, NATO is a consensus-based organization, grounded on political will and the desire to find a common middle ground acceptable to all the Allies. This consensual approach is only possible because we all share the same fundamental values that are at the core of our

like-minded societies – democracy, rule of law, mutual respect and diversity to name a few. Consensus provides a lot of strength and it is probably one of the reasons for the long and successful history of NATO. However, achieving consensus requires time and often entails long and difficult consultation processes.

It is safe to assume that, to some extent, the strengths and the weaknesses of NATO as an organization are those of the NCI Agency.

GOVERNANCE AND STRUCTURE

It is worth looking at the NCI Agency’s governance structures to understand how they operate. The Agency is the executive body of the NCI Organisation, ruled by an Agency Supervisory Board (ASB) that provides organizational governance. The Agency works following a customer-funded model - CFRF (Customer-Funded Regulatory Framework), designed and supervised by the NATO Resource Plans and Policy Board (RPPB), which enables it to deliver services and capabilities as approved (and supervised) by the Budget and Investment Committees.

It is important to understand the advantages and disadvantages of the CFRF. It requires the Agency to be transparent in its costs and to prove that it is delivering value for money. It encourages efficiency to an Agency that is a monopoly by nature. It also requires the Agency to match workforce capability and demand at 100% at any given time; naturally, this poses a challenge to the Agency’s ability to quickly step up to a crisis, which by nature requires a swift enhancement of IT capabilities in support of operations.

The future of the Agency and its ability to contribute decisively to keeping NATO’s competitive edge relies on its workforce. “We need to hire, train and retain the best” – as the General Manager stated in the Agency’s strategic plan – “in order to achieve excellence in delivery.” I would add that, having the right people with the right skills is not enough. We need the right processes as well. Again, while acknowledging the extraordinary efforts that Agency staff members make in support of the NATO Command Structure and the NATO Force Structure – including in live operational theatres such as Afghanistan and Iraq (the ongoing NATO training mission included), there is room for improvement in our processes, especially in acquisition and capability delivery.

Projects with a fixed time, price and scope need to leave space for different approaches such as dynamic sourcing and/or agile methodology. In addition, Agency programme management functions may also require a more professional and standardized approach in order

A course underway at the NCI Academy in Oeiras, Portugal (PHOTO: NCI AGENCY)

to assure that we are able to deliver at the pace and quality required. The ambitious NATO 2030 Agenda is going to put more pressure on the Agency. To deliver the Agenda’s objectives, one of the key elements will be a sourcing strategy made in partnership with industry, which would transfer a significant part of technological risk to the private sector. This is crucial to enabling the balance between demand and delivery.

New disruptive technologies such as artificial intelligence (AI), the cloud and quantum computing are coming. In fact, the cloud is already here, but in the next three to five years, we will also need to incorporate AI into many of our processes in order to facilitate multi-domain operations as conceived by Allied Command Transformation (ACT). It may require more time before quantum computing is introduced into our enterprise processes, but our crypto protocols will have to be updated relatively quickly to become ‘quantum resistant’ if we want to continue protecting our classified information so we can operate safely.

To succeed in these domains, we need the right people and the right processes as well as an agile and efficient Agency. Since becoming NCI Agency General Manager, Ludwig Decamps has embraced a transformational approach for the Agency, implementing the new matrix structure and focusing on excellence in delivery. He counts on the professionalism of an excellent and committed workforce, the Agency civilian and military staff and on the full support of governance. Together, let us all make the NCI Agency the reference point for excellence in the NATO Enterprise.

Building a resilient threat-informed defense together

As a leading European cybersecurity vendor, the most targeted organizations in the world – including governments and large enterprises – use our platform to operationalize threat intelligence at scale, to deepen threat hunting, detection and response capabilities, and to accelerate collaboration within and across security teams.

www.eclecticiq.com

NATO EDGE

The NCI Agency’s Flagship Conference Successfully Launched

Simon: Signs of normality appear to be slowly emerging across the world. Although many of the new remote-working practices will remain, we are finally able to reconvene in person in large gatherings. And without a doubt, the NCI Agency’s new flagship conference, NATO Edge, has proven that person-to-person networking remains essential and perhaps even more popular than before the pandemic.

Adelina: Absolutely! The new conference was a resounding success. It really got off to a phenomenal start and provided a unique platform for tech leaders, NATO and national representatives to discuss the technology, collaboration and partnerships needed to future-proof NATO and the Alliance. The levels of enthusiasm from the more than 2,100 delegates and exhibitors were tangible.

Simon: Indeed – thanks to an engaging agenda of keynote speeches, presentations and panel discussions. Not forgetting all the exhibitors.

Adelina: We were also thrilled to celebrate our 10th Anniversary celebrations with delegates. I really enjoyed seeing all three of the NCI Agency’s General Managers on stage at the same time to mark this special occasion. Your ‘NATO Edge in Review’ article captures the essence of the event to a tee and there are some exceptional photos from both the main plenary theatre and the exhibition hall.

Simon: For sure. Once again, there is a raft of outstanding articles from our contributors covering quite a large spectrum of topics. I think the partnership theme is particularly strong, once again. I especially liked Serge Da Deppo’s ‘Importance of Collaboration’ article, which highlights the key role that the NCI Agency plays in Allied Command Transformation’s Innovation Hub. Emmanuel Bouillon’s piece on the NATO Industry Cyber Partnership programme is fascinating as well.

Adelina: Partnerships are a key topic. They always will be. That’s why I think the Not-For-Profit Framework (NFPF) feature outlines a very important move by the Agency – it could be a bit of a tipping point for NATO as a whole. The ability to make it easy for universities and think tanks to work with us in the early stages of a technology development journey is vital.

Simon: The Drone Follower project shows the benefits that working with these not-for-profits can bring. It will be interesting to see how the first two NFPF contracts pan out. We should definitely write about them in the future.

Adelina: I agree. Recent events have proven how useful drones are going to be in the future, both for deterrence and actual operations.

Simon: It is not just drones though. The illegal invasion of Ukraine has seen the dawning of what might be considered the first digital war. It is being played out in all domains, especially space and the cybersphere. Twitter, Instagram and Facebook are also being dragged into the mix for both situational awareness and information warfare purposes. General Miglietta’s piece on the Allied Joint Forces Command, Brunssum shows how prescient the Alliance was in shoring up the defences prior to the invasion. He points out the vital role that the NCI Agency plays in supporting his Command in terms of technology and communications networks.

Simon: For me, the war in Ukraine has also shown how vital and popular the Alliance actually is. The fact that the conflict has resulted in Sweden and Finland both deciding to join NATO as full members shows the Alliance’s value. Sure, both countries were active partners before the war, but now they will be fully integrated. Anthony Moore’s explanation of how Sweden is well on the way to becoming a fully integrated part of the Federated Mission Network (FMN) is just the beginning. This type of interoperability is not an easy thing to achieve, but it is nevertheless essential.

Simon: The readers will not know, but this is, in fact, your last issue of NITECH. By the time it is published, you will have already started your new role at the European Space Agency – ESA. NITECH owes you a huge debt of gratitude. Starting a new publication is never easy, and your hard work and enthusiasm have been invaluable. Everyone on the team in Brussels, The Hague and London wish you all the very best for the future!

Adelina: Thanks Simon. It has been an absolute pleasure. I am sure my successor will enjoy the role as much as I have. Lara Vincent-Young, our new team member, will cover for me superbly until the new Co-Editor is appointed. Good luck for the future everyone.

Lara: Thanks Adelina, we’re really going to miss you! It will be a difficult task to fill in for you but I’m up for the challenge and I look forward to supporting Simon and the new Co-Editor in future editions of NITECH.

Lara has entered the chat

INDUSTRY PERSPECTIVE

The mobility networks of tomorrow

AI and machine learning: the game-changers to defending the future of autonomy

The infamous Jeep hack in 2015 is a prime example. Two white-hat hackers were successfully able to hack a Jeep on the motorway while it was driving at 70mph. The hackers took over vehicle functions, from the windscreen wipers to disabling the accelerator – stalling the engine to bring the vehicle to a complete stop.

Fiat Chrysler recalled 1.4 million cars in response, and it resulted in the first legal dispute of its kind. This hack occurred in a non-autonomous vehicle and the risks would have been amplified if the vehicle were more connected and unmanned.

systems running their CAVs is a challenging task.

Firstly, this is because there are no established standards for vehicle security. The European Union (EU) only offers recommendations on how automakers and OEMs should cope with cyber security challenges for autonomous driving. The absence of clear, defined technical requirements for autonomous driving security means getting security right in autonomous cars is tricky.

Connected and Autonomous Vehicles (CAVs) are clearly bringing new opportunities for organisations such as NATO and their Alliance Member States. The idea of an unmanned military convoy delivering supplies without putting soldiers’ lives in danger is an attractive one. CAVs are changing the way we think about mobility and transforming the digital network infrastructure that supports these vehicles. Soon, every consumer car will be connected and able to talk to everything around it using Vehicleto-Everything (V2X) technology, including other cars and smart city infrastructure.

But as with any connected computing device, the advent of CAVs brings with it security threats, as the number of computing and network components both inside and outside a car will dramatically increase – raising the attack surface for criminals to wreak havoc. For organizations such as NATO and its Alliance Member States, a hack on one or more military vehicles would be disastrous.

New threats on the horizon

While the hackers in the Jeep incident didn’t harbour any sinister intentions, others, including terrorists and rogue nations, won’t be so kind. As connectivity expands to become the nervous system of our new mobility infrastructure, connecting our vehicles to base stations in military operational environments, we’ll start to see malicious actors spread code with increased vitality – much like how biological pathogens spread.

For automakers and original equipment manufacturer (OEM) device producers, tracking all the vulnerabilities across the

Automakers and OEMs not only have to consider the security of the firmware and software against the typical threat of cyber-attacks, but it’s also made more complicated by a connected IoT system where one vulnerability could open up the system to even more threats. With a lack of standards and potentially millions of OEM devices connecting with each other, it’s nearly impossible to know exactly where the threat will come from.

Building our defences

While in some industries security breaches only disrupt business operations, for CAVs, breaches can be

a matter of life or death. For autonomous vehicles to become a reality, they need to be safe, reliable and resilient enough to earn the trust of the military. Fortunately, the solution lies with the technology that will make autonomous driving a reality in the first place: artificial intelligence (AI) and machine learning.

One project showing the budding potential of AI is the BT Mobius project, a cyber security project developed by a team at our Applied Research innovation hub at Adastral Park. The project showed that AI-powered epidemiological methods – typically used to model the spread of pathogens – could be deployed to model the spread of malware over V2X communications in CAVs.

This is potentially game-changing in turning the tide against malicious actors. If deployed across our entire mobility infrastructure, it could function as the immune system for the

network, responding to an attack in the same way our white blood cells would respond to infection – using software-defined networking-based (SDN) security applications to quickly block malicious intruders at the entry point where possible, otherwise change security controls to slow down and limit the spread of the attack or divert them to firewalls before they do more damage to the network.

Although initially focused on measuring malware infection rates among CAVs, the team behind the solution has expanded its scope to look at how we protect larger fixed assets such as buildings and network equipment.

On the road to autonomous driving Connectivity is the key force bringing us closer to a future where automation plays a central role in military scenarios, particularly where mobility is concerned. However, as

we advance towards that goal, we must keep our eye on the hazards that threaten to throw us off course.

Connectivity providers can help automakers and OEMs monitor and protect their connected vehicles from future threats, creating a secure operational environment that will enable them to maintain control over their cars and safeguard the passengers that ride them. AI and machine learning are the indispensable tools that will protect against cyber threats to the mobility networks of today, and tomorrow.

JFC BRUNSSUM SUPPORT TO DETERRENCE

We ask the newly appointed Commander of Allied Joint Force Command Brunssum, General Guglielmo Luigi Miglietta, how his organization supports deterrence, what role technology plays in achieving this mission and how the NCI Agency supports it

Can you give a brief description of JFC Brunssum’s history?

JFC Brunssum (JFCBS) was founded as Allied Forces Central Europe, or AFCENT, in Fontainebleau, France in 1953. AFCENT, and counterparts AFNORTH and AFSOUTH, can be considered the first NATO Operational level Joint Force Headquarters. As their names indicate, the three original commands had responsibility for different geographical regions; AFCENT covered the central part of Europe, while the other two covered the north and south, respectively.

After France withdrew from the NATO military structure in 1966, AFCENT relocated in 1967 to the city of Brunssum, in the Netherlands, transforming the site of a recently closed coal mine into an operational military headquarters. The headquarters has called Brunssum home ever since. Our Dutch hosts have been extremely supportive of the military presence here

over the decades, and we enjoy an excellent relationship with them.

How has Allied JFC Brunssum’s role changed over the decades?

The original AFCENT headquarters has restructured and renamed itself multiple times over the years in response to world events. We became Regional Headquarters Allied Forces North Europe in 2000, as NATO and the West adapted to a new world order following the fall of Communism and the Soviet Union. We became Joint Force Command HQ Brunssum in 2004 as it became more apparent that the emerging threat of terrorism and our operations in Afghanistan were going to be long-term commitments. In the early 2000s, many new countries joined NATO, and a new emphasis on the Alliance meant that our name changed again in 2012 to HQ Allied Joint Force Command Brunssum. Despite all this, the core business of a Joint Force Command has changed little since its origins in 1953.

Our most significant shift in recent years was the result of Russia’s unprovoked and brutal aggression toward Ukraine. Following the illegal annexation of Crimea in 2014, NATO recognized the need to increase its force presence on the Alliance’s eastern flank. We therefore developed the Enhanced Forward Presence concept, which established multinational Battlegroups in Estonia, Latvia, Lithuania and Poland. Then, following Russia’s invasion of Ukraine in February 2022, NATO doubled the number of Battlegroups, with four new units emerging in Bulgaria, Hungary, Romania and Slovakia. The size of existing Battlegroups was increased at the same time, by 50-100 percent.

Another recent innovation is the NATO Response Force (NRF), in which Allies take turns to make circa 40,000 troops available at short notice to respond to crises. Contained within the NRF is the VJTF, or Very High Readiness Joint Task Force, a multi-national, multidomain force of about 20,000 who are ready to deploy within 48-72 hours.

What is JFC Brunssum’s current mission and how does it achieve it?

As Commander JFC Brunssum, my role is to plan, execute and support military operations within my assigned missions and tasks, in order to preserve the freedom and security, national sovereignty and peace of NATO Allies and Partners.

With NATO’s Resolute Support Mission in Afghanistan now over, my most important task is to ensure the Alliance is prepared to deter and defend against aggression in Northern Europe. To help me in this I have an experienced team of planners and subject matter experts at my disposal.

We achieve our mission through comprehensive planning, force posture management and situational awareness to ensure that NATO always has the right forces available in the right place and at the right time to prevent aggressive acts on our soil.

Our planning is across all the domains – air, cyberspace, land, sea and space – and with full collaboration of all NATO Allies and Partners, including Finland and Sweden.

By remaining ever vigilant and being flexible when the situation changes, NATO has preserved peace on Alliance territory for over 70 years. Though war has once again returned to Europe with Russia’s illegal actions in Ukraine, it has not yet crossed our borders. Our continued vigilance at JFCBS and across NATO remains the best way for us to protect every inch of Alliance territory.

What is JFC Brunssum’s area of responsibility and why?

NATO once again has three Joint Force Commands, each with their own regional focus:

The newest JFC is JFC Norfolk in Virginia, USA. Now certified as having reached Full Operating Capability, its area of responsibility includes the High North of Europe, and the North Atlantic Ocean.

JFC Naples in Italy has responsibility for the Mediterranean area and Southern Europe.

Meanwhile, JFC Brunssum’s Area of Responsibility includes most of Northern and Central Europe, including countries that border the Baltic Sea.

While the other two JFCs have a strong maritime flavour (their Commanders are also Commanders of the US Second and Sixth fleets respectively), Brunssum’s activities tend to focus more on the land domain.

This is because, as Commander JFCBS, my Area of Responsibility includes NATO’s entire land border with Russia and Belarus, and most of the land forces deployed by NATO to Deter and Defend against Russia in the Euro-Atlantic Area. For this reason, it is appropriate that I am the only 4* Joint Commander in NATO at the Operational level who is a European General, while my counterparts at Naples and Norfolk are Admirals from North America.

Can you explain the role of emerging technologies in JFC Brunssum’s activities including in the domains of space and cyber security?

Space and cyber are vitally important to NATO. Our doctrine considers space and cyberspace to be separate domains of modern warfare, alongside the traditional domains of air, land and sea.

These domains are highly contested by both state and non-state actors, and, when compared to traditional warfare, the lines between peace, competition, conflict and war are harder to define. Is it, for example, an act of war to conduct a cyberattack on critical infrastructure that results in the death of civilians in a NATO country? Could a cyberattack be grounds for an Article 5 activation?

The answers to these questions are not clear, but it is clear that effectiveness in these domains is linked to the sophistication of our technology and people – not the physical size of our armies. NATO Allies possess some of the World’s most advanced space and cyber technology, but this does not mean we should be complacent. Both space and cyber security are areas where legitimate users are subject to constant hostile activity, which is advancing at a rapid pace.

Here at JFC Brunssum, hostile cyber activity has a minimal effect on our systems thanks to the outstanding support we receive from the NCI Agency and the NATO Cyber Security Centre. With our adversaries developing ever more ingenious ways to hurt us in cyberspace, our biggest priority must be to educate our people on how to protect themselves from cyber threats.

How does the NCI Agency support JFC Brunssum to achieve its mission?

JFC Brunssum’s mission would simply not be achievable without the support of the NCI Agency. At the headquarters, we have representatives from across the Alliance working to integrate capabilities from the Armed Forces of up to 30 Allied nations plus Partners. In this context, effective communication systems are critical to enable us to work together.

The NATO Communications and Information Systems Group (NCISG), in coordination with the NCI Agency, has done fantastic work connecting NATO frontline sailors, soldiers, air personnel and marines with their home units and higher headquarters like Brunssum. They provide hardware and software capabilities that are deployable into the field, via a combination of fibre optics, Ultra High Frequency Radio frequency bands, and satellite transmissions, linking the front line into the wider NATO communications infrastructure to create a common operating picture of the battlefield.

The NCI Agency has oversight for all of our connectivity – whether in the form of telephone, internet, radio, satellite-based monitoring and more. In short, the Agency provides the services that allow us to pass information to each other, to remain vigilant, and to make the best possible decisions. In an era of multinational battlegroups, forward presence and high-readiness response forces, this connectivity is more important than ever in enabling NATO to carry out its core role of deterrence and defence in the Euro-Atlantic area.

Delivering superior strategy in the field

Innovation in defence

The lifeblood of any military operation is intelligence. How it is acquired, managed and delivered at the right time and to the right place is, arguably, the most critical requirement of success for all armed forces. This has been true as far back as wars have been waged but has taken on greater significance in the modern, digital era.

NATO is no stranger to missions, but there has arguably never been one as important as the one it is currently on. To ensure the organisation is fit for the future. It is why there is a considerable onus on the consumerisation of technology and how this can be adapted for military means.

This is an ever-evolving set of parameters that change anywhere from campaign to campaign to hour to hour within operations. Being aware of each and having the systems in place to maximise impact and mitigate issues is something armed forces are constantly grappling with.

By embracing innovation in defence, military operations will not only be better positioned to adapt to the diversity of missions they face - both physically and in the cyberspherebut they will be better equipped to deal with the growing and evolving threat landscape globally.

Three elements of information flow

How information is best disseminated is predicated on three distinct areas. The first of which is the gathering phase. This is essentially acquiring data and information, which can come from a huge array of sources such as the internet, cloud computing, other coalition members and troops on the ground. Indeed, the volume of information can come so thick and fast that it places even greater significance on the second area – deciding a clear route through the fog of war.

Three driving forces of innovation

Democratisation means that some of the most advanced technology is now in the hands of the general public. To get ahead - and stay there - military organisations must turn their focus to civilian life in order to extract the best innovations and learnings relating to; how they are used, when, where and why information is exchanged and the associated impacts. A scenario which is being influenced by three main drivers.

Not all information is perfect. Some is wrong or incomplete. But it needs to be analysed and processed into actionable intelligence so the best decision can be made as quickly as possible and then disseminated across a battlefield, which can be massively dispersed and multidimensional incorporating land, sea, air and digital channels. Of course, success also means doing all this faster than your enemies, which is the final element.

• The first is that the research and development capabilities of states have been superseded by private enterprise. The world’s brightest minds are now working in technology companies (who are themselves desperate to remain ahead of the competition) meaning cutting-edge breakthroughs and new technologies are happening their first.

Multi-Cloud is fundamental

• The second factor is speed. The pace of innovation happening is so rapid, that if military organisations don’t use market technology, they will become obsolete very quickly.

• And finally, even if militaries are not learning from market innovations, you can bet your bottom dollar that their adversaries and other potential threats are. Meaning it’s only a matter of time before they assume field superiority as a result.

The challenge for all of these stages is how to effectively manage the information that is being processed into intelligence from the back end to front, at the right time, to the relevant commander, and in such a way that delivers superiority. Huge advancements in digitalisation have increased the agility of mission commanders in the field but we remain a long way from the portrayal in films where those individuals have a direct line to senior government or military figures at the touch of a button. Instead, the baseline for success is far less glamorous but no less important. The need for a secure and scalable infrastructure.

Digitised conflict today

This is where multi-cloud is fundamental. Defence organisations today all have a secure private cloud with connections to other clouds, either public or to coalition members. These independent but interconnected data sources must operate in a circle of trust that has the agility to adapt to different situations, like geography or time zone, and the requirements of other coalition members.

We’re seeing this in conflicts today. For instance, in the current war with Russia, Ukraine has used drones and open source software from the market. Known as Aerorozvidka, it is a specialist air-reconnaissance unit within the Ukrainian army which has the capacity to observe, detect and identify targets on the field, optimising the resources of the Ukrainian army by informing exactly where to fire shells. It’s a technology that has a success rate of close to 100%.

Defence information challenges

Of course, successfully achieving superiority based on something so vast and complex is not without challenges. Lieutenant General Pierre Gillet, Commander of Rapid Reaction Corps France (RRC-FRA) cites the five Vs as the key areas armed forces must contend with, as covered in Vauban Paper number one.

This example is a demonstration of how a digitised force with highly developed coordination and operations management systems can challenge and inflict damage on a much larger adversary. The fact it works for defence just as equally as attack endorses the value of digital transformation for the armed forces.

How innovation delivers field superiority

Yet simply adopting new technologies and innovation is only one part. To be truly future-proofed, military organisations must engage in - and be aligned to - a cycle of innovation in the field. They must create a scenario whereby innovation is constantly embraced and the barriers to its adoption and deployment reduced to nil.

The first of which is ‘volume’. Namely the sheer amount of information being exchanged and the capacity to handle it. This is followed by ‘velocity’, which is concerned with the speed of processing information from back to front. The third is ‘variety’ and the diversity of information. This is followed by ‘veracity’, which is the accuracy of data, the ability to trust it and its time value. The final V stands for ‘value’ – the relevance of data.

We’ve already moved away from an era of cumbersome and monolithic developments that take months or even years to be deployed. Now we’re seeing the same process happen in weeks and days, which is pushing innovation to the combatant in the field at a pace that has been unseen until now. A good example is the United States Air Force Life Cycle Management Centre, Detachment 12, also known as Kessel Run.

Change is needed

It developed and delivered a software application used for air-to-air refuelling operations. It has helped save the Department of Defence more than $500 million dollars in fuel costs and greatly reduced the time associated with planning refuelling missions, enhancing combat capabilities through its increased coordination.

We’re seeing this today with NATO, which operates as a singular command system but one that must also federate individual member countries and other contributing forces. In essence, it is required to play two mutually exclusive roles, simultaneously. As a coalition it must integrate multiple forces but ensure national separation. It means that operations are carried out under a framework with one nation leading an operation and other coalition members connecting to the lead nation’s system. But this does not – and will not – suitably address the very real challenges outlined by Lieutenant General Pierre Gillet.

Pace, as well as innovation Today, these applications are also shareable - this is critical when forces are often disparate and operate in different regions, landscapes and timezones. A good analogy would be the mobile industry model we see in civilian life. Where apps evolve or need upgrading constantly but because individuals have the hardware, updates can be made anytime, anywhere, information can be shared and new apps can be downloaded to equip field teams with the resources and information they need in almost real-time. Something that was unthinkable just a few years ago.

Change is needed but, if Europe doesn’t move quickly enough into modernizing, it may face the likelihood of having to employ different systems, from the US, for example. This will create even more issues regarding sovereignty, security, and information ownership.

Speed up modernization and improve cost effectiveness Communication and information sharing within the armed forces is a hugely complex business. One that does not remain static and has the added requirement of needing to constantly remain ahead of any adversary. It is a major challenge for NATO and other coalitions around the world. But there is a solution.

But despite the clear benefits, and increasing trend to adopt innovation from industry, much more needs to be done. Especially when it comes to the speed of adoption. Even today, military organisations are buying fixed hardware on long contracts, which become obsolete quickly. Often before they’ve even been fully deployed. This is why military organisations must embrace pace, as well as innovation. They are not mutually exclusive and any attempts to do one without the other will fail.

We need to see procurement processes shortened and adapted to the digital world. Demonstrations, decisions and deployments - even in the pilot phase - need to be made at a speed reflective of the change which is being imparted.

A change of model is required. One that encourages innovative projects in each of the national MODs that can be kept private and sovereign, but that also allows for the sharing of tools, ideas, resources and intelligence where privacy and secrecy is not paramount. New technologies – particularly multi-cloud – can enable this. Being able to safely share knowledge is the route to speeding up modernization and improving cost effectiveness – NATO would be an excellent vehicle for delivery to realise this vision.

For more information on how VMware can support your next innovation project, or for more information on how the latest technologies and tools are being applied in a military environment,

Adopt technologies in a modular way But we also understand that for many, this is a case of evolution and not revolution and that rapidly accelerating the speed of innovation isn’t going to happen in all departments and for all decisions overnight. That’s why we’re urging military organisations and governments to start small, take the steps you’re comfortable with and adopt technologies in a modular way. We’re certain that in a very short time frame, you’ll see the difference and soon be on the fast track for innovation in defence.

For more information on how VMware can support your next innovation project, or for more information on how the latest technologies and tools are being applied in a military environment, please contact me at mcrowley@vmware.com

INDUSTRY PERSPECTIVE

Creating future technology today

VMware is an industry leader in supporting users with modern applications, from secure hybrid working to servers primed for the battlefield – and much in-between

How secure is hybrid working?

Hybrid working can be far more secure than a lot of people realise. Most of the thinking about why hybrid can’t be secure is based on an outdated understanding of what security is, especially with regards to mobile working.

This complements our technology and is ideal for remote C2 centres. It enables the same operational model, security and platform at the very edge – even on the battlefield – as at the data centre. With this combination, everything is greatly simplified because it is the same.

How can VMware MultiCloud services enhance an organization’s capabilities?

Large organizations must adopt multiple clouds to select the right cloud for the right workloads and build new apps anywhere – fast. And, without doubt, they will need a different modus operandi for each cloud environment and that is not easy. In short, they need an operating model that allows them to operate across, and take advantage of, each of the various clouds without compromising security or developing silos of operations or competency.

VMware’s Multi-Cloud platform for all apps can make this journey less onerous and complex, thereby enabling the user to take advantage of one consistent technology platform in whichever cloud they are using as quickly and easily as possible with minimum risk and without disruption.

At VMware, we are constantly evolving some fantastic tools and technologies to make what we call ‘anywhere working’ safer by the day. For example, the traditional thinking about laptops is to restrict admin rights from the user to safeguard against unwanted intrusions and activity. However, that is a very outdated concept. VMware technology, tools and techniques have moved on so much now that users can have admin rights on their machines, and yet those machines will be even more secure, better controlled, better tracked and better managed than a laptop where the user doesn’t have admin rights.

What new technologies is VMware integrating into its offering?

At VMware, we are leading in the development and introduction of new technologies specifically to support users in the highly distributed nature of modern applications. We are committed to providing a secure, managed infrastructure all the way from the device in a person’s hand to the data centre and back. Two things spring to mind: our SD-WAN (software-defined wide area network) technology and our SASE (secure access service edge) platform that was built on its success.

In terms of military applications, it is worth mentioning the XR4000 server that our partner Dell has developed.

How does VMware address emerging and disruptive technology trends?

We don’t address emerging and disruptive technologies, we create them. As I mentioned already, we are leading on SASE and SD-WAN, but perhaps more importantly, we are one of the leading providers around telco platforms. This is significant because as telcos evolve from 2G to 5G, each iteration becomes more software defined and cloudy. At the moment, there is a clear separation in the market and in operational models between the network and the cloud, but 6G will introduce a generation of technologies where this distinction will disappear. The network, the cloud and compute will merge into one. So the next big trend for us is this perfect storm of networks, cloud computing and the Edge all coming together. We are ideally positioned for that.

As you would expect, we are also thinking about the impact of quantum computing on cryptography. To buck this trend, we are making sure that where cryptography is in our products we are making it as easy as possible to swap the entire cryptography stack out and replace it with another. In other words, the ability to quantumproof your capability deployment.

REVOLUTIONIZING ISR MISSIONS WITH BANDWIDTH AND SECURITY BOOST

Will Tong, VP Strategic Government Initiatives, Aero & ISR at SES highlights the benefits that the next generation of satellite communications is bringing to governments – and how they’re informing security initiatives

For governments around the world, carrying out intelligence, surveillance and reconnaissance (ISR) missions using a range of remotely piloted aircraft systems (RPAS), also known as drones, has become a critical way of gathering intelligence, as well as monitoring and managing operations. In fact, RPAS adoption by governments is increasing and the number of aircraft with satellite communications (SATCOM) is forecast by the analyst firm, NSR, to reach more than 10,000 by 2031. At SES we also see NATO and the Nations

developing ISR capabilities in a wider setting with newer defence and security philosophies and goals, such as Joint All-Domain Command and Control (JADC2) influencing the development.

That’s why technology field trials of advanced systems, like the recent one performed by General Atomics Aeronautical Systems, Inc. (GA-ASI), SES and Hughes Network Systems to demonstrate multi-orbit SATCOM using an MQ-9B SkyGuardian® RPAS, are so important.

The trials took place at GA-ASI’s Desert Horizon flight operations facility in El Mirage, California. The demonstration leveraged SES’s O3b Medium Earth Orbit (MEO) system that provides carrier-grade performance, scalability and resilience, and Geostationary (GEO) satellites. The connectivity service roamed seamlessly across satellites in GEO and MEO orbits, reaching 45 Mbps of throughput, using a Hughes HM Series software-defined modem and Hughes Resource Management System. This was a testament that proves how RPAS can maintain high workloads, mission-critical connectivity and resiliency, even in contested environments.

POWER OF MEO AND MULTI-ORBITS

Traditional SATCOM services limit the performance of advanced next-generation systems, requiring applications to be constrained. For years, defence and security communities have only received limited visibility and partial value from their ISR investments, largely due to the limited connectivity of legacy SATCOM. This was until MEO satellites came into the play. Positioned at around 8,000 kilometers away from Earth they represent a sweet spot for high-throughput, low-latency, uncontended fibre-equivalent service and coverage for the missions. Thanks to a multi-orbit service, in wider geographical areas, high-performance GEO adds resiliency and reinforces reach capabilities.

As the next-generation RPAS continue to expand their roster of sensors and deliver more intricate payloads, they require higher bandwidth with more robust security and network resiliency, for wider distances. This is why the introduction of second-generation MEO systems, such as the SES O3b mPOWER, is so timely. By delivering 10 times the performance with a significantly smaller form factor and improved multi-orbit

resiliency and security, this connectivity dramatically transforms the capabilities of RPAS and the value they can deliver in ISR missions.

Today’s ISR missions have multiple sensors to collect and relay critical information to field commanders as well as analysts and senior staff around the world, so the data can be analysed and acted upon in real time. The challenge is that many of these ISR aircraft use 30 cm antennas that only get a maximum of 2 Mbps of connectivity. A smaller number are installed with 71 cm antennas and can get 10 Mbps. Either way, the limited connectivity forces them to turn off sensors or cycle them to only send back partial data, limiting the full ISR capabilities of the equipment. Alternatively, they can fly multiple passes until they have collected all the data, but this increases mission risk and operating costs, while reducing the utilization efficiency of ISR assets.

In the current geopolitical context, security and resiliency of assets, including SATCOM capabilities, must be assessed and addressed at an enhanced level. A disruptive SATCOM technology, such as the O3b mPOWER, will support governments through unprecedented performance, resiliency, waveformagnostic service and enabling network sovereignty. They will also have control over performance and geographic reach, own their ground network, and leverage secure, steerable beams with location obfuscation. Built according to Committee on National Security Systems (CNSS) Policy 12, the second-generation MEO system brings the capability to deploy government waveforms with TRANSEC (transmission security), and is inherently jam- and interception-resistant.

With the emergence of O3b mPOWER and multi-orbit SATCOM, governments are now able to unleash the full ISR potential of their RPAS assets to the benefit of national and broader security initiatives.

INDUSTRY PERSPECTIVE

A safe and united world

Sustainability and defence are no contradiction, says Jo Müller, Head of Sustainability and Communications at Airbus Defence and Space. He explains why you can’t have one without the other in an everconnected, always-on world – and how he manages his personal sustainability balance sheet.

How sustainable are you?

There’s always room for improvement: even though I use my bike and public transport more often, eat less meat and get rid of plastics, I still have a passion for classic cars. On the positive side of my personal sustainability balance sheet, though, I invest almost all of my rare spare time in having a positive impact on people in need. For more than a decade, I have supported humanitarian NGOs in combat theatres and post-conflict areas such as Afghanistan, Iraq, Lebanon and Mali with pro bono photo documentaries that raise awareness and funds. All in all, I feel like I’m moving in the right direction.

How does all of that go together with your job as Head of Sustainability and Communications at Airbus Defence and Space?

It goes together very well, because my intrinsic motivation to inspire empathy and respect for life in need is very complementary to the Airbus purpose: to pioneer sustainable aerospace for a safe and united world.

So, sustainability and defence are not contradictory?

No, not at all. At Airbus, we recognize how the interdependence of environmental disasters and social unrest can accelerate reciprocal escalation – on both a local and global level. The sheer speed of cause and effect in this ever-connected, always-on world makes it increasingly difficult to anticipate, demarcate and analyse incidents. Once they start, it is even more difficult to foresee their magnitude and impact. Therefore, we define ‘defence’, the core of our Defence and Space business, more broadly than deterring aggressors and protecting civilian lives and armed forces in battle. From our military aircraft to satellites and connected intelligence capabilities, we want to contribute to a safe and united world.

What does this objective look like in practice?

We help our customers to prevent humanitarian and environmental crises through their use of our technologies to observe, detect, analyse and anticipate. If prevention fails, we enable nations and authorities with our integrated and

collaborative solutions to ensure operational superiority in defending values, securing nations and ecosystems and protecting life from immediate negative impact. Last but not least, our products and services support the restoration of social and environmental systems in the aftermath of crises and conflicts.

Can you give us some concrete examples?

When it comes to monitoring deforestation, analysing rising sea levels or ensuring global food security, our Earth observation satellites are on duty 24/7, providing actionable, near real-time insights. Just like our Eurofighters that are used to defend NATO’s eastern flank and secure airspace around the world. Our A400M tactical airlifters act as flying hospitals and can evacuate large numbers of people out of danger, as they did during the siege of Kabul in 2021. And our C295 aircraft played a critical role in the aftermath of Cyclone Idai in March 2021, delivering food, anti-cholera kits and other life-saving goods to those in need.

Climate change is obviously a big challenge. How does Airbus Defence and Space support the fight against it?

At any one time, 20 of our satellites are monitoring the health of our planet, for example providing vital geospatial data to combat deforestation. Using our remote-sensing solution Starling, food company Ferrero monitored 1.2 million hectares of forest in 2021, ensuring its palm oil supply chain was 99% deforestation free. And the NGO Fairtrade is developing a pilot project on deforestation and environmental

Defence is about much more than deterring aggressors

vulnerability together with smallholder farmers in Ghana and Côte d’Ivoire, also using Starling. Typical actions here will result in further sustainable forest management practices linked to cocoa.

We are also addressing the everincreasing threat posed by wildfires: this summer we successfully tested a removable firefighting kit that can easily convert our A400M into a water bomber. This contribution to a more sustainable world is possible because Airbus has innovated high technology solutions during decades for the armed forces and, now, draws on these capabilities to protect the planet.

How does Airbus Defence and Space reduce its environmental impact?

As part of our sustainability strategy, we are working on reducing our industrial environmental footprint at our sites worldwide and across our supply chain. This means, for example, supplying all our sites in Europe with 100% renewable and low-carbon electricity by 2024.

We also have a task force working on reducing our energy consumption by 20%, our water usage by 50% and our waste production by 20% no later than 2030 (compared to 2015).

But that’s only one side of the coin. We also strive to make our products more eco-efficient and less polluting.

For instance, as part of our Ecodesign initiative, we conducted a life cycle assessment of our Sentinel Earth observation satellites that we develop on the behalf of the European Space Agency (ESA). Working closely together with our customers and suppliers, this enables us to take more environmentally friendly design decisions when it comes to improving product end-of-life management or reducing the use of critical raw materials.

The European defence industry is closely interlinked through international programmes, and its main customers work together within the NATO framework. Are you involved in any of these cross-industry initiatives or programmes? Absolutely. Airbus is a founding member of Clean Sky 2, the largest European aeronautics research programme. As a public-private partnership between the European Commission and the European aeronautics industry it aims to develop innovative, cutting-edge technologies and solutions to reduce the environmental impact of the aviation industry while improving industry competitiveness and increasing mobility efficiency by 2024.

Providing the so-called Flight Test Bed 2 based on our C295, our military

A400M flight test with a removable firefighting demonstrator kit (PHOTO: Airbus)

aircraft business is part of this ambitious journey. The aim is to reduce CO2 and NOx emissions in a typical Search and Rescue (SAR) mission of 400 nautical miles by 43% and 70% respectively. But it’s not only the environment that will profit from these new technologies, our ears will too: take-offs will generate up to 45% less noise compared to traditional SAR aircraft.

How can the defence industry move forward in pursuit of greater sustainability?

Sustainability is a bold and ambitious commitment to present and future generations. And to be successful and make a real impact, it will require a collective effort. No single industry or country will be able to master the challenges of today and tomorrow alone, we need to collaborate. The ambition is set and shared by NATO since Heads of State endorsed NATO’s Climate Change and Security Action Plan (CCSAP) at their 2021 Summit in Brussels. What we now need are strategic guardrails that outlive legislative periods and short-term tactical considerations.

airbus.com/en/sustainability

ACT INNOVATION HUB THE IMPORTANCE OF COLLABORATION

The founder of ACT’s Innovation Hub, Serge Da Deppo, explains how his organization is helping NATO become more adaptable and able to respond faster to events by collaborating on an open community basis

Can you describe the structure and mission of ACT’s NATO Innovation Hub?

ACT’s NATO Innovation Hub (IH) includes a laboratory in which we test and validate innovation best practice so that innovative solutions to the Alliance’s most intractable pain points can be distributed throughout the NATO community. Our overarching mission is to make NATO adaptable and agile so that it can respond quickly to challenges, whatever form they may take, now and in the future. We do this by developing all the assets we think are necessary to achieve this mission. Primarily, this requires the creation of an innovation mindset and all the processes and techniques that stem from that mindset.

As far as structure is concerned, we are a very large open community of thousands of innovators supervised and supported by about 50 in-house staff from NATO Allied Command Transformation based in Norfolk, Virginia in the United States. Although we rely predominantly on external experts for our technology skills, we do have an in-house software development capability of about 30 people. These software developers work alongside an external community of technology experts and innovators from industry and academia as well as individuals and other organizations. As an open community, we welcome individuals, organizations and universities from all NATO Member States – working either on-site or remotely.

What sort of collaborative formats does the Innovation Hub have?

We have both formal and informal collaborative formats. For example, we have thousands of individuals who contribute to our projects on their own. These people don’t need to be from any particular organization. They just need to be able to bring their problems or solutions to us.

On a more formal level, we have partnerships with organizations that we have aggregated into two main groupings: the Academic Alliance and the NATO Innovation Network. The Academic Alliance comprises in excess of 30 universities that contribute more than just individuals to the IH. These academic institutions can have a very structured collaborative arrangement with the IH, and might even be supporting the running of certain projects as well as suggesting and developing solutions.

The NATO Innovation Network, on the other hand, is made up of entities from around NATO that are similar to the IH. At the moment we have 18 of them from 10 nations. These sorts of organizations are very easy to collaborate with as we have a unity of principles and vision for what innovation should be within the defence community.

When it comes to our collaboration with the NATO Command Structure, we have a very close relationship

with Allied Command Operations. They are our main customer, and they provide us with the majority of the issues and pain points that need a solution. We are in almost daily contact with them.

Why are these types of collaborative relationships so important when it comes to technology development?

Q Q

A

Partnerships are useful for everything on all levels, but it is not just about technology. In fact, in the current mindset, technology is not really the cornerstone. People are the key to innovation. That is why we focus on collaboration and people. Of course, the technology is important, and it will likely form part of any solution. That is why we use a multi-disciplinary approach to all our projects. However, the IH is like any other organization in, for example, the military, government and industry. We do not have the resources or the inclination to retain technology specialists from every technological discipline. Above all, that is why the collaboration is so important. It enables us to bring the necessary expertise to each project on a case-by-case basis.

What sort of innovation techniques does the Innovation Hub rely on?

There are so many ways to be innovative, and we do not profess to be aware of all of them nor engaged or focused on everything. But what we do is focus on two main complementary ways of innovating: Open Innovation and Agile Development. Open Innovation is a way to share a problem and develop a solution with as many people as possible. Agile Development means being user-focused by integrating the end user into the development team. By getting rid of the ‘middleman’ it is possible to eliminate confusion and unnecessary delay.

A

There are two projects that exemplify these techniques – our Critical Thinking course, which was developed based primarily on the Open Innovation model, and our cyber situational awareness tool CYSAT, which leaned

more heavily on Agile Development. Our collaboration with the NCI Agency was a key part of the Agile Development process on CYSAT. All NATO software tools are scaled up by the NCI Agency on their servers. Since we recognized that CYSAT would have to transition to the NCI Agency in order for it to be eventually delivered to the end user, we integrated NCI Agency staff on the development team right at the beginning of the project. In fact, we do that with all our software projects. This makes the NCI Agency a key internal partner for us – one where collaboration is not only important, it is vital.

INDUSTRY PERSPECTIVE

Closing the IT skills gap

Sustaining NATO’s technological advantage by identifying and utilizing the right IT professionals

defence community in terms of IT and IT security technological progress and development. As a consequence, IT subject matter experts (SMEs) tend to be highly specialized. Not only that, many of the skills that they specialize in are relatively new.

short-term) contracting opportunities, that can address their technological undertaking appropriately.

Why is IT recruitment and retention such an important topic for NATO?

Today, NATO and other military organizations place a lot of emphasis on critical technological challenges and how to overcome them, however, in many instances, one key aspect is overlooked – how to identify and retain highly skilled IT security professionals.

Every technology initiative can have a direct impact on operational success, when the appropriate IT professionals are engaged to inspire, implement, and deliver. Without having the right people with the right skill sets, a technology initiative is destined to fail. The problem gets even bigger when there is a clear gap in the skillsets required to tackle emerging technology initiatives.

What approaches can NATO adopt to mitigate this IT skills gap?

In many ways, the skills gap can be mitigated by understanding that the commercial sector has overtaken the

Unfortunately, many recruiting organizations still receive requests for at least 10 years’ experience as a condition of engagement. However, this is no longer appropriate, in the same way that University degrees do not necessarily achieve success, but skills do. Moreover, many of the skill sets organizations are looking for, have only existed for a couple of years. Instead of focusing on years of experience, organizations should turn to adopting skill-based recruitment. A much wider skills base is needed instead of having IT professionals responsible for multiple technologies. Specialization is key. By taking this approach, military organizations could replace older technologies with more advanced systems. In turn, this would enable IT professionals to enhance their skills and improve their career prospects while working in these organizations.

How can an organization like NATO address these new IT market conditions?

One of the considerations, is adaptation to market fluctuations. It is not about cutting back an organization’s technology needs, instead, it is about accepting that SMEs have specialized skills. NATO needs to understand the broader market skills availability, as well as be prepared to create more (even

In addition, one of the limitations for EU NATO bases, is that they might be missing out on a potentially huge pool of highly qualified IT professionals from countries within the Alliance that are not in the EU because of lengthy visa processes. Albania, Montenegro, North Macedonia, Turkey and the United Kingdom are prime examples of this. NATO should consider easing the access and support for obtaining a quicker visa for individuals coming from these markets.

NATO and other government organizations should turn their support more to specialized companies and work closely with them so that their needs can be understood to a greater extent. Close cooperation, knowledge sharing, building trust between NATO and industry is key for companies being able to offer more tailored and appropriate support. Working together on a regular basis, sharing advance requirements for upcoming projects and skill gaps is critical for allowing specialized companies to prepare, explore the market and respond with appropriate and timely support.

How does Brevco contribute to solving these challenges?

At Brevco, we have been working with governmental and commercial clients for over 14 years. We pride ourselves on building knowledge and understanding of what our clients

need in terms of specific skill sets and expertise. We work tirelessly with all our clients so that we can understand their expectations better. Everything we do, both internally and externally, is rooted in our tailored approach to clients, candidates and contractors.

To help our clients sustain their technological advantage, we provide targeted sourcing of security-cleared IT professionals worldwide based on diligent skill-gap analysis. We aim to connect all IT and security professionals with the projects where they are most needed. We seek to relieve our clients from the pressure of enduring costly and timeconsuming recruitment processes by offering immediate access to specialized IT experts in various fields. In addition, we plan and execute complex telecommunications and software development projects on behalf of our clients with our own in-house IT project management capacity. Coupled with healthy and robust processes, we use skilled, securitycleared, IT professionals to deliver trusted, timely and efficient services.

Why is this support different to companies offering similar services?

Our 14 years of experience in providing IT professional augmentation services has enabled us to fully understand what exceeds client expectations and what is merely providing a standard staffing service. We want to develop credibility and trusting relationships with our clients, and to accommodate this we are now organized differently than any other similar service provider. For example, we have an entire department dedicated to building a knowledge base and understanding of our clients and their programmes, initiatives and requirements. We use this knowledge to undertake comprehensive analysis and develop future IT skills forecasts which we feed to our talented

When it comes to our candidates, we offer them a smooth, supportive recruitment process, focused on both technical and soft-skills evaluation. Our recruiters make sure that clients gain access to professionals that not only have the sufficient IT skills, but also understand how to completely transition organizations into the new technology era.

To keep up with technology trends, and to make sure we have consistent access to fresh resources, we partner with local institutions and offer technical upskill programmes and training in line with where our client is headed in terms of technological initiatives. This way we can successfully close the skills gap by retaining IT professionals and have them readily available to be either directly embedded with our clients or become part of a team supporting our high-scale IT projects.

Once a candidate is engaged with us, they become one of our most valued partners. We support them by offering relocation packages, client briefs and tours, various advisory services, support in identifying the most suitable contractual methods, as well as consistent access to an abundance of professional and career opportunities. Our experience within the various NATO

NATO quicker access to the skills it needs. Our contractors are truly taken care of in a unique way, and we consistently aim to build long-lasting relationships with them, and in turn we retain talent on behalf of our clients.

We are also unique because our services are engaged in a range of programmes in numerous NATO agencies and organizations – ACO, ACT, CMRE, NATO HQ and the NCI Agency. This has enabled us to develop an idea-sharing and knowledge transfer platform between these entities via our IT professionals, which is proving to be very successful. By doing this we ensure that experts are engaged and work together to improve the Alliance’s operation.

Ultimately, we take all our partners through a journey of trusted, responsive, engaging and problemsolving approaches, which is rare in today’s technology-driven environment.

brevcoservices.com info@brevcoservices.com

VIEW FROM THE NATIONS

PORTUGAL

COMMITTED TO TACKLING THE TECHNOLOGICAL AND INFORMATIONAL CHALLENGE OF OUR TIMES

Helena Carreiras, Portugal’s Minister of Defence, highlights the need to focus on sharpening the Alliance’s technological edge and the role the new NCI Academy in Oeiras is playing in this effort

between the means currently at our disposal and the missions we are increasingly required to support.

Transatlantic relations are undergoing a period of profound transformation as a result of the instability caused by Russia’s war of aggression against Ukraine. In this context, the need to strengthen transatlantic defence bonds has become all too apparent and we are more than familiar with the steps that need to be taken. We need more cooperation among Allies and with Partners, more articulation among industries, companies and academia, and more contributions from the civil society. We are also aware that we need to further invest in capabilities to close the gap

The tools available to accomplish such goals are multiple and varied. In particular, I would highlight the important role of the NATO Communications and Information Academy (NCI Academy). Based on a legacy of more than 60 years in providing communication and information systems, cyber education and training services across NATO, the NCI Academy, located in Oeiras, has become a fixture in our contribution to collective defence and cooperative security. This has been achieved by fostering knowledge, innovation and specialized training. With our continued assistance, this platform has become a key enabler in a fast-growing innovation and technology ecosystem, that engages with universities, research centres and tech incubators alike.

The stated vision for the Academy could not be clearer: to reinforce NATO’s technological edge through

excellence in cyberspace learning, by building shared capacity on cyber security and cyber defence curriculum, while providing specialized training in a variety of technical capabilities. We should not lose sight of how vital this mission is: the people that take these courses are the people that the Alliance will rely on to safeguard against new emerging and disruptive threats in the near future.

REINFORCING COMMITMENTS

However, we must also stand ready to complement this work and pursue new alternatives. As a result of the NATO 2030 reflection process and in line with the political decisions taken at the NATO Summit in Brussels in June 2021, the Alliance reinforced its commitment to make every necessary effort to maintain its technological edge. This pledge has been reaffirmed in the new Strategic Concept, approved in Madrid.

To do its part, Portugal is fully committed to tackling the

technological and informational challenges of the current climate and to contributing to the development of solutions to the needs of NATO and its Members.

And we are engaged in

supporting a streamlining of synergies and opportunities for stronger cooperation between NATO and other key partners, such as the European Union.

We have already borne witness to examples that showcase what we can do in this regard. In early 2022, Portugal was selected to host two new NATO technological innovation centres under DIANA (Defence Innovation Accelerator for the North Atlantic): a test centre in the Navy Operational Experimentation Centre and an Accelerator Network Site in Arsenal do Alfeite. The former will be established in a Free Technological Zone (ZLT) in Troia, which was specifically created to

“We need to ensure that … the Alliance keeps its edge”

provide the necessary conditions for the testing and experimentation of innovative technologies, products, services and processes. This is fundamental to respond to the enormous challenges of modernization in the coming years. It is my hope that this collaborative work will flourish and synergies between civil and military spheres can be further deepened.

But faced with this momentum, we need to ensure that we remain in the vanguard of the current technological revolution and that the Alliance keeps its edge. To that end, we need to ensure that the active involvement of the private sector (our industry, companies and start-ups) goes hand in hand with the involvement of the public sector (research and development centres, laboratories and interface centres, and the Armed Forces) in the search for more innovative solutions. It is this kind of

cooperation that will allow us to add value and find differentiated solutions, while pursuing a collective community of interests that work together towards a common goal. Three possible paths can and should be pursued.

First, we need to foster an even closer relationship with universities and other research institutions in order to tap into existing knowledge pools. We need to better stimulate a culture of civil-military innovation through flexible incubators that provide the necessary conditions for such exchanges. Initiatives such as the NATO Innovation Hub clearly stand out in this regard.

Second, in light of recurrent needs and other pressing priorities, we need to become more creative, while at the same time fostering an increased sharing of best practices and streamlining of

existing facilities between Partners and Allies.

Third, we should pay more attention to how we can take advantage of existing funding for further innovation projects. New opportunities, like the ones heralded by the NATO Innovation Fund, should be carefully considered. This unprecedented mechanism will allow the Alliance to develop emerging and disruptive technological solutions while enhancing its capacity for deterrence and defence.

Transatlantic defence is clearly on the move. Our priority should be to focus on developing military capabilities based on innovation, with added value for our national economies, while simultaneously leveraging the development of our defence sectors. The NCI Academy has proven to be a good example to follow and replicate. Together I am certain we can continue advancing faster and further.

FEDERATED MISSION NETWORK PREPARING FOR SWEDEN

With Sweden having completed accession talks to become a full member of NATO, the NCI Agency’s Jose Antonio Diaz and Scott Mitchell reveal the effort under way to enable Sweden’s military networks to become fully compatible with the Alliance’s Federated Mission Networking capability, which delivers communication network interoperability. David Hayhurst reports

Since joining the Partnership for Peace (PfP) Programme in 1994, Sweden has been one of NATO’s most active partners. In terms of international operations, it was prominently involved in the NATO-led Resolute Support Mission in Afghanistan, as well as making major contributions to missions in Kosovo and Iraq. Sweden also regularly participates in NATO exercises, and this year hosted numerous activities during the BALTOPS 22 maritime exercise, which is NATO’s premier maritime training sequence in the Baltic Sea.

Now, with all 30 NATO Member States having expressed their initial agreement at the Madrid Summit this June – and with many among

them having also offered security assurances – Sweden and Finland are well on their way to becoming full members of the NATO Alliance.

PARTNERSHIP INTEROPERABILITY INITIATIVE

With capability enhancement, operational effectiveness and interoperability being paramount NATO objectives, Sweden’s military has benefited greatly from its membership (together with Finland) of the Partnership Interoperability Initiative (PII), which was launched at the Wales Summit in 2014. In fact, Sweden is one of only six Enhanced Opportunity Partners under the scheme.

Its mutually beneficial contributions to multiple programmes and exercises – from the PII to involvement in partner forces training, strategic airlift exercises and enhanced ties to other Nordic states – will all be key assets enabling Sweden’s military networks to achieve full compatibility with the Alliance’s Federated Mission Networking capability. “There is a high level of synchronization between Sweden’s goals within the FMN community and its integration within the NATO Alliance,” says Scott Mitchell, FMN Change Implementation Coordination (CIC) Working Group (WG) Coordinator at the NCI Agency. “I think the FMN community offers Sweden an opportunity for further

interoperability enhancements before it gains full NATO membership.”

“Sweden is very active and working extremely hard to integrate its command and control systems inside the FMN baseline,” says FMN CIC Change Coordinator, José Antonio Diaz. The country’s involvement from the beginning of the International Security Assistance Force’s (ISAF’s) mission in Afghanistan – whose operational requirements were the key driver in the creation of the FMN concept – was a critical factor in furthering Stockholm’s understanding of the need both to enhance and to hasten their adoption of NATO standards. “Nowadays, those are increasingly built in. That should both enhance its FMN compliance as well as its NATO compliance as it becomes a full member,” says Mitchell.

In 2016, the Swedish government stated that it recognized that future FMN spiral specifications designed to introduce incremental improvements will include additional

requirements for evolving its military’s operational command support system to continue to be FMN compatible. And, in accordance with the Spiral Specification Roadmap and with other stated FMN spiral-related goals, “we are looking to add increments into Spiral 6 and 7 – and possibly 8 – which will allow us to reach the goal of data-centric security,” confirms Mitchell.

COALITION INTEROPERABILITY ASSURANCE AND VALIDATION

Sweden’s status as a leading contributing member of the Coalition Interoperability Assurance and Validation (CIAV) process began with its involvement from the start of the Afghanistan Mission Network (AMN) single information-sharing domain in 2010. As the CIAV process has developed and matured as an essential element in addressing interoperability concerns within the wider FMN framework – due in no small part to the lessons learned from AMN activities – Sweden has continued to be a major contributing

member of the CIAV working group and wider community. As a result, “currently, there are no issues with them being members” regarding Sweden’s NATO compatibility “at least within the FMN framework,” says Mitchell. Within a wider context, “Sweden’s enthusiastic participation in NATO programmes and military operations has made them a close strategic partner,” he adds.

Both Mitchell and Diaz point to Sweden’s prominent involvement in two strategic airlift initiatives – the Strategic Airlift International Solution (SALIS) and the Strategic Airlift Capability (SAC) programmes – as only the first among many recent examples of Stockholm’s cooperative enthusiasm. And by their integration into such programmes, “Sweden contributes to the fundamentals of the FMN framework, because the operational processes – or technical standards, or forces – entered into exercises or missions, contribute to the knowledge base that will allow for improvements to gain overall ‘Day Zero’ interoperability,” Mitchell concludes.

INDUSTRY PERSPECTIVE

Military innovations in space

capability

and talk with each other is critical to leveraging the array of future communications capabilities.

At Viasat, we take a dual-use approach to technology development, which means we’re thinking ahead about how certain technologies and solutions are designed so that they could be used to serve multiple applications and customers. That’s why we have a strong history of bringing capabilities that were developed for commercial use over to government, and vice-versa.

typically been the leading drivers of capabilities in space, particularly in places such as the US where the space programme spurred so much innovation. So, during that time all the technology and capability developed was “owned” by government, but we’ve reached a point today where that isn’t always necessary.

What are some obstacles (technical or otherwise) that you see preventing wider use of commercial space capabilities for the military?

There are a range of factors that inhibit the use of commercial capabilities by the military. This is true for space, as well as other technology and services areas where commercial offerings might be available to governments. A fundamental obstacle is that not all commercial technologies and capabilities are created with the unique needs of government and military users in mind. So, when evaluating commercial capabilities for government use, the main issues are often the security concerns and interoperability challenges with legacy systems and networks.

For the military space sector, that challenge of creating interoperability across allied space assets is a key issue that’s being looked at by several programmes in the United States. The question of how distributed military and commercial space constellations can interoperate

Finally, outside of the technologies themselves, there are still cultural obstacles to fully embracing commercial space technologies and services. Government has historically been the leader in driving innovation and new capability in space, but that dynamic has shifted as the commercial space sector has grown and matured. So, for some leaders inside government, commercial capabilities are still a bit unknown and unproven. We do see those feelings are shifting though, especially as governments understand what commercial can offer. It’s exciting to think about what the future holds.

What are some keys to developing new or emerging space capabilities that will bring more value to military and coalition operations?

To start, it’s helpful to think about the space capability needs of governments in the context of how they might go about either developing or acquiring a specific technology or capability. As I mentioned, governments have

Developing and owning sovereign space capability is undoubtedly important, but there are cases where acquiring technology can be faster and more cost-effective by 1) collaborating with allied nation partners to develop or acquire the needed capability; or, 2) by directly accessing the technology or services that exist from the commercial sector. This “own, collaborate and access” framework is outlined in the UK Defence Space Strategy from the Ministry of Defence, but it’s a concept that applies broadly.

Beyond this though, the collaboration between the government and commercial sectors is also a factor. Greater collaboration and alignment of government needs and commercial technology roadmaps will enable commercial space providers to understand the real challenges and problems that exist for defence users, and, therefore, be in a position to better align commercial development priorities to develop solutions that address those issues. This is what I refer to as the “area of opportunity” for the future, where the ability of government to “collaborate to access” is what will ultimately create more effective technologies to

Bringing flexibility and resilience to military space

support specific military operational requirements.

Government also has an opportunity to get more from services models going forward. For example, satellite communications (SATCOM) as a fully managed service is something we’re seeing increasing interest in among defence customers. Viasat has been providing a fully managed SATCOM service to a military customer and there was immediate value from lower sustainment costs and increased operational readiness as the always-on service can be turned off as needed, as well as scaled up and down extremely quickly.

What are some space innovations Viasat is developing that would be particularly useful for NATO and broader military SATCOM applications?

The upcoming ViaSat-3 constellation is designed to bring forward capabilities that NATO and others

would find incredibly valuable in meeting multiple operational use cases. First, it is designed to deliver substantial capacity with three terabit-class high-throughput satellites. The constellation is expected to boost our total capacity by approximately 600%. With this substantial increase in capacity, military users would have access to on-demand capabilities to meet not only day-to-day activities but also surge operations.

Additionally, ViaSat-3 should bring more flexibility to how capacity is used to meet demand. It will offer the ability to move bandwidth between beams to satisfy changes in demand, meaning that capacity could be quickly shifted to meet increased force deployments in a specific country or region. The ViaSat-3 satellites also have some unique features that are expected to benefit mobile platforms on the battlefield by offering more reliable and consistent comms-on-the-move (COTM). The constellation should also

support militaries operating in contested and hostile environments with anti-jamming and LPI/LPD capabilities.

Looking at future needs, Viasat is also focused on investing in advanced and agile network capabilities to support hybrid architectures. This is something we’re actively working to enable through our current agile network technologies, as well as through further research like the ongoing study we’re conducting with the European Space Agency on multilayered SATCOM networks. We see facilitating a multi-orbit, multinetwork capability as what will ultimately be most effective in serving the future information and data transport needs of the multidomain and coalition force missions.

Every year, NATO holds a range of exercises across all its operating domains. The NCI Agency’s Branch Head of Operations and Exercises, Anthony Moore, and his team are on hand to ensure that the exercise Commanders and operational staff have all the critical capabilities required to ensure success. Anthony Moore explains

This year was yet another extremely challenging year for the NCI Agency Operations and Exercise (OPEX) team as it worked hard to provide exercise support to NATO. Together with our partners, we provided planning support to NATO’s exercises in accordance with the Military Training and Exercise Programme and were heavily involved in the planning processes for several exercises at the end of 2022 and the beginning of 2023. In particular, experts from the NCI Agency’s OPEX Service Line recently supported three major NATO exercises: Steadfast Cobalt 2022, Steadfast Jupiter 2022 and preparations for Steadfast Jackal 2022.

STEADFAST COBALT 2022

At Steadfast Cobalt 2022 (STCO 22), OPEX supported the Deployed Network Operations Center (DNOC) NCI Agency Cell Head for five weeks of execution in Bydgoszcz, Poland where some 22 NATO Command Structure units, NATO Force Structure units and headquarters participated in the exercise. It involved around 1,000 personnel at sites and unit locations (both military and civilian) across Europe. Approximately 300 staff from the NCI Agency were involved in planning and supporting this exercise –some remotely, some deployed.

SUPPORTING NATO AND THE NATIONS

During the exercise, NATO Member countries tested the interoperability of their internal services over a single communications network in order to conduct missions as the NATO Response Force (NRF). The NRF is deployed in response to crises or incidents and consequently, its mission network is one of NATO’s most critical networks. Therefore, this exercise is NATO’s insurance policy as it confirms that Allies are able to operate together as soon as the NRF is required for action.

NITECH

During all phases of the exercise, subject matter experts from across the NCI Agency prepared all of the NATO-owned equipment for the static and deployed elements; operated and monitored all of the services that they provide; resolved incidents and managed changes as they arose. The team also deployed to Bydgoszcz, Poland as the NCI Agency Cell Head Deployed Network Operations Center (DNOC).

The NCI Agency has ensured the effectiveness of this critical network, enabling the NRF Commander to command and control his forces by providing the Mission Network Service Management Authority (SMA), which designed a

plan for the interconnection of NATO and national networks into the mission network. Federation allows NATO, national and multinational units to join one comprehensive mission network, while retaining the ownership of their own networks. This supports interoperability among Nations and ensures that the NRF Commander is able to communicate with both NRF combat units and joint headquarters.

The network created at Steadfast Cobalt 2022 will be used to support the preparation of the next NRF rotation and will be on standby as part of the force in 2023. It will be used if the NRF is activated in 2023 for a NATO-led mission.

Steadfast Cobalt is one of a few main exercises that strengthens interoperability within NATO Nations. The exercise highlights the Agency’s ability to successfully collaborate with other NATO bodies while providing, implementing and maintaining vital technologies in support of NATO’s ambitious agenda.

STEADFAST JUPITER 2022

In order to maintain momentum towards Steadfast Jupiter 2023 (STJU 22), and in light of the strategic challenges emerging from the

conflict in Ukraine, Major Stoyanov Kaloyanhas, NCI Agency Exercise Branch Officer of Primary Responsibility (OPR), has been tirelessly working to re-scope Steadfast Jupiter 2022 to a three-level (strategic, operational and tactical) training event. From planning to execution, the NCI Agency was involved in all three layers of the exercise with the NCI Agency OPEX team in the lead. Using cross-functional teams, the Agency OPEX team processed and resourced Computer Information Systems (CIS) support for Joint Forces Command Naples and the German Special Operations Command deployment. The Agency prepared the CIS backbone and all command and control services requested outside of the already configured NRF capabilities built at those leading command structures. This CIS uplift provides a flexible approach that can be adapted to any real-world situation.

STEADFAST JACKAL 2022

Closing out the year, the NCI Agency OPEX team diligently planned and resourced Steadfast Jackal 2022 (STJA 22). This critical exercise is sponsored by NATO Headquarters, i.e. Supreme Allied Powers Europe (SHAPE), and is an operational level computer-assisted command post (CAX/CPX) exercise to train, evaluate

and certify a Joint Task Force Headquarters (JTFHQ) in the planning and execution of an ‘out of area small joint operation’. As such, it serves as a platform to train and certify a JTFHQ in counter terrorism operations and NATO expeditionary capabilities.

The NCI Agency OPEX team’s support to this exercise builds customer relationships and enables NATO’s core mission set. Major Joshua Winsett, the NCI Agency OPEX’s Coordinating OPR, accompanied by a subject matter expert from the Command and Control Service Line travelled to Stavanger, Norway. Here, they observed the CIS setup, undertook its validation and verification and provided on-site support for the NATO Common Operational Picture (NCOP) systems. These systems generate situational awareness and the Land Command and Control Information Systems (LC2IS) used to enable information exchange and decision-making.

In conjunction with the execution phases of the exercise above, the NCI Agency OPEX team is vigorously involved in the planning processes for several future exercises with a special focus on the planning support for Steadfast Cobalt 2023 and Steadfast Defender 2024.

INDUSTRY PERSPECTIVE

Meeting the need for a secure, holistic cloud continuum

How holistic ecosystems enable multi-domain operations

decision-making. The multi-domain cloud is a technical solution for this. It pools valuable information in real time, secures the data that must be protected end-to-end (E2E) and enables decentralized access to applications.

So where does the focus on cloud technology come from?

of classified data, including NATO Restricted (NR) and NATO Secret (NS), which places special demands on client separation, the protection of sensitive data and the secure handling of nationally owned cryptographic keys.

German-based company secunet specializes in IT security and reliable digital infrastructure. As network structures around the world are being rethought by migrating to the cloud, secunet is increasingly addressing the need for a secure, holistic cloud continuum – and the capabilities and features such a continuum brings, especially in national defence.

Why has the topic of ‘multi-domain operations’ been discussed so intensively recently?

The geopolitical challenges of recent years have increased the importance of multi-national cooperation significantly. In cases of national and international threats to a country and its population, it is essential to be able to share classified information reliably, securely and quickly. Sharing information within NATO is a critical success factor in this regard –especially in defence cases, when the share-to-win principle takes hold and data from each of the operational domains – air, sea, land, cyber and space needs to be incorporated into

The importance of holistic ecosystems for cybersecurity continues to grow, encompassing not only cloud technology, but also a wide variety of software and hardware components. However, in terms of national defence in particular, IT structures are becoming increasingly complex. They now comprise a wide variety of C2 systems, weapon systems, their effectors and sensors, forming a heterogeneous information network. Cloud platforms, with the help of which the associated security solutions can be easily deployed anywhere as ‘software containers’, create added value.

As one of the Federal Republic of Germany’s IT security partners, secunet provides a holistic security solution, the Secure Inter-Network Architecture (SINA), which ensures effective encryption and separation of differently classified data, not only locally, but also when it is transferred over open networks. Secure gateways such as the SINA L3 and L2 Box and the corresponding stationary and mobile clients are also part of the portfolio and can be managed across different domains. These classic security architectures form the foundation of all budgeted cyber security efforts and are complemented by a cloud for the use

What exactly is the added value of a cloud continuum in all this?

Internationally speaking, the situation at the ‘Sharp Edge’, in other words the place of deployment, is very heterogeneous, especially in the initial phases. The need for large bandwidths and compute power is compounded by various local, climatic and even capacitive influences. Proximity to the site of operation, therefore, plays just as important a role in implementing the necessary IT as access to bandwidth, effectors and even sensor systems. For this reason, the on-site infrastructures must be expanded accordingly and, among other things, sufficient gateways, servers and storage must be made available. The associated roll-out process is complicated and requires lengthy planning.

In a case such as this, a cloud continuum creates added value. Take the NATO Response Force (NRF) as a perfect example. The NRF operates with rigid IT structures which are highly and rapidly mobile. To take this mobility into account, the hardware and software architecture has been closely aligned so that it can be operationally ready as quickly as possible. To respond to future threats even faster, a secure cloud architecture would increase this flexibility. By the means of

Deployable DC Backend/Reachback Edge

Mission Cloud

Central Command

Secure cloud

E2E

Maritime Command

Secure cloud

‘Infrastructure as Code’ (IaC), individual IT requirements can be defined, and the deployment process distributed across the racks in a fully automated manner. This increases the redundancy, reliability and resilience of the network and also enables the replacement of damaged elements quickly, owing to the fact that the network architecture requirements have been determined in advance for multiple use cases. The relocation of the operational site can also be carried out in just a few days and scaled according to the requirements. This helps to promote interdisciplinary cooperation between different ministries, states and sometimes even NGOs, which are increasingly in demand in current conflicts and operations - what we call a whole-ofgovernment cloud approach.

What are the key technical requirements for such a holistic system?

In military operations, IT infrastructures must be fail-safe and efficient. Meeting legally defined security standards is also a top priority for cloud solutions. But, other factors, such as flexibility, future-proofing and resilience also play an important role. The solution should not only provide the implementation of a multi-cloud

Air Component Command

Secure cloud

E2E

E2E

Intelligent platforms

Air Speci c Cloud

E2E

… Land Component Command

Secure cloud

E2E

Ground Speci c Cloud

for the use of different data sources, it should also enable the use of other technologies such as AI for example. Robust hardware and clients that can display and process information in different domains depending on the classification level are also part of the equation.

The cornerstone of all security efforts is therefore still comprised of the traditional classic ingredients. Reliable data encryption, client separation on the same device and individual access to the cloud are just a few examples of these ingredients. Already, secunet is working on linking the solutions in its portfolio with cloud functionalities. SINA clients, for example, have multi-session and multi-domain functionality. Working in a secure cloud is just the next step in this process. The SINA Communicator H as a multi-crypto phone for tap-proof voice communication is also becoming increasingly cloud-ready.

Does secunet’s cloud strategy put it in competition with established hyperscalers such as Azure or AWS?

The need for a multi-cloud strategy is undoubtedly essential, but the strategies of the hyperscalers differ significantly from secunet’s. For us, it’s

…

more about recognizing the huge role that cloud technology will play in the IT high-security environment today and in the future as well as driving its development. It is clear that in the future, government agencies and the military will work with the cloud. The crucial difference here lies in the type of use. The use of the cloud for classified information takes place in highly critical contexts and complements the security solutions that secunet provides to secure confidential information and create a highly secure cloud infrastructure.

In our vision, the cloud continuum incorporates edge and client components as well as highly secure backends based on cloud technology. It also provides the multi-domain dimension. So, secunet is not in competition with hyperscalers; it is complementary to them as they too have a place within the cloud continuum, especially if you access that domain through a session on a SINA Workstation from secunet.

secunet.com/en/ industries/defence-space

EXPLOITING DATA SCIENCE AND AI

Dr Michael Street, Chief, Exploiting Data Science and Artificial Intelligence (AI) at the NCI Agency, explains to Alan Dron how NATO intends to use data science and artificial intelligence as much as possible to enhance NATO capabilities and speed of action – and how the NCI Agency is supporting this journey

For many years, the NCI Agency has looked to data science and artificial intelligence (AI) to solve problems. With the introduction of NATO’s AI strategy and data exploitation policy, data science and AI are now being explored across the organization. The NCI Agency, as the digital technology provider, is investing further in the skills and technology needed to support NATO’s ambition. “The Exploiting Data Science and AI (EDS&AI) Service Line was established in 2018 after we realized, as NATO’s digital agency, that artificial intelligence and data science were critical technologies for many,” says Michel Street, Chief, EDS&AI.

“We had a number of activities where we were applying data science techniques to the Agency’s data and we realized it had applications across NATO, as well as to ourselves. At the same time, NATO started to think about what data and AI meant, so we would get questions from across NATO to understand this better: what were the possibilities and limitations of AI; how could it help as the data available increased exponentially? Some of those discussions flowed on to, ‘Here’s my problem, here’s my data. Can you help?’”

THE FOUR VS OF DATA SCIENCE

Data science brings a new family of scientific techniques that enable the NCI Agency to better understand data. These new techniques can detect trends, identify anomalies or categorize items as they sift huge data sets. “Our work was geared to specific user problems that could only be addressed through data science,” says Street. The criteria for using data science are the ‘Four Vs’ – Volume (too much information for humans to deal with); Velocity (the speed at which new data is generated and moves around); Variety (of types of information); and Veracity (gauging the trustworthiness of data). These technologies allow us to get the fifth V, Value, out of the data.

“Everyone is dealing with ten, a hundred, a thousand times more data than before. This is where technology can help them do their jobs better, more effectively, in a reasonable timeframe – or even better, by getting insights from that huge volume of data without having to read through all of it. Data and AI are identified as being among NATO’s emerging and disruptive technologies that will have an impact on the Alliance over the next decade. Data and AI go hand in hand – if you don’t have the data you can’t train your AI.

“The NCI Agency has two complementary environments for data science and AI work. One, for unclassified material, is in the Cloud, part of the NATO Software Factory; this gives us almost unlimited scale and flexibility. The cloud environment is not suitable for the most sensitive projects, which are hosted in SANDI, the Agency’s classified AI sandbox. SANDI provides a lot of high-performance processing and huge amounts of fast storage, coupled with a powerful toolset.

“The Agency’s role in AI, as in cyber security or IT in general, is to provide the technology and the technical expertise to allow NATO to do what it needs to do in this area. Clearly, much of this technology is coming from the civilian world and we maintain close links there. For example, when we apply AI to understand text, we use Natural Language Processing, which is fairly common technology; it’s what you’re using when you do a Google search. But these AI models are generally trained on public data, while the type of language and topics in NATO documents and datasets are slightly different, so you have to re-train the models with NATO text, so it has some NATO understanding. For example, take Federated Mission

NCI Agency Data Science and AI Projects

Networking, or FMN. Everyone in the military knows what that means, but to a civilian AI model, ‘FMN’ is just an acronym with no special meaning.”

Use of data science and AI are already enhancing the organization’s capability, confirms Street: “They’re not mainstream, but they’re being used.” As for the future, the two technologies will have a greater impact on “virtually everything we do in NATO. NATO’s aspiration is to apply this AI effectively, appropriately and responsibly; the Agency’s aspiration is to ensure NATO has the knowledge, expertise, technology and close links to industry and academia needed to do that.”

DATA AND AI REVIEW BOARD

Another key element for the Alliance is the establishment of the Data and AI Review Board, where representatives from every NATO nation will support and monitor these new areas: “There’s a recognition among all the nations that this is critical technology that needs to be supported and

monitored,” says Street. This is also reflected in NATO’s Principles of Responsible Use. These principles set strict guidelines on how the organization will develop, test and use AI. Street accepts, however, that it is one thing to have these principles and another to build those principles into the AI, then test and train it so that the organization could say, hand on heart, ‘We do comply with each of those principles.’

The NCI Agency’s Data Science & AI team is working on many projects at present. One of them currently being employed by NATO is the Science and Technology Ecosystem Analysis Model (STEAM), which analyses millions of pieces of public academic research to identify historic technology trends and to identify future key technologies.

This is just one of the projects being delivered by the Agency and bringing the power of AI to enable NATO users to benefit from this technology to perform their current responsibilities better and faster.

INDUSTRY PERSPECTIVE

Cross Domain Solutions

Where is INFODAS positioned in the Cross Domain Solutions (CDS) sector today?

INFODAS is a recognized leader in the CDS sector, being the only company worldwide with a portfolio of unidirectional and bidirectional, ITAR free, cross-domain solutions approved to the highest military standards (German, NATO and EU Secret). The success of INFODAS CDS, which is well recognized in the military domain, is also being increasingly appreciated in numerous non-military sectors,

Are CDS just for the military market?

While the protection of classified information has always been the natural source of requirements for CDS, many non-military users are becoming aware of how CDS can support their security needs. Critical infrastructure and public security, for example, are just two of the civil domains in which the need for data-loss prevention in support of confidentiality, integrity and

availability is required. CDS are appreciated in these contexts for their unrivalled security and for their small footprint in existing architectures. To get closer to the non-military user, who may be unfamiliar with the military approval certifications process, INFODAS has started the certification of its products in accordance with the most common commercial frameworks. Consequently, some INFODAS products are already certified in accordance with Common Criteria or NITES, while the certification of others is still in process.

What makes INFODAS CDS different?

The CDS world has been, and in some ways still is, dominated by ‘data diodes’ for unidirectional applications. Most of these CDS are based on hardware (optical, electromagnetic) separation, with all the associated benefits and drawbacks. However, INFODAS decided to go beyond this classic approach to provide users with enhanced efficiency, speed and security in both unidirectional and bidirectional data exchanges. As a result, INFODAS has been pioneering the field of CDS ‘secure by design’ techniques, based on a combination of trusted hardware and software solutions. Our initial steps relied on a standard Linux kernel, which proved that the attack surface could be significantly further reduced.

Furthermore, INFODAS was the first CDS provider to adopt a ‘trusted computing-based’ solution, on a formally verified L4 microkernel concept. As you would expect, the

security and stability of this offering is being continuously improved by our research and development department. The security mechanisms of our CDS are constructed on a software architecture made of compartments, each of which performs an atomic function such as parsing or filtering. Moreover, each compartment communicates with the other compartments through a minimal set of interfaces, developed internally at INFODAS. The resultant modular and minimalist architecture guarantees that the attack surface is reduced to the minimum.

Subsequent to this successful concept, we then deployed our secure computing platform over a hardware architecture, based on COTS components specifically designed for this purpose, and over which we have full control in all phases of supply and production. Now, with decades of experience in this field, INFODAS is the only company able to combine an innovative approach to CDS, based on a trusted computing base, with the flexibility derived through the use of COTS hardware as testified by the security certifications of our CDS.

How do you see the future of CDS and what are the main challenges?

Demand for CDS will continue to grow, driven by the military’s constant requirement for more data exchange and interoperability. This growth is being pushed by cooperation frameworks such as FMN and doctrines such as Multi Domain Operations (MDO). Naturally,

Connect Classified Domains

Transfer, share and control any data with approved Cross Domain Solutions

data, which is vital for supporting the integrated lifecycle support operations – maintenance planning or remote maintenance.

Each of these connections is a possible point for the leak of classified/sensitive data and for the entry of attack vectors.

Do you see air gapping as an effective solution for the security of data across multiple domains?

INFODAS will continue to be a reliable partner for the increasing security needs of the modern battlespace. Coincidently, recent international events such as the conflict in Ukraine have demonstrated how non-military infrastructures and organizations may also be the target of cyberattacks aiming to steal or disrupt their data. Awareness in the civil sector to the threat is increasing and CDS are becoming the obvious response to their compelling security needs.

For the most part, and for decades, the security challenges in security domain transitions have been solved by air gapping. This has contributed to the myth that air gapping can be the basis of cross domain security. But be no illusion, air gapping is not only far from being an applicable solution, it is also far from being a secure solution.

attack vectors into systems. When transferring data in an air gapped network, the trust anchor is the person carrying around the removable media. Even if the media can be inspected at the source and destination of the transfer, what happens during the transfer itself is a grey zone, which cannot be audited, making the risk of data leaks and attack vectors a tangible security threat.

Patchmanagement Security Gateway / Guard

That said, the spread of CDS is still being impeded by a number of hurdles along the way. Firstly, the awareness of the commercial market of the potential of CDS is still limited. This is due mainly to the fact that most cyber security training and education still focuses more on generic internet-working security appliances such as firewalls, meaning that cyber security professionals are not always as aware of CDS as they could be.

Firstly, air gapping is based on the use of removable media such as USB sticks or hard drives. Although it’s true that the cost of a gigabyte of removable memory is continuously decreasing, it is also true that the endpoints in military systems may still have limited

Secondly, many regulatory frameworks still use ‘hardware data diodes’ as a synonym for CDS, which limits the perception of end users about the possibility of achieving bidirectional secure data exchanges with security gateways based on a combination of hardware and software. Finally, despite achieving NATO and EU Secret approvals for our CDS, many organizations are still unable to take full benefit of the security offered by CDS because of the additional approval processes within national security agencies that is normally required. These processes are frequently long and complicated, especially for CDS produced in a different (even European) nation from the purchasing nation. Sometimes, there is even a need to address and overcome security regulations conceived several years ago that are still based on antiquated air-gapping procedures.

security culture. Our CDS based on a trusted computing base have been highlighting the benefits of a ‘hardware+software’ solution for many years and make INFODAS the reference point in this sector.

procedures are still based on outdated practices and security myths. Only a shift in the security mentality will enable the exploitation of the full power of digitalization. After all, a mechanism runs at the speed of its slowest gear, which for the digitalization of naval architecture is probably air gapping.

Data Classification / Labelling

There is no doubt in my mind that Cross Domain Solutions (CDS) are, today, the best option for interconnecting formerly air gapped domains. With CDS, a unidirectional or bidirectional data exchange between security domains can be implemented, while enforcing the strictest security policies. Moreover, approved CDS can implement controlled choke points between security domains while maintaining the security accreditation of the system. Furthermore, CDS, compared to other security solutions such as firewalls or intrusion detection and prevention systems (IPS/IDS), have a higher Return on Security Investment

CDS can improve interoperability and security but require a shift in the

NATO EDGE IN REVIEW

The NCI Agency’s new flagship event – NATO Edge – solidifies its future as a vital engagement forum not only for the NCI Agency, but for NATO in general. Simon Michell reports

Since its establishment 10 years ago, the NCI Agency has organized and run two high-profile conferences a year – NITEC and NIAS. The flagship conference, NITEC was a showcase and networking event for industry to highlight the technology and innovation that could enhance NATO capabilities. It was held across the transatlantic Alliance in places as diverse as Berlin, Oslo, Ottawa and Tallin.

NIAS (NATO Information Assurance Symposium) on the other hand, focused almost exclusively on cyber security and was held every year at the Lotto Mons Expo venue close to the main railway station in Mons.

However, when COVID-19 struck, the preparations for the 2020 NITEC20 in Austin Texas had to be postponed until 2021. As a consequence of the enduring pandemic, it was later unfortunately cancelled. This led to the emergence of an interim free online summit in 2021 – ‘NITEC Connect’, which was a groundbreaking virtual conference run along very similar themes to the physical event minus the networking and the industry exhibition. NITEC Connect was only ever going to be a stopgap as the Agency stated in its announcement of the postponement, “The NCI Agency is devoted to hosting a premier

technology event that maximizes opportunities for networking and one-onone conversations to enhance business for our participants.”

The break from holding the physical events, therefore, gave the NCI Agency an opportunity to recalibrate its engagement strategy and come up with something new. The result? NATO Edge.

OFF TO A GREAT START

Combining the two former conferences into a single three-day event at the Lotto Mons Expo in Mons was universally welcomed by the delegates and exhibitors. It not only meant that they could focus their engagement over a single event, but also that the burden on constrained budgets could be reduced.

The two-and-a-half-day event, from 25 to 27 October 2022, took place in two main areas of the Lotto Mons Expo building – the main plenary auditorium and the exhibition hall. The main plenary auditorium held an audience of more than 2,000 delegates and played host to a number of compelling keynote speeches. There were also presentations from Agency staff and industry executives as well as some extremely valuable panel sessions.

On stage, over the three days, there were keynote speeches from eminent military and political figures – including the Prime Minister of the host nation, Belgium, Alexander De Croo, the former President of Estonia, Kersti Kaljulaid, the Deputy Secretary General of NATO, Mircea Geoană, the Chairman of the Military Committee, Admiral Rob Bauer, and of course, the General Manager of the NCI Agency, Ludwig Decamps.

The General Manager opened proceedings with a description of the current instability and danger facing the Alliance. Referencing the illegal invasion of Ukraine and the resultant energy crisis across the continent, he stated, “It is from that perspective that the NCI Agency is enabling here, for the next

three days, a strategic dialogue on technology, collaboration, partnerships – essential ingredients to future-proof the Alliance and to counter future threats and challenges.” For his part, the Belgian Prime Minister reiterated Belgium’s commitment to the NCI Agency, “As you know, Belgium attaches a great importance to the NCI Agency. As Belgians we are extremely proud of this long-term cooperation with the NCI Agency. As the host nation, we have supported NATO and the Agency from the very beginning.” He then went on to highlight the Agency’s support to the Alliance and the Member States in terms of its specialist skills in the field of cyber security and emerging and disruptive technologies.

“The field of technological innovation has become more important than ever and cyber security and emerging and disruptive technologies are really at the core of your mission, but I would say also at the core of what NATO is doing and the protection that NATO is providing to its partners.”

THE EXHIBITION HALL

The main plenary hall feeds out into the exhibition hall where there were white inflatable Innovation Theatres and the open-air colour-coded briefing theatres strategically placed amongst the exhibitor stands. Over the course of the conference, there was an undoubted buzz in the air as delegates mingled with each other in a notably enthusiastic manner. The exhibitors were also highly animated and engaged. Overall, there was an unmistakable enthusiasm for the event. On being asked why his company was exhibiting at NATO Edge, the Senior Solutions Architect from Belkin, Stephen Dade, explained, “The main benefits for coming to NATO Edge is that the contacts are all quality contacts. The visitors are coming because they want to make contact, they want to learn and they are genuinely interested.” He continued, “In terms of cyber security, I insist that we only come to one show a year, and NATO Edge is that show.”

NCI AGENCY CELEBRATES 10-YEAR ANNIVERSARY

The first NATO Edge conference coincides with the NCI Agency’s 10th anniversary

At the end of the first day of NATO Edge, delegates, speakers and exhibitors were invited to the main plenary hall to share a glass of champagne and toast the 10th anniversary of the NCI Agency. All three of the Agency’s General Managers (GMs) were on stage to participate in the celebrations – the first GM, Koen Gijsbers, his replacement, Kevin Scheid, and the current incumbent, Ludwig Decamps.

As the first GM from 2012 until 2016, the former Olympian, Dutch Major General, Koen Gijsbers (Retd), successfully oversaw the merging of 14 NATO organizations into a single homogenous entity responsible for developing and supporting NATO communications networks and IT infrastructure. Kevin Scheid, previously from the US Mitre Corporation, an accomplished mountaineer having scaled Tanzania’s Mt Kilimanjaro, continued the intricate and often complex merge process and oversaw the launch of the NITECH magazine in 2019. Former Belgian Major General, Ludwig Decamps, succeeded Kevin in 2021 with a remit to strengthen NATO’s resilience and sharpen its technological edge – hence the NATO Edge conference.

INDUSTRY PERSPECTIVE

Building a resilient threat-informed cyber defence

Threat Intelligence Platform – Unique, Scalable and Operational

comfort level for both providing and receiving information. Once the other TIP users in the network have done the same, intelligence can be synchronously shared.

What are the core technology offerings behind EclecticIQ’s threat intelligence capabilities and how do they work?

Our flagship technology is the Threat Intelligence Platform (TIP). Our TIP helps organizations ingest, consolidate, normalize and enrich structured and unstructured data about the cyber threats that they acquire from multiple sources. EclecticIQ’s platform allows customers to operationalize this data in a variety of ways, including conducting investigations, prioritizing threats and sharing intelligence. The benefits of our TIP include accelerating threat detection, improving prevention and mitigating cyberattacks.

Our customers can use our TIP internally or in collaboration with other organizations in a network. Collaboration tools, such as automated report feeds, enable multiple organizations to share threat intelligence so they can be more proactive in defending against potential attacks. However, this information-sharing process is carefully managed. For example, each organization determines its

Our TIP can benefit any organization facing sophisticated cyber threats. That said, our customers tend to be government entities engaged in defence, intelligence, national security and cyber security. In addition, we are seeing strong interest from the law enforcement community. On the enterprise side, our customers are primarily involved in manufacturing, critical infrastructure and finance.

Organizations typically choose our platform because its capabilities strengthen their existing cyber security systems and help operationalize their intelligence for threat detection and mitigation. You might say EclecticIQ’s TIP provides the technology link between threat data and the people who need to use it.

information, but not necessarily everything. Our TIP provides flexibility: each participant in the network can operate our software according to their own policies governing what information is shared, how it is shared and with whom – all while operating the software independently, adhering to the policies of each individual agency, including in air-gapped and classified environments.

Data fusion capabilities enable NATO Member States to combine external sources of threat intelligence with their internal datasets. Through data normalization, correlation and analytics, a unified view for cyber situational awareness is made available programmatically or to analysts.

Customization capabilities enable our TIP to support organizations with their requirements to tailor intelligence to use cases and technology needs. Powerful workflow customization, APIs and SDKs are available.

What does EclecticIQ add to NATO’s and the NCI Agency’s cyber security capabilities?

EclecticIQ technology can help an organization such as NATO in three main ways:

• Strategic independence and collaboration

• Data fusion

• Customization

In the first case, we enable NATO members to share selected threat

Since our founding in 2015, EclecticIQ has been supplying technology capabilities to NATO Member States to enable them to better defend themselves and others, take control of cyber threat data and collaborate. The NCI Agency and EclecticIQ have an even longer association. The NCI Agency did, in fact, award EclecticIQ with significant investments through its Accelerator programme.

As an example of the value delivered to a NATO Member State, EclecticIQ supported the National Computer

What type of customers are EclecticIQ’s offerings designed for and why?

How can EclecticIQ’s solutions help customers such as NATO protect their data and networks?

Emergency Response Team (National CERT) of an EU member state government, in transitioning from reactive cyber response to intelligenceled proactive cyber defence to increase the nation’s cyber resilience. This collaboration established faster threat response, enabled by the timely distribution of high-quality threat data. With collaboration, one organization’s reactive effort becomes another’s proactive asset. Key advantages of the EclecticIQ TIP implementation included:

• providing a backbone for automated ingestion and processing to address the high volume of threat data;

• enriching and correlating threat data to improve confidence;

• facilitating collaboration by dedicated CTI analysts at the

National CERT to deliver highquality threat data and intelligence;

• integration and close coupling with agency security information and event management (SIEM) systems and the National Cyber Sensor Network to facilitate faster threat and incident response; and

• supporting federated security and trust mechanisms to manage access controls and confidential data among the member SOCs. Each SOC controls access to its data.

Why is EclecticIQ unique?

Our technology is built with national security in mind, with NATO, the NCI Agency and many other national security agencies among our first customers. We understand the critical importance to customers of strong controls over their data, the need to

adhere to national security architectures, and the enormous scale involved at the national and international levels.

In addition, our longstanding experience in national security and defence has enabled EclecticIQ to amass knowledge about the field and develop sophisticated tradecraft. Our expertise is borne out by the way we allow our users to visualize and analyse data to produce actionable intelligence, as well as the way we enable analyst collaboration on our platform. Our technology operates across levels of classification and supports air-gapped and edge architectures. This is just the tip of the iceberg.

EclecticIQ also stands out as the only European threat intelligence technology company servicing national security. This gives us that extra impetus not only to serve as a cyber security partner to our customers, but also to strengthen diversity in the supplier landscape. Although we have European roots, we service customers around the globe.

Scan QR-Code and learn more or visit bit.ly/eclecticiq

MEET OUR NATO INNOVATION CHALLENGE WINNERS

Chris Aaron asks Kai Rehnelt, CEO of SECLOUS GmbH, what winning the NATO Innovation Challenge means for him and his company, and how non-visible data is gaining awareness

SECLOUS GmbH, in partnership with BWI innoX, recently won the 10th edition of NATO’s Innovation Challenge, which focused on data security and management in the context of reconstruction operations – a topic that has immediate relevance to the situation in Ukraine.

Kai Rehnelt, SECLOUS founder and CEO, is confident that the win will bring important visibility for his company’s technology. Although SECLOUS has trialled its software with the German armed forces, Rehnelt says, “It has

been challenging for me to make NATO partners aware of this new technology.” Winning the Innovation Challenge is a big step forward on that path.

Rehnelt has worked for most of his career in Enterprise Architecture, where he realized the need for providing enhanced data security and data control through a data protection layer added on top of any infrastructure. According to Rehnelt, “That layer provides a massive simplification of the required security measures and segmentation needs, and eases the protected and controlled access to any kind of data source. It can enable access to information from military multidomain operations, even integrating civilian systems, whilst ensuring resilience, control, integrity, confidentiality and availability of the systems involved.”

The security aspect involves taking any kind of digital data as it is ‘created’, chopping it up into chunks, extracting information from those chunks to autonomously encrypt and obfuscate each one, and then distributing the protected segments across the network without any meta-information surrounding it, essentially hiding the data. It is for this reason that Rehnelt uses the term non-visible data (NVD) to describe the approach.

When a user wishes to access some data, the necessary information is calculated on the user’s device, so the relevant invisible chunks are retrieved from across the network, assembled and presented to the user on screen. This process is entirely transparent to the user, who simply uses the usual data-viewing applications as normal. However, under the surface, no visible information will ever leave the device again – just invisible data. The data-control aspect of the new technology has particular importance for organizations such as NATO that need to keep strict control over who can see particular data.

NO LOGIN, NO DATA MANIPULATION, NO LOSS OF PRIVACY

The typical login procedure and rights management has been replaced by crypto. So instead of first proving that you are the correct user and getting certain rights granted to access the data, the system calculates an ephemeral number that enables the local system to collect the required chunks, decrypt and make them usable for the defined purpose. There is no login, no data manipulation, no loss of privacy, but more control and the ability to fully revoke shared information (as the revoked users won’t be able to find the chunks anymore).

In this way, the creator or owner of the data retains permanent control over who can view the data. Rehnelt

explains, “All devices or servers (endpoints) would have the NVD software running on them. As the protection is part of the data, it has to happen where the data is generated or used. Keys for accessing data are calculated at these endpoints based on user and device identifiers, so there is no keystore to hack, and keys never leave the device. It doesn’t matter what kind of network it is – a secure NATO network or an unsecured local civilian network – as long as the inputs to the algorithm are correct, then everyone can trust the reliability of the data, and the owner has full control of the distributed data.”

Rehnelt recalls a high-ranking NATO officer at the NATO EDGE conference in Mons asking him why the big IT companies had not shown more interest in NVD. Rehnelt explains that the major IT corporates tend to have a different philosophy regarding data control and ownership – so providing clear ownership and control to the users could have a negative impact on datadriven business models. This is not because the access to data sources is harder, but rather because the cryptographic access control only allows use of the data for the agreed purposes.

THE ROAD TO BUCHAREST

SECLOUS started working with BWI, a German IT house that supports much of the non-military IT functions of the German armed forces, back in 2020. After SECLOUS had won a German forces Innovation Challenge in 2019, the military asked BWI to assess the SECLOUS NVD solution, and carry out penetration testing over a three-month period. When Markus Zobel at BWI received a newsletter announcing the NATO Innovation Challenge, he and Rehnelt agreed they should pitch the solution at the finale in Bucharest with the aim of spreading awareness and understanding of the technology across NATO.

Following the win in Bucharest, Rehnelt is exploring possible involvement with the newly formed DIANA (Defence Innovation Accelerator for the North Atlantic), which was agreed by NATO members in April 2022. In addition to the network of innovation hubs linked through DIANA, a $1 billion fund has been proposed for direct investment in innovative projects.

As Rehnelt observes, “There are other non-military organizations out there that have similar needs to NATO to achieve resilience and data control – needs that are not necessarily being met by mainstream IT providers. Schemes such as the NATO Innovation Challenge and DIANA can therefore act not only directly as drivers of innovation to meet NATO needs, but also indirectly as incubators for technologies with wider civilian and commercial applications.

The NATO Innovation Challenge, initiated in 2017, is an ideas-generating process aimed at resolving common Alliance and NATO Nations operational problems efficiently and costeffectively.

THE NCI AGENCY’S NOT-FOR-PROFIT FRAMEWORK

A new Not-For-Profit contractual framework is helping to broaden NATO skillsets. Jenny Beechener asks NCI Agency Senior Contracting Assistant, Dace Skele Horvat, to explain what it is and how it will enhance NATO capabilities

Two research establishments became the first to secure contracts under the NCI Agency’s new Not-For-Profit Framework (NFPF) model in May 2022. Enacted in February 2022, the new cooperation model allows NATO, for the first time, to work directly with academic, scientific and research institutions from within NATO Nations.

Both contracts relate directly to emerging technologies: the NCI Agency retained Instituto de Telecomunicações in Aveiro, Portugal to study the military potential of 5G technologies; while Ingeniería de Sistemas para la Defensa de España (Isdefe,) Spain, is developing training for deployable communications. Two further procurements are already out to tender: one to develop a prototype transmission security (TRANSEC) layer for HF (high frequency) radio data communications; and a second addressing key artificial intelligence (AI) technologies.

NCI Agency Senior Contracting Assistant, Dace Skele Horvat, explains much of this knowledge does not lie with the Agency, or indeed with industry yet; and if it does – particularly on the industry side, their participation in the early stages of the capability development may require exclusion from the prospective implementation contracts. “We are looking at new capabilities and trends to find out what is deployable.” Among potential work areas, the Agency seeks support through technical studies and analysis, consultancy support, research and development, concept development and experimentation. A long list of target technology domains includes wireless and mobile communications, satellite communications, spectrum management and policy, incident management, information technology (IT) infrastructure, network and system architecture, cyber security, cloud computing and electronic warfare. “We want to start in the research phase – rather than capability delivery – with the NFP organizations and use the outcome of the work as inputs for subsequent implementation phases of projects.” In essence, the contractual model provides the Agency with access to external scientific support for technical projects within NATO, while NFP institutions gain exposure to NATO user requirements and the ability to support the Alliance.

HOW DOES IT WORK?

The NFPF cooperation model is a two-step contracting process. Applicant institutions first submit their application and agree to the NFPF Terms and Conditions, while the Agency seeks a Declaration

of Eligibility endorsed by their country of origin – applying the same rigorous procedures as used in industrial contracts. Once this administrative activity is completed, the NFPs become eligible to bid for NFPF task orders in support of specific NCI Agency requirements. The framework complements existing cooperating and contracting processes with industry and is designed to extend across capability delivery.

The procurement process tends to be shorter than traditional industry partnerships. “The submission period may be as short as four weeks with the results of a tender announced within six to eight weeks, providing us with much faster access to these skills,” adds Dace Skele Horvat. This is due in part to smaller contract sizes, but also reflects a shift to off-the-shelf technologies and shorter development cycles.

In a two-way cooperation, successful NFP organizations and national defence laboratories gain access to funding for research and development activities and the opportunity to bring the NATO perspective into their day-to-day work.

WHAT DOES IT ACHIEVE?

“It provides a new sourcing method for acquiring pre-defined expertise and skills, in particular those aligned with the Skills Framework for the Information Age (SFIA),” explains Dace Skele Horvat. “It taps into nascent competencies within these institutions and areas that NATO has not been able to access before.” SFIA identifies the skills and competences needed in the digital world. Securing this pre-defined expertise supports the chartered mission of the NCI Agency, namely the delivery of Command, Control and Communications (C3) capabilities and Communication Information Systems (CIS) services.

“The NFPF expands the Agency’s cooperation ecosystem and diversifies the NATO supply chain while at the same time contributing to wider engagement by nations in the Agency’s work.”

Most importantly, the NFPF model enables NATO to fill a gap within existing capabilities and to source future technology requirements. It helps to meet the challenge of bringing the best technologies and expertise into the Alliance while increasing the Agency’s capacity to deliver. And, it is a win-win solution on all fronts – for NATO, the NFPs and the NATO nations, with the Agency engaged in systemic and structured cooperation with the national academic, scientific and research institutions through a comprehensive and inclusive collaboration scheme.

INDUSTRY PERSPECTIVE

A new approach to cyber security

The Chief Security Strategist and VP for Global Threat Intelligence at Fortinet’s FortiGuard Labs highlights why organizations need a new approach to cyber security as the threat landscape becomes more complex and sophisticated

Can you describe what the Fortinet cyber security mesh architecture is and how it helps defend networks and data?

Why do organizations undergoing a digital transformation need a new approach to cyber security?

With digital transformation, of course, comes change to architectures – hardware, software, people, process and procedures. That is a paradigm shift for defenders, as with digital transformation comes a more complex attack surface; an attack surface that is volatile and which needs to be monitored and tuned for agile response. Traditional approaches to cyber security can simply not keep up, so a new approach is needed that leverages automation, zero trust, AI-powered security operations and actionable threat intelligence. Defenders also need to start looking more to the left of the kill chain, as sophisticated targeted and destructive attacks are on the rise. That means counterintelligence solutions to combat reconnaissance efforts from the adversary, as well as deception environments to slow the adversary down.

As the attack surface continues to expand, the skills gap continues and the threat landscape continues to evolve, organizations need a new approach to secure their extended network. Fortinet provides organizations with a journey to integrate point products into a cyber security platform. The Fortinet Security Fabric or ‘cyber security mesh architecture’ spans the extended digital attack surface and enables self-healing security to protect devices, data and applications. It reduces complexity through integration and automation, enables faster time-to-prevention and detects threats. This integration and automation also bridges the skills gap that has to be filled in order to be able to respond to threats such as ransomware and destructive wipers.

What is Fortinet’s SASE (Secure Access Service Edge) offering and how does it differ from other available solutions?

FortiSASE delivers a comprehensive Secure Access Service Edge (SASE) solution that extends the convergence of networking and security from the edge to remote users. FortiSASE converges clouddelivered networking (SD-WAN –Software-Defined Wide Area Network) and cloud-delivered security (SSE (Security Service Edge)) comprised of secure web gateways,

universal ZTNA (Zero Trust Network Access), CASB (Cloud Access Security Broker) and Firewall-as-a-ServiceFWaaS). It enables customers to achieve a few vital things. For example, it enables the customer to overcome security gaps and minimize the attack surface. In addition, it is able to deliver superior user experience with intelligent steering and dynamic routing via SD-WAN. It also helps simplify operations with cloud-delivered management and enhanced security and networking analytics. Finally, FortiSASE enables a shift to an OPEX (Operating Expenses) business model with simple user- and device-based tiered licensing.

Can you describe how Fortinet embeds Artificial Intelligence (AI) into its cyber threat detection capabilities?

Fortinet has been a leader in AI and machine learning (ML) for over a decade. For example, the Fortinet Security Fabric includes ML and AI applied to areas where organizations will benefit the most, such as investigating web traffic, detecting malicious objects, tracking malicious web campaigns, zero-day detection, and more. Our network firewalls are ML-enabled, but we also provide a complete ML-enabled Security Fabric. This enables us to help customers use the technology to scale, enhance, predict and reduce time-to-detect. Fortinet also supports in-line sandboxing through ML for real-time protection of advanced persistent threats. Virtual analyst support is another way in

which Fortinet embeds and leverages AI through supervised learning approaches, allowing the end user to tune ML models.

What other technologies is Fortinet developing to deliver data and network security in the future?

For organizations today, operational complexity is slowing down digital initiatives. Applications are distributed in the data centre, in the cloud and as a service (aaS). Furthermore, users are in constant

movement across home, office and travel. Complexity is a key challenge to take back control of environments. In addition, Chief Information Officer and Chief Information and Security Officer teams often operate in separate silos. This means that teams are often forced to choose between preserving user experience or properly securing their network.

Organizations can overcome these challenges and improve operational efficiency by breaking down organizational silos and choosing

solutions that converge networking and security. Fortinet has been a driving force in the evolution of cyber security, networking and security convergence since the company was founded and will continue to lead the convergence trend with a wide range of technologies.

CYBER INFORMATION SHARING IN TIMES OF CRISIS

In an increasingly hostile cyber environment, the head of the NCI Agency’s Cyber Security Operations Branch, Emmanuel Bouillon, reveals the benefits of the Agency’s Industry Partnership Agreements to Mike Bryant

The NCI Agency has long sought to work with industry, non-profit organizations and academia for the mutual benefit of all parties. It seeks out ideas and solutions to challenges that NATO and its members face, and these same challenges can also be faced by non-NATO actors. Nowhere is this more the case than in the realm of cyber security.

The NCI Agency is the technical authority on cyber security for NATO and the lead on defending the Alliance against cyber threats. In many ways, its work with the private sector in this domain dates back to 2014, when NATO leaders endorsed the creation of the NATO Industry Cyber Partnership (NICP), a programme designed to foster cyberrelated information sharing by the Alliance with industry.

At the heart of the NICP strategy is the NCI Agency-driven programme of Industry Partnership Agreements (IPAs), which bring together large, medium and even smallerscale private enterprises that offer their own technological solutions to the cyber threat or themselves face a danger from cyber-attack.

The partners work together for mutual benefit both at a technical and operational level, sharing information on cyber threats and information security best practices, as well as cyber threat indicators and mitigation measures. The aim is to increase awareness of threats to NATO and industry partners, enhancing resilience amongst all involved.

Emmanuel Bouillon, head of the Cyber Security Operations Branch at the NATO Cyber Security Centre within the NCI Agency, explains that the NCIP and the IPA framework that the Agency runs within it, grew out of the realization that NATO and some industry partners were facing identical cyber threats. The non-commercial, NATO-unclassified IPA programme has been “extremely valuable for us to share information on cyber threats and to receive industry feedback,” he says.

Some of the strategic industry partners that have joined the programme offer a wideranging telemetry, Bouillon observes – they can provide data and feedback across their

global nexus of businesses, adding significantly to the view that the NCI Agency and its Alliance partners see across the scope of NATO networks.

Their thoughts and expertise are then shared by the NCI Agency with all key stakeholders within the Alliance, not least other lead entities on cyber within NATO such as the Cyber Threat Analysis Branch (CTAB) and the Cyberspace Operations Centre, as well as individual member nations as appropriate. “We share information within IPAs in the spirit of mutual defence,” Bouillon continues. “The programme helps our partners to defend themselves from threats, while from NATO’s point of view it is vital to improve our own understanding of the wide-ranging cyber threats we face.”

Feedback and assistance offered from industry partners within the collaborative approach that the IPA programme provides, can be particularly forthcoming at times of high visibility events such as NATO summits. It’s also particularly beneficial in terms of the technologies and solutions that partners bring that are not already found within the Alliance. “But all round, it’s a win-win situation for everyone,” he says.

FROM STRENGTH TO STRENGTH

Industry partners typically sign up to the IPA framework for a period of three years, but their participation normally rolls on beyond that period. Partners also tend to sign up to the same agreements, although there might be some minor divergences in the small print on how information is shared between the company and NATO and how it might be further disseminated (or, indeed, whether the agreement is made public).

The programme continues to go from strength to strength. Bouillon confirms that the NCI Agency is working with a number of prospective new IPA partners. However, “We try to expand our partner base, but will only accept a new entrant to the IPA framework when it is mutually beneficial to do so,” Bouillon stresses – “only when it is going to benefit the programme”.

“The aim is to increase awareness of threats to NATO and industry partners, enhancing resilience amongst all involved”

INDUSTRY PERSPECTIVE

Driving mission transformation

Model-Driven DevOps for NetOps. Transforming DoDIN Cyber Operations with Network Infrastructure as Code (IaC)

Model-driven DevOps represents a game-changing digital transformation approach for NetOps to deliver enhanced network infrastructure orchestration, optimization, agility, flexibility and resiliency – the result: a DevOps-Driven Mission Intent-Based Infrastructure.

Just as agile DevOps efforts transformed application development and created more responsive and timely mission outcomes, DevOps for NetOps is a critical next step in meeting today’s and, more importantly, tomorrow’s missiondriven demands. Adopting this approach in our culture and our engineering approach to NetOps will enable military cyber professionals to finally begin operating the network like a mission platform.

DevOps for NetOps is not the goal; enabling DevOps for the network to enable Mission Transformation is The Goal.

Adopting this approach is likely as much a (if not greater) cultural challenge than it is a technical one.

Military cyber professionals must understand the technology and break down the cultural and technical impediments that prevent the adoption of realizing all the potential of infrastructure-as-code (IaC). In fact, continued technology advances will accelerate the ability and need to deliver dynamic ‘mission-intent-based infrastructure’ to support all domain command and control mission outcomes while, simultaneously, the DoD seeks more transformation from DevOps-driven application development – NetOps must respond!

A DevOps Mindset

The network is fundamental to connect users, devices, applications, data and services no matter where they reside - from edge to cloud; however, much of network administration has not changed meaningfully in 30 years. As digital services are delivered more frequently through adoption of DevOps for software development that focuses on services or applications, gaps and weaknesses are quickly identified in the supporting hybrid cloud network infrastructure. Network operators face increasing pressure to move faster –often at the sacrifice of fundamental, scalable network architecture and security best practices – while at the same time, they are being held responsible for helping mitigate risks and respond to threats. This challenge demands a cultural shift – requiring a DevOps mindset inclusive with network infrastructure.

The demand for new features and faster delivery of services has driven the need to develop software and applications faster - thus, driving the

rapid virtualization and ‘cloudification’ of IT infrastructure. Failure to transform to a DevOps approach for network infrastructure aligned with the Continuous Integration/Continuous Deployment (CI/CD) process is not an option. A model-driven DevOps approach enables network operators to maneuver the network at machine speed through a deliberate process.

Challenges

Although much focus around DevOps is being applied to applications, most NetOps teams are still operating the same way they have been for the last 30 years. The reasons for this fall into several categories that require exploration.

As with most challenges in the cyber domain, the challenges for implementing DevOps for Network Infrastructure span both cultural and technical issues. There are several broad cultural hurdles that act as impediments to the implementation of a DevOps approach to IaC which must be addressed simultaneously by any organization. Leaders must offer operators the opportunity to learn and implement these capabilities while helping the whole organization to understand that DevOps for NetOps increases security, reduces complexity and helps ensure better compliance through standardization and CI/CD processes that support testing and validation before deployment.

Realizing Change and Transforming the Mission

By committing to following a DevOps Roadmap and understanding the supporting DevOps for NetOps

fundamentals, NetOps teams must re-evaluate how they operate network infrastructure – today! The physical network cannot be the bottleneck for digital mission transformation - it must be an enabler. Applying a DevOps Roadmap for network infrastructure can be undertaken in five deliberate steps that are aligned with the CI/CD process:

• architecture - build architecture focusing on standardization,

• simulation - simulate architecture as a virtual twin,

• automation - automate deployment in the simulated environment,

• testing - create/validate deployment tests in the simulation,

• deployment - use automation to deploy into production.

Realizing change means changing the old mindset and creating a new culture of thinking. Previously, most have thought of the network itself as the Source of Truth (SoT). By embracing a DevOps approach, the SoT of a network is embodied in the central repository, or digital twin, of all information that is needed to configure the network to a desired state. With that view in mind and moving into the future, all network operations are transformed into a push of SoT data into a device in whole or in part. Although many NetOps teams fundamentally know or understand this, moving to a model-driven approach is a hard, but necessary, transition to make.

DevOps Roadmap The

•

•

•

•

Instantiate a NETWORK DIGITAL TWIN

• Test configurations and changes implemented via automation to ensure it is accomplished programmatically ensuring that it is done the same way every time

•

Implement

Encapsulation of Commanders Intent that enables network maneuver at machine speed – in response to threats, to reduce risk and/or enable war time modes.

leveraging CI/CD principles to properly test and validate changes to infrastructure before they are made in production, network operators can enjoy all the possibilities and benefits of a model-driven DevOps approach to move at scale and speed. Embracing this approach in the culture of NetOps teams is a must to move forward.

Once accepted, viewing all automation operations as simply a push of data from the SoT into the infrastructure simplifies the IaC approach. Further, by cisco.be

ENHANCING ARCHITECTURE, DATA MANAGEMENT AND SECURITY THROUGH A NEW TYPE OF COLLABORATION

Q A

What are the key steps that have to be taken when collaborating on a new data management project?

Data management is not a new discipline.

Data-related phrases such as big data, data centricity, data lakes and data exploitation underline the importance of data across all business domains. Within NATO, it is absolutely crucial to aggregate data into information in order to achieve information superiority as the foundation for timely and precise decisionmaking. It is also key that both structured and unstructured data is considered to be of relevance.

The identification of authoritative data repositories as the single source of truth (SoT) and the assignment of data owners ensuring data quality and validity is absolutely vital. What makes a big difference in our world, as its spins ever faster, is the need for even timelier processing and analysis of data. Data science

technologies such as machine learning and artificial intelligence provide such capabilities and help to generate data models by using modern DataOps approaches. However, data-model development requires a more iterative, agile and collaborative data engineering approach.

To enable this, our data science team collaborating in the NATO Software Factory (NSF) has implemented a new DataOps toolchain. The NSF provides one common engineering space that helps in establishing the foundations for DataOps collaboration with industry, academia, NATO Nations and NATO entities. Since the NSF environment is public and cloud service-based, it has the advantage of providing access to both commercial and open data sources, and consequently enriches our data foundation for NATO decision-making. By following this approach, the use of industry standards for master data can be applied as can standards like UNLOCODE for geographical locations or

a new way of collaborating can enhance data management and security

UNSPSC for IT product categories. This too enables us to standardize and streamline our master data repositories.

Which important elements should be considered to ensure success?

People matter and are indeed key to success. But, they need to communicate, interact and collaborate within existing organizational structures or cross-organizational/functional teams.

Effective collaboration, focused on the products and benefits, enriches the value chain and is always key to success. Nevertheless, effective collaboration only works when all aspects are being correctly addressed. That is why the NSF’s collaborative environment, which involves the right people with the right skills sets, is delivering results.

Project management is also important. In any governmental organization we are often confronted with layers of governance. These are necessary, but they should not slow down the decision cycle. Neither should micro-management prevent sufficient space for teams to generate value. This is indeed a delicate balance and requires true leadership at senior executive level.

How early in a project should the key aspects of a project be scoped out?

In terms of the correct timing for certain aspects of a project, it is essential to shift important life cycle activities earlier to the left by applying, for example, a security-by-design approach. This prevents ripple effects, caused by cyber security vulnerabilities, being experienced at the later stages of a product life cycle. Another good example is the need to shift integration or penetration testing activities to the earlier stages of a project in a more iterative and automated way, enabling the identification of deficiencies earlier and consequently allowing adjustments to be made as early as possible.

Last but not least, it is vital to recognize that the introduction of new technologies and approaches can cause change resistance and can even result in culture shocks. These types of innovations require clear communication and close collaboration with all stakeholders.

Why should cyber vulnerabilities be addressed early?

An important lesson we learned was that security-related requirements are often not taken into account early enough in a process or project, only

to be discovered later in the product development life cycle. Usually, our cyber security team is able to discover security weaknesses during penetration testing activities. In cases that security-related vulnerabilities are in fact detected, it usually means that the team has to re-architect and re-design the product. Obviously, bringing a product back to earlier stages of the life cycle is very resource intensive and causes delays to the project. Sometimes, vulnerabilities can be ‘showstoppers’ resulting in project failure.

In order to prevent such a situation, it is absolutely vital that security-related requirements and any other non-functional requirements are included as early as possible during the requirements phase. By following a security-by-design approach, such security requirements are included in the early design phase. It is also key that cyber security subject matter experts are part of the product team from day one, especially when following ‘Agile’ development methodology.

Our recent implementations of the NCI Academy training network, offering online training to NATO and the Nations has shown that security requirements cannot be an afterthought – or a bolt-on feature. It is essential to understand how security will contribute and add true business value to our ICT. Automated secure templates, pre-screened container registries, continuous cybermonitoring and patching are all essential in today’s world. Public cloud and internet-exposed systems are extremely vulnerable to tardy patching and the lack of cyber monitoring. Therefore, within the NCI Agency and across NATO as a whole, security has become a core element of every ICT system, service and project.

Close collaboration with our cyber security team, the creation of data-lakes for security and the logging of event information build the essential foundation for Security Information and Event Management (SIEM) Systems. The same goes for Service Management and Control (SMC). SIEM is indeed the nexus where securityby-design and SMC-by-design meet in order to support the architecting and design of secure, well-managed and closely-monitored services for NATO.

How did the DCIS Cube Architecture development process exhibit these collaborative attributes?

The DCIS Cube Architecting Initiative was launched at NITEC 2017 in Ottawa, Canada as a collaboration effort with industry to explore how industry could help NATO improve its exploitation of modern COTS (commercial-off-the-shelf) technology for deployed CIS (Communications and Information

Systems). This effort was successful beyond all our expectations and delivered a modern industry-standard architecture based on commercial best practice that industry was comfortable supporting.

The DCIS Cube Architecture concept has been recognized internationally, including with an IEEE paper and has been re-used by NATO nations who are building their own national DCIS capabilities. Aspects such as security-by-design and service-management-by-design were included from the start by making sure a broad mix of expertise was involved. For example, we had generalists, experts on hardware, virtualization, security and orchestration, including representatives from public cloud providers.

What lessons did you learn during the DCIS Cube development project?

The DCIS Cube project has delivered many valuable lessons in terms of collaboration between industry and NATO. For example, it is really important that the right people with the right skills sets are gathered in a room, away from their normal day-to-day work. The collaborative architecting approach is essentially based on the collaboration of experts interacting in person during these workshops to achieve common use cases and their requirements. These workshop sessions need to be moderated by the NCI Agency to ensure the specific military domain knowledge is included and that the architecture remains vendor agnostic whilst also being industry standard and building-block based. It is also important to use existing industry-standard architecture building blocks and readily available solutions supported by commercial best practices, processes and standards.

A fundamental principle of the DCIS Cube Architecture initiative was that all deliverables are to be shared openly with other companies when requested by them even if they were not involved in the initiative.

Monolithic and stove-piped approaches are no longer working due to the fast evolution and the high complexity of today’s IT landscape. We have to move away from a contractor–customer relationship to a true partnering ecosystem that embraces industry knowledge and commercial best practice and at the same time adapt to the latest IT developments as needed.

How does the Workshop process work?

Each workshop must address a portion of the big picture, while the NCI Agency architects continuously remind the group of the overall picture. It is key that an Agency architect translates the results of each workshop into architecture products. Moreover, these architecture products should always be shared with the whole group so they can offer comments on them during the next workshop in order to improve them.

To deliver a truly tangible architecture product for any given area, requires about six to ten focused workshops. Regular intervals of no more than two months are needed between each one. In addition, regular reviews and decision points for final approval by all contributors are critical to success.

What is the NCI Agency’s role in this new collaborative process?

The NCI Agency is a key stakeholder in this new way of collaborating while bringing military domain knowledge such as for C4ISR (command, control, communications, computers, intelligence, surveillance and reconnaissance), cyber security, service management and other NATO-specific expertise to the table. The NCI Agency role is also essential for ensuring technical cohesion, alignment to Enterprise Architecture and design, and enabling the successful integration into the portfolio of NATO ICT services.

THE DRONE FOLLOWER PROJECT

In 2022, the NCI Agency partnered with the Rotterdam University of Applied Sciences on the ‘Drone follower project’. Jim Winchester asks NCI Agency Principal Scientist, Mario Behn: what the project covers, what it hopes to achieve and how it will help the NCI Agency enhance NATO capabilities

What does the drone follower project involve?

The drone follower project focuses on counter-drone technology which is used to detect and/or intercept unmanned aircraft systems (UASs), aka drones. We came up with this project to give a group of students at the Rotterdam University of Applied Sciences the opportunity to develop a proof-of-concept approach for detecting a drone and trying to intercept or follow it. This activity required students to consider: can you, for example, recognize a drone from the other things around you? At what range can you observe it and how do you even get the information on where the drone is – do you use radar or cameras? For this project, we used a small radar.

The NCI Agency provided some drones as the training set as well as another drone fitted with a radar to detect the target drone. The students decided to use an incremental approach, so they first demonstrated the proof of concept by detecting a car on the ground with the radar mounted on the drone.

Now, it’s one thing to mount a radar on a drone to carry out some trials, but it is another thing entirely to end up with something useable. However, there are already counter-drone products on the market which have, in addition to a radar, a net shooting from behind or a net cage coming from underneath. These are used to safely catch a target drone and deliver them to be analysed. In the most recent NATO counter-UAS technical interoperability exercise (TIE), we saw a few of these technologies being applied.

At the TIE, command and control manufacturers and vendors came together to test whether they could actually speak the same technical language, making sure that whatever information the sensor picked up was computed correctly, and then the effector – for example, a follower drone with a net –had sufficient guidance to follow the threat drone.

Would this approach be effective against all forms of ‘Class One’ drones, those up to 150kg?

If you’re not using a drone fitted with a net, you can try to ram the target drone in an attempt to destroy it. Even if one uses a smaller drone as an interceptor drone, such as the DJI Matrice M300, which is around 20kg, it could still do critical damage to drones of up to 100kg. So, from a technical point of view, an M300 might be sufficient to foil the target drone’s attack. Whether the drone is completely destroyed, that’s a different story – that would be a ‘unit kill’, but a ‘mission kill’ is usually what you want to achieve.

Is there a place for artificial intelligence (AI) and autonomy in the terminal phase?

Absolutely. AI or machine learning usually capitalizes on what you already have, such as a primed database of your common threat drones. However, you might have to tailor your approach. For example, if you know the exact type of target drone you are up against, but you realize that it is far too big a target for your system and you will not be able to do any damage to it, you might have to choose other options. In these instances, AI and machine learning can definitely aid in the way you pre-train the target database of enemy drones. First you identify the drone and then you do what is called inference, which is much faster than training

“AI and machine learning can definitely aid in the way you pre-train the target database”

on the fly with the drone. In fact, at the TIE exercise I mentioned, there was a small start-up which intercepted drones with an optical recognition algorithm based on AI.

For the final engagement decision, you need both AI and humancontrolled options. If you have a slower target, you may be able to operate without AI, while if it’s a very hot threat, the only option may be to have an automatic engagement.

How will this project help the NCI Agency enhance NATO capabilities?

With any technology aspect, it is important to test out and experiment with solutions, to better understand strengths and weaknesses with respect to the goals of effectiveness, affordability and how personnel-intensive it is in development and operation. This information is then shared with the NATO Member States. One motivation for this is to enable an organization to be a smart buyer and know exactly what the technology can and can’t do.

In summary, I think what is really important is that we can engage academia, especially young students, and offer them invaluable and interesting opportunities in the STEM field. With this project, we offered the framework, provided some basic equipment and had regular meetings to guide them. We also went through some coding together. This was incredibly engaging for both the Agency participants and the students, and the team and I would certainly like to continue with these sorts of projects in the future.

CISpaces: AI for Intelligence Analysts

Intelligence analysts receive enormous amounts of frequently conflicting or incomplete information, which they need to make sense of and understand to reach one or more hypotheses and conclusions. These can often be vital for planning purposes and even operations, so it is crucial that the fullest meaning possible of the data can be extracted and tested. However, with so much information being generated on a daily basis, analysts need as much assistance as they can get. Thankfully, it has recently been proven that artificial intelligence (AI) can offer significant support in not only making sense of these huge volumes of data, but also questioning the analysts’ reasoning about it and keeping track of the conclusions they come to.

One of the most interesting tools that has been developed is the CISpaces (Collaborative Intelligence Spaces) decision-support tool. It was built by an international team of computer scientists backed by the UK and US military with advice from NATO experts. The team members were originally based in Aberdeen University in Scotland, UCLA in the US and the defence/ aerospace contractor, Honeywell, led by Professor Timothy J Norman. Funding came from the UK Ministry of Defence and US Army Research Lab (ARL). Three of

the developers have since moved on from Aberdeen. One of them, Dr Alice Toniolo, is now an AI lecturer at the School of Computer Science in St Andrews University, Scotland. NITECH caught up with her there to ask her about the paper she and a team wrote about the project and the potential for the tool.

ANALYSIS OF COMPETING HYPOTHESES

Toniolo explains the reasons for the CISpaces project: “Intelligence analysts have a huge amount of expertise, and we were trying to leverage that.” She adds that, “intelligence analysts are already helped by a lot of automation to collect, index and organize the information they get. But we sought to give them a method to help them construct more than one hypothesis, which we refer to as ‘analysis of competing hypotheses’. Basically, our aim was to help them by asking ‘have you considered this?’ And then making one or more suggestions for them to consider.”

Having concluded that there were “currently no tools or methods which allow analysts to combine the recording and interpretation of information, and that there is little understanding about how software tools can facilitate the hypotheses formation process”, the research team

Christina Mackenzie talks to Dr Alice Toniolo of St Andrews’ School of Computer Science to find out how a team of gifted computer scientists created an analysts’ decisionsupport tool using artificial intelligence

set out to construct such a tool. Fortunately, they had access to intelligence analysts and the support of two key defence organizations. “The project benefitted from significant time and effort from expert intelligence analysts from Dstl [the Defence Science and Technology Laboratory] and ARL, and we received valuable advice from NATO experts,” Toniolo adds.

It’s a little bit like a more sophisticated version of the wall full of photographs and notes crisscrossed by lengths of string in various hues that you see in ‘whodunnit’ films. Except that CISpaces can only handle text, no images. “That’s because intelligence reports tend to be in textual format,” Toniolo explains.

CISpaces combines an array of AI methods such as argumentation theory (the interdisciplinary study of how conclusions can be supported or undermined by premises through logical reasoning), crowdsourced Bayesian analysis (a method of statistical inference in which Bayes’ theorem is used to update the probability for a hypothesis as more evidence or information becomes available) and provenance recording (understanding the process by which a result is generated).

HELP FROM THE ANCIENT GREEKS

The method allows for each hypothesis to be evaluated and given a score. “We based our work on theories of philosophy that date back to the Ancient Greeks,” Toniolo laughs. “We had to think about how people construct pros and cons. We were also interested in how people reason.”

The system tries to mitigate human bias and helps decide whether a chosen expert is really the person you’re looking for in a particular field. “There’s no point talking to a car expert when what you’re interested in is trains,” she says.

NATO’s Phoenix Alliance Ground Surveillance system has already begun adding to the huge volumes of data NATO collects (PHOTO: NCI Agency)

The CISpaces developers received support from NATO experts (PHOTO: NCI Agency)

Toniolo says they combined two approaches. “The first was to analyse graphs, looking at the connections and evaluating conclusions. The second was to find the patterns of argumentation.” And then when premises and a conclusion are suggested, “we then asked questions to challenge those premises”.

The three key challenges the team faced were how to record the information, how to know which sources to trust and how to collect the information from crowdsourcing. The first version of the tool was ready in 2016, but the team was able to develop a second more recent version known as CISpaces.org with funding from the UK Ministry of Defence’s Dstl Defence Accelerator. “The system is still at the prototype level, at Technical Readiness Level 3,” Toniolo says. This second version focuses on using natural language processing algorithms to extract factual claims from open information sources such as Twitter and Facebook. This second version has been made available and there is further interest for the AI technologies underpinning CISpaces.

HUMAN-MACHINE COLLABORATION

In their paper Human-Machine Collaboration in Intelligence Analysis: An Expert Evaluation, the CISpaces developers explain that intelligence analysts agreed that “the AI methods implemented in CISpaces are useful in improving their daily activities, in particular thanks to the perceived improved utility of the outputs CISpaces generates”. Analysts also suggested that CISpaces has potential particularly for collaborative and complex analysis, training novice analysts and to maintain an audit trail of the formation and selection of hypotheses. In addition, evaluation of the tool has demonstrated the potential impact that such a tool can have on the process of understanding complex situations, and on how it can help focus human effort on identifying more credible interpretation of evidence.

The evaluation in the paper also highlights some drawbacks with the tool but goes on to explain “these are not due to the technologies underpinning the tool, but rather its lack of integration with existing organizational standards regarding input and output formats”.

A DAY IN THE LIFE OF… MIKLOS KALI-KISS

Recent recipient of the ‘Outstanding Individual Performance’ award, for his work on the COVID-19 and NATO Command Structure Adaptation Task Forces, Miklos Kali-Kiss tells Zainab Hashiru how he ended up working for the NCI Agency, what his job entails and the importance of his role

Like many organizations in 2020, the NCI Agency was faced with managing the COVID-19 pandemic and its organizational response to the crisis. In line with NATO Command Structure guidelines, the Agency got to work establishing its COVID-19 Crisis Management process and task force. Miklos Kali-Kiss, or Miki, a Hungarian national who has worked for the NCI Agency since 2017, was part of setting up this process.

“As the only other member of the Crisis Management and Business Continuity team with me in our first year, Miki played a crucial role in developing the team identity and the processes on which to base the Agency’s crisis management concept and business continuity practices,” says Peter Chapman, Head of Crisis Management and Business Continuity

As the son of two diplomats, his unique upbringing gave him the opportunity to learn how to adapt quickly to new environments and how to effectively make connections easily – skills he currently employs in his role as the Agency’s Crisis Management and Business Continuity Coordinator.

While completing his master’s in political science with a focus on International Organizations at Leiden University, Miki joined the Agency as an intern in the then Chief Strategy Office, which combined Communications and Stakeholder Engagements. His various roles since then have involved liaising with NATO and the Member States to identify opportunities for the Agency to evolve and presenting these opportunities to the Executive Office.

What does your current work entail?

It varies on a day-to-day basis but the Crisis Management and Business Continuity (CMBC) office is managing several working groups that coordinate work across the Agency, reaching from the Executive Office to the other Business Areas, CIS

Support Units (CSUs) and other NCI Agency organizational elements and NATO Headquarters. I work with them and provide a coordinating function with whoever is leading those groups. I provide support, write readouts from the meetings, make sure the agendas are coordinated and have the appropriate working-level discussions before heading into those meetings. In some respects, it’s administrative support but it is also much more than that.

Our office also deals with assessments of policy documents and forward planning. For example, I still do some work on the NATO Command Structure Adaptation (NCS Adaptation) and the subsequent work strands that came out of it such as the NATO Warfighting Capstone Concept and the Concept of Deterrence and Defence in the Euro-Atlantic Area. The latter is a whole body of work that encompasses all the current adaptation that’s happening around NATO. Our role is to assess all of those for their impacts on the Agency. So, we look at how that impacts the Agency’s support requirements, our decision-making structures and the processes that need to be in place to support the full NATO Agenda.

You were recently awarded a Merit award for ‘Outstanding Individual Performance’ on the recommendation of the Head of CMBC. Can you tell us more?

Yes, I was! It’s great to be awarded and I’m thrilled about the recognition, but all of this is made possible because I’ve been able to work with really exceptional teams and individuals. Being able to perform and be recognized for this award also relies on the connections that have been built and good working relationships that we’ve established with so many people across the Agency. To that end, I think being able to advance business continuity and crisis management in this organization is not the result of a single entity or a single office. It’s the result of a collaborative effort at all levels and I think that’s important to recognize.

Which of the projects you’ve worked contributed to you getting this award?

As part of my Stakeholder Engagement duties, I was assigned the portfolio of the NCS Adaptation work, which is a broader adaptation work around the command structure in NATO and how the Agency is meant to support that. As part of this, we were tasked with developing the Agency’s Crisis Management Concept of Operations, which initially focused on elements of CIS support but later became a Crisis Management Concepts of Operations in terms of our overall processes as an Agency. In the meantime, COVID-19 hit and I was tasked alongside the Executive Officer of the Chief of Staff to start up the Agency’s Crisis Management process. That meant establishing the COVID-19 Crisis Coordination Group, which became the working-level coordination group for handling the practical elements of the pandemic. Our role focused on staff health and safety including how to manage the health of staff, when to send people home, how to deal with vaccination information and how to deal with policies across the different locations to make sure that everybody is kept safe. We also established the COVID-19 Crisis Management Task Force which was the executivelevel decision-making body.

Why is your work important to the Agency?

This is a role that combines both the outward facing interactions, and understanding of what is going on in the wider NATO structure. We translate that into the tangible actions and requirements that need to happen within the Agency in order for us to support the larger work that’s happening outside the Agency. Our office doesn’t necessarily need to get into the nittygritty about how something is done. We rely on subject matter experts for that, which is why we have specific task forces and coordination groups to enable this type of work. Providing a coordinating function and a

management/oversight function is important, but that of course doesn’t take away from the work that is being done by the subject matter and technical experts at the operational and technical level.

How does your work, and the work of your team, support the Agency’s strategic goals?

I think our office is actually one of the first instances of the Agency starting to work in a different way. This office was established as a result of the ongoing changes happening in NATO, which is why it has this hybrid role where it looks both outwards and inwards to translate strategic concepts and strategic directions from NATO Command and HQ into tangible actions within the Agency. My role – and the role of our office – is to ensure that over the next couple years much of the work we currently do will become business as usual in the Business Areas.

If we do our work well over the next couple years, all of these processes that we’ve established, the documents we have written, the business continuity plans and the crisis management procedures should all be integrated into the day-to-day business of each organizational element. When we do business intake for example, we should automatically be looking at business continuity. When we look at operational support planning, we should immediately be looking to integrate resiliency and alternate contingency measures to ensure continuity of services if our primary solutions fail. I see the longer-term mission of our office transforming over the next couple of years as these considerations become increasingly ingrained in the way the Agency does business. This would mean focusing on broader, strategic-level issues that affect how the Agency supports crisis management NATO-wide, internally, and how continuity of services and core business functions can be ensured. All this would depend on the strategic direction of the Alliance, and the development of the Agency as a whole in the medium to long term.

FIVE WAYS TO REMAIN AT THE FOREFRONT OF TECHNOLOGY

Dr Ilana Wisby, CEO of Oxford Quantum Circuits, explores the importance of innovation and reveals how she and her team have created the necessary culture and ecosystem for it to thrive.

Simon Michell reports

Dr Ilana Wisby is CEO of one of Europe’s premier quantum computer companies, Oxford Quantum Circuits (OQC), which she helped set up with Oxford scientist Dr Peter Leek in 2017. Dr Leek created the intellectual property that underpins the company – an innovation in superconducting 3D qubits. This breakthrough will help make quantum computing scaleable and put it in the hands of a far greater section of society sooner than could have been expected just a few years ago.

OQC has set its sights very high. “Our mission is to put quantum computing in the hands of humanity to solve some of the world’s most intractable problems,” says Wisby. The past few years have witnessed some incredibly challenging financial crises, natural disasters and health emergencies that seem to be the shape of things to come, and this explains Wisby’s intention to provide access to quantum computers as quickly as possible. Innovation and the culture that drives innovation is essential for this mission. But the ability to foster innovation is elusive and requires a deep-seated cultural change combined with a wide diversity of talent. So, how does OQC engender the innovation it needs to stay at the forefront of technology?

“While I am a quantum physicist by training, I am very much focused on building high-performance elite teams and cultures, because these high-performance teams, especially the ones that enjoy high levels of

OQC’s

–ADOPTING AN INNOVATIVE CULTURE

psychological safety, can inspire the quality of innovation that is fundamental to our success,” she says. Furthermore, inspiring innovation is, according to Wisby, a culture that embraces and drives change. It is not afraid to be wrong and make mistakes. It is not afraid to be pioneering, to go first, and to be vocal in putting forward opinions and ideas. Nor is it afraid to be proactive and self-starting from its core. It is teams with these characteristics that are working to bring quantum computing to the masses via innovations such as Quantum Compute as a Service (QCaaS).

However, Wisby concedes it is not easy creating an environment where people feel comfortable being wrong. So, you need to create an environment where mistakes are celebrated. OQC has instituted a way to do this on Thursdays, where the team gathers together to reveal their errors and see what lessons can be learned from them. Another feature, which is often challenging for some audiences to grasp, is the company value to cultivate love. “That means that everything we do comes from a place of love and should be received from a place of love. This is all about deep-rooted camaraderie – we win together, we lose together. It is also about doing the right thing even if that is the more difficult thing to do, and, of course, providing feedback continuously, which people recognize as coming from a place of love, is essential. To achieve this there needs to be a high level of humility, and therefore we have a very high focus on emotional intelligence as opposed to just intellectual prowess.”

although some barriers have been breached there is still much more that needs to be done. This is reinforced by a core belief that the technology that we build today for the future reflects the people who are building it. At the moment, she is certain that there is underrepresentation among many groups, races and genders that needs to be evened out if we are to avoid repeating mistakes.

OQC’S QUANTUM COMPUTE CUSTOMERS

Fortunately, the sorts of organizations that OQC helps innovate are deeply involved in some of the world’s most intractable challenges –financial organizations, medical teaching facilities, pharmaceutical companies and national governments. These organizations have a pressing requirement to test and develop algorithms to improve their outputs in areas such as molecular simulation and data optimization.

At the moment, one route to access OQC’s quantum computers is via the cloud through Amazon Web Services on its Braket platform. This works well, but Wisby is clear that a world with seamless quantum compute needs further innovation and rapid development. For her, the next step on the quantum journey is bringing quantum computers to organizations’ secure and integrated data endpoints. That is why OQC has partnered with one of the world’s largest data centre providers, Cyxtera, which has data centres across the globe. By bringing OQC’s quantum computers to the data centres, OQC will unleash the power of algorithms on customer data sets where they are located and where their classic computer infrastructure also resides. This combination of classic computer capability and quantum computers collocated with the data will enable the types of hybrid algorithmic activity that Wisby sees as the future of the industry.

Follow all our channels to get to know more about the NCI Agency