NITECH: NATO Innovation and Technology – Issue 1, May 2019

Page 1


NATO Innovation and Technology

NITECH NATO Innovation and Technology NCI Agency and the Digital Endeavour

Defending NATO’s Digital Networks


IT Innovation

NATO and the High North

| MAY 2019

ISSUE 1 | MAY 2019

• •

• • •

• • • •

• • • •

• • • •

• •


• • • •

ThalesRaytheonSystems provides Europe’s firstever Integrated Air and Ballistic Missile Defence Command and Control System.

ThalesRaytheonSystems’ unique international experience, working in concert with an industrial network from NATO 15 Nations, makes it a key solutions provider to lead NATO’s evolving Air C2 efforts and to expand the BMD programme to include the entire European territory.

• • •

• •

BlackBerry Limited. Limited.Trademarks, Trademarks,including includingbut butnot notlimited limitedtotoBLACKBERRY, BLACKBERRY, BBM, BES, EMBLEM Design, ATHOC and SECUSMART trademarks or registered ©2019 BlackBerry BBM, BES, EMBLEM Design, ATHOC and SECUSMART areare thethe trademarks or registered trademarks of liates, used under license, and thethe exclusive rights to such trademarks areare expressly reserved. All other trademarks are are of BlackBerry BlackBerryLimited, Limited,its itssubsidiaries subsidiariesand/or and/oraffi affiliates, used under license, and exclusive rights to such trademarks expressly reserved. All other trademarks the property Inc., registered in in thethe U.S. and other countries. Android is aistrademark of Google Inc. Inc. The The Android property of of their their respective respectiveowners. owners.iPad iPadand andiPhone iPhoneare aretrademarks trademarksofofApple, Apple, Inc., registered U.S. and other countries. Android a trademark of Google Android robot is reproduced or modifi ed from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Windows is a reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Windows is a registered trademark countries. BlackBerry is a of Research In Motion Limited. trademark of ofMicrosoft MicrosoftCorporation Corporationininthe theUnited UnitedStates Statesand andother other countries. BlackBerry istrademark a trademark of Research In Motion Limited.

NITECH NATO Innovation and Technology

ISSUE 1 | MAY 2019

Editors Adelina Campos de Carvalho, Simon Michell Project Managers Michal Olejarnik, Raimonds Bricis, Andrew Howard Editorial Director Barry Davies Art direction and layout Robert Talenti, Dorena Timm, Andre van Herk, J-P Stanway

Printed by Pensord Press Limited Images: unless otherwise stated all images have been sourced from Getty Images

Published by

Chantry House, Suite 10a High Street, Billericay, Essex CM12 9BQ United Kingdom Tel: +44 (0) 1277 655100

On behalf of the NATO Communications and Information (NCI) Agency Boulevard Leopold III, 1110 Brussels, Belgium

Š 2019. The views and opinions, expressed by independent (non-NATO) authors, contributors and commentators in this publication, are provided in their personal capacities and are their sole responsibility. Publication thereof, does not imply that they represent the views or opinions of the NCI Agency, NATO or Global Media Partners (GMP) and must neither be regarded as constituting advice on any matter whatsoever, nor be interpreted as such. References in this publication to any company or organization, as well as their products and services, do not constitute or imply any direct or indirect endorsement, recommendation or preference by the NCI Agency, NATO or GMP. Furthermore, the reproduction of advertisements in this publication does not in any way imply endorsement by the NCI Agency, NATO or GMP of products or services referred to therein.

S:390 mm

Partnering with European industry to create security and prosperity. Innovation can’t happen without collaboration. Understanding the problems you face, comes first. You talk. We listen. That’s how we approach each project and work with customers to build the technology and capabilities they need for every challenge they face. We don’t offer a one-size-fits-all approach. We offer partnership. For more information, visit

©2019 Lockheed Martin

S:390 mm

S:267 mm


Contents Forewords 15


Kevin J. Scheid

NCI Agency General Manager

Camille Grand NATO Assistant Secretary General, Defence Investment


Adelina Campos de Carvalho and Simon Michell Editors, NITECH – NATO Innovation and Technology

NATO and the High North 26 NITEC19 – NATO and the High North: Technology Ultramarathon 31

Maintaining peace and stability in the High North

34 Maritime operations 38

Using Big Data to improve situational awareness and decision-making

42 AGS: Enhancing UAV operations 45 Improving communications through innovative partnerships 8

48 Dual-use technology


The NCI Agency and the Digital Endeavour 52 Building, expanding and securing a 21st-century digital architecture 56 How projects enhance capability 59 Upcoming business opportunities to modernize NATO 62 Polaris: transforming NATO’s digital presence 68 Improving decision-making with Joint Intelligence, Reconnaissance and Surveillance 72

Air and Missile Defence


Education and training



Defending NATO’s Digital Networks 81

Cyber crime: who, what, why, how?

84 NCI Agency’s collective approach to cybersecurity 90 Developing network assurance 93

Information assurance partnerships

IT Innovation 96 High North: an academic and not-for-profit perspective 99 STEM graduate opportunities in the High North 102 Disruptive students 104 Engaging small and mediumsized enterprises


Partner for NATO. Service Provider for IT Modernization. Bechtle AG. A leading B2B IT provider, Bechtle has some 70 systems integrators in Germany, Austria and Switzerland, as well as e-commerce subsidiaries across Europe – a blend of IT sales and services that is truly unique at this scale. First established in 1983, Bechtle has been on an upwards trajectory ever since. Over 70,000 customers from diverse businesses within the industrial, service and public sectors rely on the expertise of Bechtle’s employees and the combined strength of the Bechtle Group. More than 10,000 people are committed to writing Bechtle’s success story every day. Bechtle has been listed on the stock exchange since 2000 and is listed on the MDAX and TecDAX indexes. In 2018, the group generated revenues of around 4.3 billion euros.

GBS TEMPEST & Service GmbH. Based in Diepholz, Lower Saxony, Germany, GBS owns and operates three in-house emanations test laboratories recognized by the German Federal Office for Information Security (BSI). GBS is authorized to perform certification measurements and short-measurement procedures according to the German zoning model (national) as well as to perform certification measurements and short-measurement procedures according to SDIP 27 Level A, B and C. Furthermore, GBS has a comprehensive competence team available which consists of highly skilled TEMPEST engineers and TEMPEST technicians with many years of experience. In addition, GBS is maintaining a certified Quality Management System according to ISO 9001:2015.

SYH047619_Anzeige NCI Agent NATO_210x297_RZ.indd 1

30.04.19 16:53

Ensuring Cyber Security, Worldwide

Leonardo ensures networks and data security for a wide range of international partners and is the Cyber Defence Mission Partner for NATO. Advanced security solutions and proactive intelligence provide customers with the highest level of protection from emerging cyber threats. Inspired by the vision, curiosity and creativity of the great master inventor Leonardo is designing the technology of tomorrow. Helicopters | Aeronautics | Electronics, Defence & Security Systems | Space

ADV Full Page_CYBER.indd 1

01/04/19 12:02


NCI Agency General Manager

Kevin J. Scheid NITEC19: NATO and the High North: Technology Ultramarathon

All our industry events are special, but NITEC19, which takes place 70 years after the establishment of the world’s most enduring military alliance, NATO, is momentous. Entitled ‘NITEC19 NATO and the High North: Technology Ultramarathon’, this three day-conference considers an environmental and sustainability scope beyond pure military capabilities.



Along with our Norwegian hosts and our event partners in AFCEA Europe (Armed Forces Communications and Electronics Association), the NCI Agency is holding a ground-breaking opportunity to search together for solutions that will help enable safe and secure operations in the harsh conditions of the High North. It is also a venue to unearth innovative ideas that could facilitate commercial, scientific and environmental activities. That is why this year’s Innovation Challenge has called for novel ways to improve not just traditional defence-related capabilities, but also solutions to the many technological challenges faced by all in the High North. Conferences such as NITEC also give us a chance to reflect on what we have accomplished with help from industry.

Having taken over as General Manager of the NCI Agency in the summer of 2017, my strategy and plans to modernize the organization are well under way. We have a responsibility to continually re-examine every

However, the opportunities for industry go beyond this IT modernization effort. With a budget of US$1 billion, the NCI Agency is NATO’s technology and cyber leader, with the responsibility for developing, maintaining

Conferences such as NITEC give us a chance to reflect on what we have accomplished with help from industry. aspect of the Alliance’s technology environment to future-proof NATO’s operations. I call this work NATO’s digital endeavour.

and securing the networks that enable NATO military operations across the four domains of land, sea, air and cyberspace.

A major part of this effort is our programme to upgrade NATO’s IT systems and infrastructure, now known as Polaris. That programme has been launched and initial contracts awarded. There is, however, still much to be done, which is why events like NITEC are so important. Polaris is one of the Agency’s flagship initiatives. It is part of our wider efforts to bring the right technology to NATO, in support of its digital transformation.

The systems we deliver enable critical work such as data collection, missile defence and air command and control. Not surprisingly, with such a vast programme of responsibility we are dependent on a broad spectrum of industry, academic and not-for-profit partners, who support our programmes with their expertise. NITEC, therefore, is a great opportunity for all our stakeholders to network with each other, refresh old acquaintances and build new relationships.

Polaris will deliver a wide range of benefits to IT administrators, enabling centralized management and control. And it will increase the availability of services for our users, strengthen NATO-wide resilience, enhance information security and increase the mobility and agility of the workforce.

The purpose of this new and exciting magazine is to help the NCI Agency explain its role to as wide a circle as possible, so that we can highlight the opportunities on offer for those who want to do business with us or work for us. And for those of you reading this who missed NITEC this year, stay tuned for 2020. But don’t wait until next year to get to know us, or propose solutions to our challenges. We need your help to bring technology to bear for the benefit, security and safety of the Alliance, all its members and a population of nearly one billion people.







FLY leading

independent supplier of cutting edge defence and space technologies. We deliver strategic advantages in a rapidly changing environment – thanks to a network of connected smart assets. From military aircraft, satellites and unmanned systems to services such as cybersecurity, geointelligence and secure communications we’ve been serving governments across the globe for over fifty years. Security. We make it fly.

14043_AIR_D&S Generic_297x210_NITECConfProg_1.0.indd 1

23/04/2019 15:42


NATO Assistant Secretary General, Defence Investment

Camille Grand Close partnership with the NCI Agency


When I took over the Defence Investment Division in October 2016, I was immediately impressed by the highly skilled, dedicated and capable team driving forward the Divisional mission on behalf of the Alliance. In brief, that mission is to facilitate and coordinate the delivery of interoperable capabilities to Allied Forces in support of Alliance operations and the core missions of collective defence, crisis management and cooperative security. We achieve this by developing relevant, coordinated and informed policies with the nations, which in turn drive the delivery of collective, multinational and national capability programmes. Accordingly, we work very closely with all the NATO agencies, including the NATO Support and Procurement Agency and, of course, the NATO Communications and Information Agency (NCI Agency).

Due to the breadth of capabilities available to the Alliance, our work spans a very broad remit with a focus that ranges from Integrated Air and Missile Defence (IAMD) to contributing to developments in a multitude of other armaments and aerospace capabilities. IAMD itself, encompasses a wide field of technologies as it is based on two major programmes, both delivered by the NCI Agency – Air C2 (Air Command and Control) and BMD C2 (Ballistic Missile Defence Command and Control). As such, it underpins NATO’s Deterrence and Defence agenda. I am thrilled to confirm that we are entering the final phase of the Alliance Ground Surveillance acquisition programme. This represents a major capability boost for the Alliance and is one of the many state-of-the-art

Protector RG Mk1

MULTI-ROLE SINGLE SOLUTION The world’s first certifiable Remotely Piloted Air System The RAF’s Protector RG Mk1 is based on the new generation MQ-9B SkyGuardian. With a flight endurance of over 40 hours and a payload capacity (sensors and weapons) of 2,177 kg (4,800 lb) Protector provides a flexible multi-role capability. Protector will be controlled remotely over satellite communications including taxiing and initiating automatic take-off and landing. This feature eliminates the need for deployed flight crews at forward operating bases, only requiring a light footprint of personnel and equipment to service the aircraft. ©2019 GENERAL ATOMICS AERONAUTICAL SYSTEMS, INC.

1904_GA-ASI_NATO NITEC19_P02959_Print.indd 1

Leading The Situational Awareness Revolution

4/26/19 10:07 AM


programmes we are delivering in tandem with our colleagues in the NCI Agency. The Division’s support to enhancing NATO’s strategic anticipation and situational awareness is central to the effort of the cross-cutting team, which is scoping out options for the replacement of the E-3 AWACS aircraft after they are withdrawn in 2035. This project, known as Alliance Future Surveillance and Control, is likely to be one of the Alliance’s largest programmes and comprises an enhanced, integrated system of systems. While 2035 might seem far in the distance, for a capability programme of this scale, we need to focus and make decisions today to ensure NATO retains its technological superiority in the future.


As well as these armaments domains, the Division’s responsibilities also encompass the NATO HQ C3 (Command, Control and Consultation) staff, which is unique in being the only fully integrated body reporting to both international civilian and military staff. This committed team drives the agenda for the Alliance C3 strategy and enterprise approach, in close coordination with their expert NCI Agency counterparts. A great example of this solid cooperation is the ongoing work in delivering modern, secure tactical communications to Ukraine, as well as sharing

NATO information and knowledge as part of the Comprehensive Assistance Package, a project closely supported with political and technical advice from the Division and executed by the NCI Agency. As we focus efforts on delivering programmes, we are working to enable greater multinational cooperation and generally setting the conditions to achieve capability targets and accelerate development and delivery. For me, genuine commitment and investment in this strategy is critical to NATO’s future success on operations and improved support to the core missions. Buying better, together, will, by default, also improve our interoperability – vital for our soldiers, sailors and airmen and women. One final programme I will mention is the new NATO Headquarters, for which I remain the Senior Responsible Owner. The Headquarters Programme Office/Transition Office team have quickly shifted focus from the move to the new HQ to the Partners’ move to Batiment Z, working closely with their trusted NCI Agency colleagues again to deliver the network infrastructure. As you will have realized from this long list of projects and activities, the Defence Investment Division is the closest partner of the NCI Agency in NATO HQ.

MARITIME ROLE-FIT OPTION The world’s first certifiable Remotely Piloted Air System Protector RG Mk1, based on the new generation MQ-9B SkyGuardian, will be certified by the UK Military Aviation Authority (MAA) and operated in non-segregated civilian and international airspace. A maritime role-fit option is available to provide long range, persistent wide area maritime surveillance in areas such as surface surveillance, submarine hunting, search and rescue and patrolling the exclusive economic zone. Š2019 GENERAL ATOMICS AERONAUTICAL SYSTEMS, INC.

1904_GA-ASI_NATO NITEC19_P02959_Print.indd 2

Leading The Situational Awareness Revolution

4/26/19 8:44 AM


As Europe’s most flexible, proven and trusted swing-role fighter aircraft, Eurofighter offers Finland total capability across any mission, in any environment. Find out more: @BAES_Finland



Editor – NATO Communications and Information Agency

Adelina Campos de Carvalho Editor – Global Media Partners

Simon Michell NITECH – Dedicated to NATO Innovation and Technology Welcome to NITECH – a new publication dedicated to NATO Innovation and Technology, produced by the NATO Communications and Information Agency (NCI Agency) in partnership with Global Media Partners (GMP). As NATO relies on the ingenuity of Allied industries to propel the Alliance into the future, this magazine is being launched at our biggest industry forum: NITEC19: NATO and the High North – Technology Ultramarathon. Our thanks, therefore, must go to the Norwegian Ministry of Defence for hosting this flagship event and to the Norwegian Prime Minister, Erna Solberg, for her contribution to this publication. We would also like to extend our gratitude to Ólafur Ragnar Grímsson, Chairman of the Arctic Circle and former President of Iceland, for his insightful review of the challenges faced by the High North, also published in this issue, and to Camille Grand, Assistant Secretary General for Defence Investment, for sharing his perspective on NATO technology procurement.

This annual exhibition and conference is a key platform for industry to learn about NATO’s activities, priorities and requirements, as well as an invaluable forum to network with NCI Agency executives and programme leaders. It is a world-class showcase for innovation and technical excellence. The winners of this year’s Innovation Challenge – a team formed of representatives from the US Naval Postgraduate School (NPS) and the Norwegian Defence Research Establishment (FFI) – are a prime example of NITEC’s ability to attract and promote the world’s leading innovators in the defence sector. However, NITEC19 is not just about defence innovation. With the world in general, and the High North, in particular, facing enormous environmental challenges, this three-day event is also a platform to highlight and investigate dual-use technologies that can help the nations of the High North with regard to sustainability and conservation.



NITECH AIMS AND VISION This new magazine, NITECH, aims to promote the tremendous effort that the NCI Agency puts into supporting and encouraging the partnership between the tech industry, the Agency, the wider NATO Alliance and its Member States and Partners. It is also an opportunity for us to highlight the NCI Agency’s wider effort to continually push the boundaries of innovation and maintain an enduring technological edge. As such, this brand-new publication is intended to highlight the opportunities for industry that exist as a result of the numerous technology programmes that the NCI Agency leads on behalf of the Alliance and its nations. These programmes not only cover world-beating technologies in the realms of C4ISR (command, control, communications, computers, intelligence, surveillance and reconnaissance) and cyber, but also the IT architectures and systems that underpin not just the major defence programmes, but the totality of NATO’s day-to-day activities.


As the NCI Agency guides NATO through its digital transformation, industry, particularly the IT sector, has a great opportunity to participate in what NCI Agency General Manager Kevin J. Scheid refers to as its ‘Digital Endeavour’. Here, the tech community has a special role to play in helping the world’s most successful military alliance adopt the digital norms of the very best of the commercial world. This is the ultimate goal of the IT Modernization programme, which has been expanded in scope and given the catch-all

title of Project Polaris. It represents not just a digital transformation for the Alliance, but also an opportunity for the NCI Agency to expand its ecosystem of partners, associates and co-innovators. For industry, it is a chance to shine by demonstrating the art of the possible. Polaris is, of course, not the only programme that the NCI Agency is leading. The ongoing development of the Air Command and Control System into an Integrated Air and Missile Defence System continues to progress towards the aspiration of protecting NATO airspace. The Alliance Ground Surveillance programme also exemplifies how the NCI Agency is developing capabilities that will offer Allied commanders increased situational awareness and enhanced decision-making opportunities. Of course, equipment and systems are useless by themselves. They have to be operated by people with the required competence and experience. The new NCI Academy in Oeiras, Portugal, which is featured in this publication, will be key to developing NATO’s and the nations’ workforce with the right skills at the right time. We hope you enjoy this publication and that it becomes a useful tool for readers to stay informed about the NCI Agency’s programmes, people and priorities, and how the community of partners within the ‘ecosystem’ can help create a more secure future for the entire Alliance. The next edition of NITECH will be published in October 2019 to coincide with our annual information assurance symposium in Mons, Belgium – NIAS.

Innovative Research Powering Tomorrow’s Autonomy Learn more at

ŠLeidos. All rights reserved.


NITEC19 brings together some of the world’s greatest innovators to share their ideas and network with decisionmakers from NATO and its Member States. Jenny Beechener talks to Rasa Pangone, Senior Officer Industry Relations at the NCI Agency, and Erich Staudacher, General Manager of AFCEA Europe, to show how the event will strengthen and grow the Alliance’s technology ecosystem

NITEC is the annual flagship conference organized by the NATO Communications and Information (NCI) Agency, taking place from 20-22 May 2019 in cooperation with the Norwegian Ministry of Defence. This year, NITEC19 tackles the challenges presented by the High North’s extreme climate and limited communications infrastructure to explore opportunities provided by the latest industrial technology. Members of the Alliance rely on close cooperation with industry partners to develop technological solutions suited to this demanding environment and capable of supporting the principal mission of safeguarding peace and stability throughout the region.


Hosting the event in partnership with AFCEA TechNet International, the NCI Agency brings together NATO decision-makers with technology leaders in communications and information technology to discuss at a strategic level the challenges, solutions and opportunities for collaboration. Following closely on the heels of the Trident Juncture 2018 exercise, NITEC19 builds on the success of the joint exercise carried out in October last year to demonstrate NATO’s total defence concept in response to an attack on the Alliance in the High North. Trident Juncture 2018 was an example of the Technology Ultramarathon required to operate in the most severe conditions, and


NATO and the High North Technology Ultramarathon



provides a valuable backdrop to the challenges and technology needed to work effectively in the region. The NCI Agency’s Senior Officer Industry Relations, Rasa Pangone, says communications become extracritical in the climatic conditions of the High North. Land-based connectivity is limited, signals from communication satellites operating in the geostationary earth orbit are sparse above the Arctic, and broadband coverage is poor. “A lot of the critical infrastructure does not function in the High North because of the unique atmospheric conditions. The NCI Agency is interested in new technologies,

“We are there to present what we need, but we are also there to listen,” says Pangone. “We can learn from companies that already operate in this harsh environment.” New content first appears during the first panel on the opening day, and remains a recurring theme throughout the event. AFCEA is pursuing similar objectives and is expanding its reach to reflect more diverse and disruptive technologies within its membership. Traditionally focused on communications, command and control, computers, intelligence, surveillance and reconnaissance (C4ISR) for defence

“A lot of the critical infrastructure does not function in the High North because of the unique atmospheric conditions. as well as new ways of applying existing technologies. Defence is complex and is not solved using just one technology,” she explains. The NCI Agency has responded by expanding industry participation to include representatives from a broader range of actors. NITEC19 features speakers from energy companies, fisheries and logistics for the first time – all of which face the same challenges when operating in the Polar region. These industries rely on communications and connectivity for their businesses to be effective, and they have encouraged development of a range of new technologies, many of which can be transferred to the defence sector as dual-use technologies.


and security applications, the association is increasingly looking to address NATO’s digital needs. Membership now extends beyond the information technology sector to include communications, transport, maritime and space industry capabilities. AFCEA’s European General Manager, Major General Erich Staudacher, says traditional users of defence and security technology are sourcing digital capabilities from completely different sectors. “We are learning from new business models and ideas in companies like Apple, Amazon and Google, that are big in the civil sector,” says Major General Staudacher. “Our membership reflects this shift towards non-traditional partners.

An important source of new ideas stems from the NCI Agency’s annual Defence Innovation Challenge. The competition is aimed at accelerating transformational technology solutions from start-ups, small and medium-sized businesses and academia to support NATO’s C4ISR and cyber capabilities. In 2019, the challenge specifically targeted the demanding communications environment of the High North, as well as data science tools and maritime capabilities. A panel of experts selects the 10 top submissions and these winners present their technology during the plenary session of the conference. Successful candidates also secure exhibition space and media coverage during and after the event. The NCI Agency also hosts a small-business mentoring programme, which connects NCI Agency acquisition experts and managers with representatives from suppliers. Small organizations can pre-book one-to-one meetings during NITEC19 to learn about the Agency’s procurement process and acquisition practices. “Our experience shows this to be very useful,” says Rasa Pangone. “We know small businesses have much to offer when it comes to technological improvements. We also know they lack mechanisms to connect with our business


INNOVATION CHALLENGE opportunities, so we try to correct this imbalance.” The opportunity is available to any new entrants, not just small companies, and new companies not familiar with the NCI Agency’s working practice. Additional aims for the NCI Agency include encouraging collaboration between the Agency and industrial technology companies, and therefore it structures the conference around strategic sessions and tailored panel meetings. A record number of business-to-business meetings took place during the afternoon breakout sessions in 2018 – an achievement it is hoped will be repeated at NITEC19. “In addition to a number of keynote presentations, new concepts are unveiled, and new topics discussed,” says Pangone. “It is a great networking event where participants are searching for ideas and making new connections.” Promoting security and stability requires a collaborative environment. This is why the NCI Agency has created an annual platform for NATO experts to exchange best practices with the greatest minds from industry, academia and the not-for-profit sector. While this year’s edition focuses on the High North, all NITEC events are aimed at expanding this ecosystem of innovators, working together to maintain peace across the Alliance.




PARTNERING FOR INNOVATION IN MARITIME SECURITY Viale san Bartolomeo, 400 19126 La Spezia Italy

Phone: +39 0187527 1 Fax: +39 0187527 700 E-mail:


MAINTAINING PEACE AND STABILITY IN THE HIGH NORTH Erna Solberg, Prime Minister of Norway, offers her perspective on maintaining peace and stability in the High North

Credible defence and deterrence combined with predictability and dialogue is the best way to maintain peace and stability, not least in the High North. A good situational awareness of current and future challenges is also crucial to maintain a relevant alliance. The High North is marked by stability and predictability, and our top priority is to keep it that way. Our bilateral cooperation and dialogue with Russia contributes to this. At the same time, the strategic importance of the High North, both to NATO and to Russia, has again come to the forefront. Russia is strengthening its infrastructure and military presence in the region. Also, it is acting in a more assertive way, for instance by exercising mock attacks on targets in Norway and by jamming GPS signals. Norway follows these developments closely. The balance between deterrence and reassurance vis-à-vis Russia has been at the core of Norwegian security policy since the Second World War. We are enhancing our capabilities and presence in the north, while at the same time maintaining bilateral cooperation and dialogue with Russia on a number of issues, such as fisheries, search and rescue, and nuclear clean-up. We believe that NATO should also pursue a balanced approach to Russia. We can contribute to this by being NATO’s eyes and ears in the north, and by providing analysis based on our intimate knowledge of the region. NATO has come a long way in adapting to the changing security situation. Norway particularly appreciates the ongoing adaptation of the NATO command structure, which is essential to maintaining a credible military posture, especially in the maritime domain. The foundation of it all is upholding allied cohesion in the face of complex and changing challenges. Cohesion in peacetime is the key to solidarity in the event of crisis or war.




As climate change increases access to the High North, the stability of the region is at risk. Simon Michell asks Ólafur Ragnar Grímsson, Chairman of the Arctic Circle and former President of Iceland, about the threats to stability and how the Arctic Circle can help maintain peace in the High North

Climate change makes the utilization of major resources economically and technologically possible and opens up new sea routes between Asia, Europe and North America. The history of the Suez and Panama canals is a reminder that sea routes of continental importance can lead to conflicts and even wars. The interplay between climate change and the Arctic therefore involves both threats and opportunities. But the big story on climate change coming from the Arctic is the grave warning that the future of our planet is threatened as never before.


For the first time in human history, the Arctic now benefits from multidimensional cooperation and constructive engagement by not only the United States, Russia and other Arctic States, but also by all the leading countries of Europe and Asia. The evolution of the Arctic Council, and of multiple Arctic assemblies, fora, conferences and symposia organized by different entities manifests this progress. While conflicts and wars have been prominent in other parts of the world, in places such as the Middle East and Ukraine, we have succeeded in making the Arctic a model of constructive and progressive 21st-century cooperation. It is of the utmost importance to maintain this valuable state of affairs, and so far, all the Arctic States and the recent arrivals in the Arctic Circle organization from Asia and Europe have repeatedly stated their support for the continuation of a peaceful and stable Arctic.


Since the Arctic was highly militarized during the Cold War, becoming a territory where the presence of nuclear missiles, submarines and fighter jets was routine, it is no surprise that old strategic models and Cold War policy frameworks can still be frequently brought into the modern dialogue on the Arctic.

Given the vastness of the Russian Arctic, its richness in crucial resources and the huge size and energy significance of Alaska for the United States, we are bound to witness in the coming years the enhancement of these powers’ respective abilities to secure their assets. As the US Arctic diplomat, Admiral Papp, pointed out, this does not necessarily constitute a military threat to others. However, many are tempted to interpret the build-up of infrastructure and capabilities as new military advances.



In the light of recent statements by some defence analysts and media personnel, there is now some urgency in the need to create an agreed portfolio of accepted capabilities in the Arctic in order to prevent the debate from becoming too heated, and resulting in erroneous policy formulations. The Arctic – in total, almost the size of Africa – will need extensive investments in infrastructure and security capabilities, especially given its growing importance for the global economy. We need an agreed standard by which to measure what in this multi-level development is acceptable and reasonable; and when such changes enter the territory of possible military threats to others.


Since its foundation in 2013, the Arctic Circle organization has become the largest annual international gathering on the Arctic. In the Arctic Circle assemblies and forums, there have been multiple sessions dealing with security issues and strategies, as well as various security-related topics. The Arctic Circle is therefore already an established platform for extensive dialogue on Arctic security, peace and stability. The Arctic Circle has, furthermore, turned out to be a dynamic platform for presenting and examining the engagement of non-Arctic states, including China, Japan and Korea, as well as France, Germany and the United Kingdom. It has also benefited from the regular attendance of diverse US and Russian representatives. All of this has helped people better understand the role of all the prominent states which collectively shape the future of the Arctic. For more information on the Arctic Circle organization, visit 33


MARITIME OPERATIONS NATO’s pursuit of delivering credible deterrence and projecting stability beyond its borders extends to the maritime environment. Allied assets below and above the water strengthen the Alliance’s defence posture, and nowhere is this more evident than in the waters of the Arctic and the North Atlantic. Delivering reliable command, control and communications (C3) in this harsh environment is one of the biggest challenges for the Alliance. This is where the NCI Agency comes


in. A key function of the Agency is to ensure a secure and reliable C3 capability that gives NATO’s Maritime Command (MARCOM) maximum ability to control NATO maritime forces committed by the various Member States. A key enabler is satellite communications, but in the High North this becomes a major challenge, to ensure that C3 is functioning reliably. Saulius Jusevicius from the NCI Agency’s CIS Support Unit (CSU) Northwood, United Kingdom, points

out that the CSU team regularly provides support for NATO Forces in the region, particularly during exercises such as Trident Juncture 2018. The largest NATO exercise in recent years, Trident Juncture was hugely complex and took place primarily in Norway and its surrounding waters. Approximately 50,000 personnel were involved, operating 65 naval vessels including the Standing NATO Maritime Group 1 (SNMG1). Also involved were 250 aircraft and more than 10,000 vehicles. In an indication of


Harsh conditions and scarce satellite coverage in the High North make maritime operations, including those with unmanned vehicles, onerous. Iain Ballantyne reports


the growing strategic importance that Iceland may reacquire, the airfield at Keflavik was once again an important facility, acting as a base for two US Navy P-8A Poseidon maritime patrol aircraft. Having withdrawn from the base after the end of the Cold War, their reappearance is a clear indicator of a growing level of activity. “During the exercise, we provided CIS services to the Standing NATO Maritime Group 1,” says Jusevicious. “Our support ensured

that all maritime elements could communicate not only with each other, but also with the headquarters ashore. So, our services underpinned consultation and collective defence. “For instance, we supported radio services allowing ships to receive command and control information using high-frequency radio. We deployed and installed the secure maritime communications tool (SEMARCOMM+) to vessels belonging to non-NATO nations so

they could communicate with vessels from NATO nations. We enabled the provision of the Recognized Maritime Picture to Standing NATO Maritime Group 1 with MCCIS and real-time information exchange using JCHAT. “Our biggest challenge in this exercise was to ensure that all CIS services provided by the NCI Agency could communicate with other NATO units. We need good satellite connectivity for information to flow between the participants at sea and those in the air and on land. They need 24/7 access to



Admiral James G. Foggo, Commander of NATO’s Allied Joint Force Command Naples, was responsible for conducting the Trident Juncture 2018 exercise (MARIUS VÅGENES VILLANGER FORSVARET)

these services in order to obtain the best possible situational awareness in a timely manner.”

the waters around Scandinavia, which are yet to be overcome, not least the aforementioned patchy satellite coverage.


In a recent edition of the journal of NATO’s Joint Air Power Competence Centre (JAPCC), Captain William A. Perkins, US Navy, pointed out that, in terms of acoustic detection of submarines and the subsequent monitoring of their movements, sufficient bandwidth to support off board acoustic processing

When it comes to future ways of doing things in the air above the maritime domain, drones are seen as possibly offering a way of maintaining a constant watch over remote areas. Again, there are considerable challenges in


A Danish participant in Trident Juncture 2018, one of 50,000 personnel from NATO Member States that were involved in the exercise (NATO)

remains a technical challenge, but that research in this area is ongoing. Crucially, the JAPCC points out that a UAS must be able to “communicate with other systems on, above and below the surface, to effectively conduct this mission”. Today, forces active in the region must be on guard, not only against physical threats, but also cyberattacks. This is significant – as the man who led the Trident Juncture 2018 Exercise, Admiral Foggo, has suggested, cyberattacks could be a prelude to “the actual war itself” and therefore strategy and tactics to counter them must also be evolved. Not surprisingly, the NCI Agency provides cybersecurity in the maritime domain in support of High North activities as part of the MARCOM headquarters cyberspace security/defence cell, Task Force and working group during exercises and operations. However, MARCOM feels that a lot of development is still required to ensure NATO headquarters across the board possess secure data and voice communications, and that deployed units have a fully working, secure system at sea.


Rear Admiral (Ret.) Nevin Carr Vice President, Navy Strategic Account Executive, Leidos

architecture, developing and managing a world-class integration test-bed laboratory, and dedicated support for the many BMD tests and exercises like Steadfast Armor, Steadfast Alliance and Formidable Shield gives us an excellent grasp of NATO’s capabilities and strategy as we look to an evolving threat landscape. We are proud of our role in helping NATO achieve an effective BMD capability as its partner in systems engineering and integration.



NATO has been a very important and valued customer of Leidos since the 1990s. As an information technology, engineering, services and science solutions leader, we have worked with the Alliance and its Member States to solve the world’s toughest security and defence challenges. We are proud to have designed and built the IT infrastructure at the new NATO Headquarters through the Active Network Infrastructure (ANWI) project. Additionally, together with our international consortium of teammates, we have a long history in providing system engineering and integration expertise to NATO Ballistic Missile Defence (BMD).

Leidos has been very active in the maritime domain; we provide mission-critical maritime ISR solutions by applying oceanic physics, advanced sensors, communications, unmanned platforms and automated and autonomous systems. We are very encouraged by NATO’s reinforced maritime posture and cooperation with the signing of the Maritime Unmanned Systems Declaration. As autonomy will play a decisive role in the future of NATO, it is key for NATO Member States and their industries to collaborate and ensure interoperability, and further advance NATO as a maritime alliance. Leidos looks forward to further cooperation with NATO, NATO organisations and agencies and industry including the NATO Industrial Advisory Group (NIAG).

HOW DOES LEIDOS SUPPORT THE ALLIANCE’S BMD CAPABILITY? Given the continuously evolving missile threat, the missile defence picture in Europe is becoming more complicated and will require additional resources in the coming years to ensure the same level of security that NATO has enjoyed over the past four decades. Leidos’ experience with the NATO BMD


navigate from San Diego to Hawaii and back without any crew members, except very-short-duration boardings by personnel from an escort vessel to check electrical and propulsion systems. This historic achievement is part of an extended test phase with the US Office of Naval Research (ONR), which has been ongoing since the end of 2016. A second Sea Hunter platform will be constructed using lessons learned from the original Sea Hunter. This vessel has helped the US Navy push the edge of innovation and experimentation and inform new classes of unmanned and autonomous ships.

WHAT IS LEIDOS’ VISION OF THE FUTURE? Leidos’ 32,000 employees around the globe are committed to making the world safer, healthier and more efficient. As we look to the future over the next decade and examine maturing technologies like artificial intelligence and machine learning, we see a vision of the future that is automated, intelligence-driven and rapidly adopts these new technologies. In order for NATO to continue to be the longest and most stable military alliance that has ever existed, industry, academia, NATO and its Member States need meaningful collaboration. Leidos is privileged to continue to be a trusted partner and help formulate solutions and develop the operational capabilities that will maintain the Alliance’s strategic advantage.

Leidos is a leader in unmanned, autonomous naval ship design and production. We designed and built the 132-foot-long Trimaran, Sea Hunter, which is the first autonomous, unmanned vessel to successfully





to improve situational awareness and decision-making Dr Catherine Warner, Director of NATO’s Centre for Maritime Research and Experimentation (CMRE), describes how Big Data, data fusion and AI are improving situational awareness at sea

The Centre for Maritime Research and Experimentation (CMRE), based in La Spezia, Italy, is NATO’s facility for scientific research and experimentation in the underwater domain. The Centre’s contribution to NATO’s maritime situational awareness has transformed enormously over the past decade, due in large part to advances in remotesensing systems and robotic sensor platforms, which are now delivering vast datasets of maritime surface and subsea observations. As Dr Catherine Warner, the CMRE’s Director, explains: “While the CMRE’s challenge was once to obtain enough data on the maritime environment, it is now focused on how to extract meaningful information from multiple, incoherent data sets and to deliver this in a useful format to NATO operational commanders.” To this end, the Centre’s Environmental Knowledge and Operational Effectiveness (EKOE) unit has developed a strategy to leverage this new availability of ‘Big Data’ in the ocean dimension: collecting information

available from all sources, and processing the data using stateof-the-art data fusion algorithms. As a consequence, the CMRE is now having to manipulate very large data sets, which puts stress on its existing IT capabilities in terms of network bandwidth, computing power and storage capability. Although the computational size of the task has been reduced by combining scientific knowhow with artificial intelligence (AI) approaches, the situation nevertheless illustrates how an explosion in available data can drive a substantial requirement for more IT infrastructure and advanced data-processing skills.


While data fusion now seems to be a ubiquitous IT challenge, the underwater domain presents network communications challenges all of its own. Under water, no one can read your tweets – or at least not by the means of electromagnetic



› Two Wave Gliders, used by CMRE within the anti-submarine warfare (ASW) programme, on board NRV Alliance transmission with which we are familiar above the surface. The radio frequency message simply dissipates in the water. So, wireless underwater communication relies on acoustic transmission, not radio, and that means data speeds and bandwidth are orders of magnitude lower than even the slowest radio communications. To help address this shortcoming, the CMRE has developed the first interoperable protocol for digital underwater transmission, called ‘JANUS’, which has now become a NATO Standard (STANAG 4748) and is openly available for download. Dr Warner notes that many contractors – such as Thales, Wärtsilä, EvoLogics and Teledyne Marine – have their own proprietary acoustic modems that cannot necessarily talk to each other. Using JANUS, all these modems can communicate without having to make any technical changes to the proprietary hardware itself. This means that systems from different suppliers can be integrated more easily, opening up solutions, competition and opportunities.


The digital nature of the acoustic transmissions also improves the quality of communications

massively. Dr Warner describes an exercise with a system, dubbed ‘Wetsapp’, that used JANUS. “Traditionally, submarines rely on an analogue ‘underwater telephone’ in emergency situations, and this can be very garbled and difficult to hear,” she explains. In this trial, ‘Wetsapp’ allowed rescuers to effectively text and chat with the ‘distressed boat’. Equipment supplier Wärtsilä has already started implementing the JANUS standard in its Underwater Telephone system. Another challenge is with data transmission – usually by satellite – from the ocean surface to computer centres, where it is processed. Situations exist where communication by radio technologies becomes difficult, as in the High North, where coverage from geostationary satellites becomes marginal. In summer 2018, the NATO Research Vessel Alliance travelled to 82 degrees north (a record for the CMRE) and found that older systems, such as VSAT, could not connect reliably with the lab in La Spezia due to the oblique angle of transmissions to satellites. As climate change reduces the Arctic sea ice and more

commercial and military vessels operate in the High North, there will be increased demand for data relay stations or even new satellites.

MITIGATING THE CHALLENGES In response to the many challenges of Big Data collection, transmission, processing and storage, the CMRE is developing new approaches to overcome limitations on bandwidth and speed. One is to embed advanced computing modules such as Graphics Processing Units (GPUs) or Field Programmable Gate Arrays (FPGAs) in deployed sensors and Autonomous Underwater Vehicles (AUVs) to bring computation very close to where the data is collected, thereby reducing the load on the communications channels. Both in terms of navigation and analysis of sensor data, autonomy reduces the amount of data that an underwater vehicle needs to send back to the surface, so path-finding, machine-learning, AI in general – implemented at the local, platform level – all contribute to faster communication and, by extension, to improved situational awareness for NATO commanders at sea.


Patrice Caine Chairman and CEO, Thales

HOW LONG HAS THALES BEEN WORKING WITH NATO? Thales has worked closely with the Alliance since the early 1950s and we are honoured to be a NATO trusted contributor. We provide the Alliance and its Member States and partner nations with communication, surveillance and command and control systems. In remote theatres of operations, such as in Afghanistan, NATO relies on Thales experts to install and operate secure, highly resilient communication networks. Twenty years ago we also set up a joint venture with Raytheon, to provide NATO with a single, integrated Air Command and Control System (ACCS) to manage NATO air operations and ballistic missile threats within the Euro-Atlantic area.

HOW DOES THALES INNOVATE TO MEET THE CURRENT AND FUTURE NEEDS OF DEFENCE PLAYERS? Innovation is at the heart of Thales’ DNA. We employ over 25,000 researchers and engineers and we currently invest €3 billion per year in R&D. In fact, we intend to increase this to €4 billion per year by 2021. The digital transformation is radically transforming all the markets in which we operate. It is an accelerator to

all our teams, who are developing solutions that will enable our customers to make the best decisions at the decisive moment. This digital revolution relies on technologies such as Artificial Intelligence, Big Data Analytics, IoT and connectivity, and cybersecurity. We are boosting our investments in these technologies and our presence in both military and civil markets enables our customers to benefit from cutting-edge innovation, wherever the technologies may have first developed. In all the countries in which Thales operates, we seek to establish partnerships within innovation ecosystems. This includes partnerships with academic institutions, innovative companies (including start-ups) and, of course, our customers. Internally, too, we are injecting agile structures into the organization to free up even more capacity for creativity and innovation, wherever the best talents are.

WHAT CAN THALES DO TO SUPPORT ITS CUSTOMERS’ DIGITAL TRANSFORMATION? At Thales, we recognize that military digital solutions need to be designed to evolve, not just to last. Furthermore, they need to be easy to use in stressful situations, regardless of the underlying complexity of the system. And, they need to be resilient to everfluctuating communication networks. They also need to get the best from the available processing power and communication bandwidth. Today, Cloud technologies provide an amazing tool to build agile solutions that, if mastered and secured, can deliver and meet the ever-increasing needs of the military. We believe Thales has a major role to play as a trusted partner on all security aspects of Cloud technologies. We work with multiple Cloud providers and have established strong partnerships in the domain.

CAN THALES DERIVE CAPABILITY AND VALUE FROM BIG DATA? Thanks to connectivity and IoT, military equipment generates ever more data. Exploiting this data in real time requires mastering Big Data analytics and Artificial Intelligence technologies. These technologies will transform the data into helpful tools to analyze situations and make decisions faster. To accelerate our Big Data analytics development, Thales acquired Guavus in 2017 and created a Competence Centre to support Big Data analytics development in our defence and security business in 2018. The ongoing modernization of ACCS will progressively benefit from these innovations.

HOW DOES THALES HELP SECURE THE WORLD OF IoT? Thales’ IoT Security solutions are driving innovation by protecting data integrity and confidentiality, as well as ensuring that IoT infrastructures are resilient to cyber security risks. We recognise that these are essential pillars to secure the IoT and connected objects, as well as the data wherever it may be. Thales already protects the cryptographic infrastructure of some of the most security-conscious organizations in the world. These include authentication tokens for cellular applications, trust anchors and ‘safe’ storage for encryption keys and security credentials. We also provide Trusted Key Manager services to authenticate IoT devices and secure data exchanges, preventing unauthorized devices and IoT players from joining the network. By combining the IoT technologies of our recently acquired Gemalto with Thales’ Defence domain expertise, we believe we are on the verge of unleashing the massive potential of secured IoT for the Armed Forces.






Christina Mackenzie asks Isabelle Le Pladec, Principal Project Manager, Joint Intelligence, Surveillance and Reconnaissance, and Bob Essad, Head of Operations Support, Joint Intelligence, Surveillance and Reconnaissance at the NCI Agency, about the preparations for the arrival of the Alliance Ground System

NATO currently operates an Airborne Warning and Control System (AWACS) which primarily detects, tracks and reports on airborne targets. However, this summer the new Alliance Ground Surveillance (AGS) system will reach initial operating capability. “The contribution of reports from both these sensor systems will enhance situational awareness for NATO commanders involved in activities where AGS and AWACS are employed,” explains Bob Essad, Head of Operations Support for the Joint Intelligence, Surveillance and Reconnaissance (Joint ISR) Service Line at the NCI Agency. The main purpose of the AGS is to improve situational awareness and thus, decision-making. This is critical in an environment where the Alliance faces hybrid threats, including disinformation campaigns, and where rapid and secure access to accurate intelligence is vital. AGS has a wide range of applications and could be deployed in missions to monitor ground troops and civilian populations at border controls, for example, during maritime safety missions, in anti-terrorism activities, for crisis management or to carry out disaster-relief assessments. The NCI Agency was tasked with extending NATO’s footprint to Sigonella, Italy, where the NATO AGS Force will operate. As a result, it set up NATO IT infrastructure at the base in 2016 and will extend it in the future. “The Italian base provides a physical location for AGS, but not the communications and information systems needed. Our job is to deliver this infrastructure: the telecommunications and satellite services (UHF, Inmarsat and Ku-band). The latter is being provided by Luxembourg,” explains Isabelle Le Pladec, Principal Project Manager for Joint Intelligence, Surveillance and Reconnaissance. 43


Consequently, the Agency team has had to integrate the networks, communications, voice services, IT infrastructure and NATO applications at unclassified, restricted and secret levels with the rest of the Alliance. “This entails providing the crypto equipment, the phones and printers, everything the 300 [soon to be 600] operators based on the Italian island of Sicily will need to operate the AGS 24/7,” Le Pladec points out. “And then, we have to make sure that all NATO Commands can exchange information with the NATO AGS force because, for the moment, they can’t. Currently, there is no e-mail exchange, messaging, voice communication between the NATO domain and the AGS domain. Our job is to make it happen, to enable them to communicate,” she explains.

collective defence, crisis management and cooperative security. While on military operations, “the sensors will be used to support multi-intelligence correlation and fusion analysis so we can have a better understanding of what courses of action an adversary may be taking. This will assist NATO commanders in making better-informed battlespace decisions,” says Essad.

COLLECTIVE ACQUISITION A group of 15 nations (Bulgaria, Czech Republic, Denmark, Estonia, Germany, Italy, Latvia, Lithuania, Luxembourg, Norway, Poland, Romania, Slovakia, Slovenia and the United States) is acquiring the AGS capability from a consortium made up of Northrop Grumman, Airbus Defence and Space, Kongsberg and Leonardo. NATO will then operate and maintain the systems on behalf of the 29 Allies.

A group of 15 nations is acquiring the AGS capability The five Global Hawks are equipped with a Ground Moving Target Indicator radar to detect moving objects on the ground, and a Synthetic Aperture Radar for radar images. The radar ensures images can be captured in all weather, day or night. By collecting information that can provide political and military decision-makers with a comprehensive picture of the situation on the ground, AGS will contribute to the three NATO core tasks of


Information captured by the Global Hawk’s sensors will enhance NATO commanders’ battlespace decision-making (Northrop Grumman)

Italy offered the Sigonella Naval Air Station (NAS) location because, from there, the five Global Hawks with a range of 8,700nm (16,113 km), ceiling of 60,000 feet (18,288m) and speed of 310 knots (575 kph) can easily be operated to support NATO operations anywhere in the world. “Sigonella NAS is already supporting US Global Hawks and will additionally be able to accommodate NATO’s own Global Hawks,” adds Bob Essad. The permanent AGS facility on the island is under construction, scheduled for completion by 2021, so until then, AGS is set up in temporary buildings.

Antonio Calderon, NCI Agency Chief of Network Services and IT Infrastructure, tells Giles Ebbutt about his plans for improving satellite communications

After nearly two decades of relative tranquillity, the High North has assumed a significantly increased importance to NATO. The Alliance is increasing its level of activity to demonstrate its commitment to the region, evidenced by events such as the Trident Juncture exercise in late 2018, which involved around 50,000 participants from 31 NATO and partner countries, 250 aircraft, 65 vessels and 10,000 vehicles. Effective command and control of deployed forces of this magnitude depends on reliable, highcapacity, secure communications, which are largely provided by satellite communications systems. However, the High North offers particular challenges when it comes to their use. Antonio Calderon, Chief of Network Services and IT Infrastructure at the NCI Agency, explains why, “NATO’s satellite communications services are delivered via a combination of mainly military-grade satellites, which have been placed in geostationary orbit (GEO) around the equator, complemented by commercial satellite services reserved typically for unclassified information.





The majority of our satellite services are based on GEO. This means that, in the High North, the signals tend to flatten out the nearer you get to either pole.” Calderon continues, “As a result, satellite signals sent to a ground station in the High North can be blocked by tall obstacles such as mountains or even trees. This makes it more difficult to find suitable locations for command headquarters as they need to have a clear line of sight to those GEO satellites. “Another challenge with the satellite signal coming in on a flatter trajectory is, much like a stone can be bounced off water, signals sometimes bounce off the reflective icy, water or snowy surfaces of the High North – a phenomenon that can interfere with the signal”. Calderon confirms that these challenges were evident during Trident Juncture 2018, for both NATO and national teams, and creative solutions were found to overcome them, which is one of the objectives of NATO exercises. “NATO is investing almost €2 billion in modernizing our SATCOM [satellite communications] capabilities and services, strongly relying on military-grade geostationary satellites provided by NATO nations, and complemented by commercial SATCOM services as required,” explains Calderon. “Almost every single application across the NATO enterprise requires more and more bandwidth – users are more mobile and this demand is constantly increasing.” Calderon points out that the task of the NCI Agency is to anticipate the users’ bandwidth requirement and ensure there is sufficient capacity to meet the demand. “We are constantly examining options for utilizing new and more efficient technologies and waveforms,” he says. NATO is addressing the issue with different solutions as part of the SATCOM programme, which will centralize, standardize and integrate service provision. Consequently, there will be two levels of satellite communications – a core, plus an extended core with commercial augmentation. The core will be based on military satellites with highly resilient and secure services. The extended core, with its commercial augmentation, will offer additional bandwidth to be used for missions and tasks that do not need the same level of robustness and security as the core services.



The extended core will be based on a mix of military and commercial satellites operating in military frequency bands. It will be further augmented with satellites operating in commercial frequency bands. Many of those satellites will operate in orbits that are closer to the Earth: either in Medium-Earth (MEO) or Low-Earth orbits (LEO).


Others, like Highly Elliptical Orbits (HEO), can provide better access in high latitudes, which means headquarters location is less constrained, tactical flexibility is increased and command and control is improved. Calderon notes that, while commercial satellites could be seen as allegedly more vulnerable to cyber and electromagnetic attacks, the use of relatively large and dense constellations would make it difficult for an adversary to identify which satellite is being used at any given time, because there are so many available and the allocation of resources could be dynamic. This provides a high degree of concealment and security. “It is like hiding a tree in a forest,” he says. Nonetheless, the compatibility of existing NATO ground stations with new commercial satellites needs to be ensured. “In some cases, this may just require introducing new modems and antennas, but framework contracts will be placed with industry for contingency arrangements to provide additional commercial ground stations to anchor NATO’s traffic, should it be necessary. Bandwidth and terminal requirements are continually assessed to ensure we are able to fulfil NATO’s level of ambition, now and in the future,” Calderon reveals. The NCI Agency is about to embark on at least two new projects for the extended core, worth up to several millions of euros, covering both space and ground segments. These new projects will be for the provision of satellite communications services and are likely to raise capacity from both commercial and military constellations, subject to perceived threat levels. Calderon confirms that the projects have been programmed and the detailed timelines, scope and acquisition approach will be developed over the next 18 to 24 months, with the aim of having an initial service catalogue framework with industry and nations in place at the end of that period. Part of the project analysis will include the acquisition strategy and potential contracting vehicles to be used. It will be a balance of cost and requirements against the risk of being locked into a single provider. It will also include defining an adaptable exit strategy, so as to provide NATO and the NCI Agency with the flexibility required to fulfil their missions and, when necessary, move to an alternative provider for additional future service requests. Calderon notes an increasing focus on using outsourced service provision to provide part of the solution for non-core functions. Existing arrangements for NATO’s unclassified transmission layer worldwide, provided by BT, and the NATO communications network in Afghanistan, provided by Thales, are good examples of how the commercial sector can support the NCI Agency’s needs, users and NATO missions.




TECHNOLOGY Common challenges facing NATO and commercial entities as they increase activity in the High North will open up exciting opportunities for dual-use technological innovation. Simon Michell reports


“Technology is the key element in a sustainable development in the Arctic,” insists Arctic Frontiers. According to the pan-Arctic network, based in the Norwegian town of Tromsø, “innovative and technologybased infrastructure projects can unlock vast growth opportunities in the Arctic region.” To put this in context, as far back as 2008, the US Geological Survey estimated that technically recoverable resources in the Arctic amount to around 30% of the world’s undiscovered gas and 13% of the world’s undiscovered oil. The potential for the new shipping routes that are being developed as the ice in the High North recedes is also a gamechanger that could deliver huge savings in bunker fuel and emissions, if they can be safely exploited. However, harsh conditions, remoteness, a lack of comprehensive digital connectivity and insufficient satellite coverage mean that innovation is key, not only to the activities of the High North, but also to sustainable access to the region in the first place. These are the key challenges that the NCI Agency – as the main organization responsible for the development and sustainment of C4ISR (command, control, communications, computers, intelligence, surveillance and

For military missions, much of the focus will be on assuring reliable and secure communications between warships and command centres, as well as enhanced situational awareness and, of course, safety. The commercial entities that are planning to expand their operations in this vast and harsh environment as it begins to open up share many of the same requirements. This, therefore, offers a massive opportunity for the development and enhancement of dual-use technologies for both sectors. Not only will this help to pool investment in the research and development (R&D), it will also give access to a wider set of skills and knowledge.

COMMERCIAL PIONEERS Some of the innovations that will unlock this region – such as artificial intelligence (AI), machine learning, quantum computing and autonomy – are being pioneered in the commercial sector by companies such as Amazon, Apple, Alphabet (Google), Facebook, IBM, Intel and Microsoft. These companies have huge financial resources. In 2017, they spent a combined $90 billion on R&D between them – a figure that is beyond even the defence research budgets of the largest military powers. AI is already making its mark on scientific research in the High North, with the Danish Meteorological Institute (DMI) using AI and machine learning to map sea ice as part of Automated Sea Ice Products (ASIPs) using EU Copernicus Sentinel satellite imagery. This project has been running since November 2017 and hopes to furnish those navigating the waters around Greenland with more accurate

and regularly updated maps to help them plot courses through constantly changing ice melt.

UNMANNED AERIAL VEHICLES (UAVS) Another key technology that is being increasingly employed by militaries and commercial entities is the UAV or drone. If the challenges relating to ground infrastructure data links and the weather can be solved, the potential for drone applications in the High North is huge. Not only can drones be used to monitor the region for scientific and conservation purposes, they can also assist with the effort to embed a reliable search-and-rescue response. Drones, especially those that are automated/ autonomous, can be given a host of what are termed ‘3D chores’ – dull, dirty and dangerous.


reconnaissance) technology and networks – will also need to overcome.

UAV experimentation has been ongoing in the opposite polar region – the Antarctic – for many years. For example, the US Coast Guard Polar Star pioneered the use of a drone, in this case an AeroVironment RQ-20 Puma E, to scout ahead for potentially dangerous ice formations as an aid to the annual US Operation Deep Freeze to resupply the McMurdo Antarctic research station.

SATELLITES Turning to the vexed problem of satellite coverage, there is growing interest in the potential for nano and micro satellites to fill the gap in observation and communications coverage. Not only are these smaller systems cheaper to build, they are also cheaper to put into orbit. That said, there is always a place for the existing larger satellites, as witnessed by Lockheed Martin’s collaboration with the University of Alaska Fairbanks to collect and process Arctic terrain data using the company’s Rosetta tool set.



Dr Sunniva Tofte, Director – Innovation, Research and Development at the Norwegian Ministry of Defence, highlights the utility of dual-use technologies in the High North

WHAT TECHNOLOGY CHALLENGES FACE MILITARY AND COMMERCIAL ACTIVITIES IN THE HIGH NORTH? The expected thawing of permafrost and rising sea levels will limit new infrastructure development and maintenance of existing infrastructure in the future. This poses challenges in several technological areas. Vessels need to be able to withstand ice accretion (the build-up of layers of ice), floating ice and icebergs. Planes and drones must be resistant to ice, as well as the de-icing agents and gravel that are used on the runways in the north. Communications systems and electronic devices must be designed to operate without infrastructure and be sufficiently rugged to cope with cold temperatures in combination with varying humidity, wind and precipitation. The need for situational awareness through surveillance will increase for both civilian and military actors. However, these services require communications, which is a challenge in the High North, where many standard communications systems, such as satellites, have limited coverage.

HOW IMPORTANT ARE DUAL-USE TECHNOLOGIES TO THE HIGH NORTH? Dual-use technologies, such as artificial intelligence and unmanned systems, hold the potential to remedy many of the challenges we are currently seeing in the High North. This is not least due to the vast areas in question and the challenges this poses for surveillance by manned systems. Miniaturized and affordable technology is changing our approach to intelligence, surveillance and reconnaissance. Norway has launched four micro satellite projects for maritime surveillance, and we are planning on launching more in the near future. These satellites will establish a continuous situational awareness in a much more cost-efficient manner than before, which for the Armed Forces allows a more efficient use of our manned systems. Unmanned and autonomous systems in the air, and on and below the surface, potentially provide enhanced endurance and coverage. The HUGIN autonomous underwater vehicle is one example of this. Another particular challenge in the Arctic is the lack of sufficient communications solutions. Space, Norway’s project for satellite-based broadband, will help fill the gap. The project is a good example of how civil-military, as well as public-private, partnership is necessary for establishing strategic national technologies.


The particularities of the challenges in the High North, such as the information and communication challenges, are largely the same to military and civilian actors. Thus, the further potential for developing and implementing dual-use technologies is considerable. Norway’s rugged offshore technologies show how systems that endure the harsh conditions of the Arctic can be built.



Richard Franklin Senior Vice President, Head of Airbus Secure Communications

HOW IS AIRBUS SUPPORTING THE NCI AGENCY POLARIS PROJECT? NATO’s IT modernisation programme, Polaris, aims to transform its static IT infrastructure into a homogeneous enterprise. Airbus is contributing to this through two projects: the NATO Communications Infrastructure (NCI) project, awarded to us in December 2017, and the Enterprise NATO Public Key Infrastructure (E-NPKI) system, awarded in July 2018. The NCI Project is replacing a major part of the NATO General Communications System (NGCS) at 73 sites, whilst the E-NPKI system will provide accredited certificated services on NATO networks, up to SECRET level. Full-service support, including a test facility and training, will be delivered across more than 70 NATO sites. Both projects are extremely complex and are supported by approximately 100 dedicated technicians, located in various sites across Europe. The respective project teams within Airbus are currently focusing on supporting and delivering these important projects successfully in partnership with the NATO Communications and Information Agency (NCI Agency).

In September 2018, the NCI Agency awarded Airbus a five-year framework contract to provide Assistance and Advisory Services (AAS). As a prime contractor, we provide the NCI Agency with Cyber Defence, Engineering, Military, Software IT and Communications Support experts at all NATO sites, including Afghanistan in the fields of Cyber Defence, Engineering, Military, Software IT and Communications Support. To date, we have provided the NCI Agency with support from a significant number of security-cleared personnel, and we will continue to do so in the future. Due to the nature of this contract, Airbus is continually looking for qualified personnel and actively building its network of professionals in order to provide NATO with skilled personnel.

WHAT IS SIGNIFICANT ABOUT BEING A HYBRID SOLUTIONS PROVIDER AND NETWORKS INTEGRATOR? Considering global developments in virtualisation, cloud applications and Internet of Things, Airbus is investing in highly secured hybrid solutions such as Hybrid Networks and Network for the Sky (NFTS). Our hybrid architecture rests on key elements such as communication servers, airborne antennae and an AirNodes network orchestrator, as well as integrating waveforms already in use by armed forces (L16, UHF, HF, ROVER, LTE, X/Ka/Ku-band) in order to improve interoperability for joint and allied operations.

mobile capability to a moving land vehicle, a UAV and a helicopter, which all shared streaming video at the same time, jumping in and out of the network. This was an exciting demonstration, but it also allowed us to prove many key aspects of network orchestration and control at heights up to 60,000 feet. These new hybrid and airborne networks are opening new horizons for Defence and pave the way for future capabilities such as the Future Combat Air System (FCAS) and UAV swarms.

WHAT OTHER SUPPORT DOES AIRBUS OFFER NATO? As Europe’s largest defence company, Airbus is very well placed to understand the challenges and benefits of multinational cooperation and teamworking between people from different nationalities and cultures. We provide a wide range of communications solutions for all applications, whether required on the land, in the air or at sea, and we benefit from 50 years’ experience in defence and governments. Our past and current experience with NATO Member States enables us to understand which technologies are used and which are most preferred by our customers, allowing us to develop a thorough understanding of NATO Member States’ needs. We are also proud to support NATO with the Deployed Communications Information System (DCIS). The Kosovo Force Tracking System (KFTS) is another example of an Airbus service which underpins our longterm relationship with the NCI Agency.

Last summer, we successfully flew an LTE node across Canada, providing



Building, expanding and securing st a 21 -century digital architecture


The NCI Agency is in the midst of an ambitious effort to transform NATO’s technological infrastructure. Samantha Ehlinger interviews Agency General Manager Kevin J. Scheid to learn more about his strategy for this undertaking HOW HAS TECHNOLOGY CHANGED OVER NATO’S 70 YEARS OF EXISTENCE? As we mark the 70th anniversary this year, I’ve been thinking about how much technology has changed since the Alliance was first formed. From vacuum tubes to cell phones, which give us everything we need at our fingertips, it’s been quite a journey for us and for NATO. I myself had some experience with the cell phone’s mammoth predecessors. One of my college jobs, for example, was as a computer operator at the University of Texas. I worked on mainframe computers with memory disc drives the size of refrigerators. The NCI Agency officially came into the picture in 2012, but the Agency has supported the Alliance through many guises for 64 years. We at NATO are proud of our 70-year legacy. But the Alliance cannot rest on its laurels. It must evolve with the times and keep pace with technology – and our changing societies. That is NATO’s digital endeavour. And the NCI Agency is helping to lead this digital transformation. We are aiming to drive technological change in a centralized way across the Alliance. Here are a few examples: When I took up my post in 2017, my first challenge was seeing through the delivery of the IT infrastructure for the new NATO headquarters. And, this year, we’re making big investments in global communications. Four new satellite ground stations are set to come online in 2019. These replace seven aging ground stations. This will be a big improvement to our capabilities. Perhaps most importantly, we are modernizing NATO’s IT infrastructure through our Polaris programme.



WHY DOES THIS IT INFRASTRUCTURE NOW NEED A MAJOR OVERHAUL? The infrastructure is an old architecture and it has grown up organically. We have dozens of server rooms all around NATO. We need to consolidate those and provide centralized services. Our infrastructure is also aging. We need to replace the old equipment with new hardware. We need to move to a cloud environment to take advantage of what the public cloud and on-premises cloud can offer us. This job is a challenge, to be sure. We have 18,000 users in the NATO organization itself. But 29 nations are also attached to NATO’s network, and their tens of thousands of users rely on the data shared on it. Today, industries are pivoting to focus on machine learning and artificial intelligence. They recognize that they must innovate or die in the marketplace. NATO doesn’t have similar market pressures, so the Nations must push NATO’s leadership to ensure this transition takes place. In the case of the Alliance, we either digitize or become irrelevant – particularly in hybrid warfare scenarios.


When you consider the new NATO Headquarters and the IT modernization projects together, we have the most significant improvement in NATO’s IT infrastructure since its founding. Polaris will improve how we deliver critical services that enable the nations to work together across a vast geographical footprint. The programme will establish the first NATO private cloud infrastructure, increasing security and bringing new mobile devices to users across 44 locations in Europe and the United States. That is a key change. We need to move to modern, mobile ways of working. We need secure phones, laptops and tablets. While these devices have been a staple of every modern corporation for a decade, this is new to the NATO bureaucracy. And this change is critical, as quick and coordinated communication can save lives.

HOW DO YOU MODERNIZE NATO’S INFRASTRUCTURE, WHILE KEEPING IT SECURE? It’s a good question, particularly for a security organization like NATO. We want to introduce mobility with cell phones and laptops, without more risk. As NATO’s cyber leaders, we have to be thinking constantly about cyber hygiene. We defend NATO networks 24/7.


Offering centralized services does help us patch more easily and quickly. It also gives us better control of our data. As a part of our efforts we are also implementing NATO-wide business continuity and disaster-recovery capabilities. This kind of planning is essential, as NATO is the target of increasingly sophisticated attacks.


Kevin Brown Managing Director, BT Security

HOW LONG HAS BT BEEN SUPPORTING NATO? NATO has been a very important customer of BT’s Global Services division since 1998. As part of our services, BT provides connections between over 70 locations across the NATO Member States. This includes some locations that are extremely difficult to reach. In addition to standard communications, we have also been providing NATO with our secure internet Gateways Services, which protect NATO’s activities on the internet and enable it to undertake its day-to-day duties with a lot more confidence. In April 2019, we announced our intention to expand the range of services to NATO in order to support the Alliance’s global activities.

WHY DOES THE NCI AGENCY PARTNER WITH BT? First and foremost, it is because of our experience. We provide cyber security and network expertise to governments, international agencies

and multinationals, who expect us to both connect and protect them seamlessly. This has given us a proven track record of being a partner that major institutions can trust, which is a major reason why the NCI Agency has chosen to partner with BT. The security we can provide, complemented with our additional range of services, is helping with NATO’s digital transformation by giving it the ability to roll out new solutions and operate in a very dynamic way. Over the years, we have delivered multiple services to NATO. For example, this April we supported the NATO Secretary General’s address to the US Congress, making sure that it went ahead uninterrupted. The NCI Agency also knows that we invest heavily in our people to make sure we have got the right skills in the right locations.

HOW IMPORTANT IS CYBERSECURITY TO BT CUSTOMERS? We have all become aware of cyber attacks and we know that we have to proactively protect ourselves from them. Fortunately, our DNA in security goes back more than 70 years. It has always been at the forefront of our communications strategy. We provide cybersecurity to millions of customers, from households to governments and entire nation states. This also includes secure services to protect critical national infrastructure in the United Kingdom.

Beyond our partnership with NATO, we are also helping a number of global brands with digital transformation programmes and migrating their capabilities and operations to the Cloud. We put security at the heart of their transformation right from the very beginning – it is not bolted on afterwards.

HOW DOES BT KEEP ITS GLOBAL NETWORK SECURE? Our global network spans 180 countries and, with that, we now transmit over one terabyte of data every second. So, we have a vast footprint to monitor. To do this, we have 15 cyber security operations centres around the world, supported by over 3,000 cyber security experts. The insight and intelligence we gain from our ‘ringside seat’ on the global network allows us to analyze what is going on and work out what needs to be done to protect our customers. On average, there are about 4,000 cyber incidents on the BT network every day, so we have developed very advanced artificial intelligence and machine-learning tools to not only analyse and visualise what is happening at any point in time, but also to predict attacks before they happen. We also collaborate with partners and competitors to share our knowledge and threat intelligence, and we have fantastic relationships with international governments and agencies such as Interpol and Europol.

“Our DNA in security goes back more than 70 years. It has always been at the forefront of our communications strategy”




HOW PROJECTS ENHANCE CAPABILITY The NCI Agency’s Chief Operating Officer Ludwig Descamps, tells Alan Dron about the latest projects his organization has been involved in and how they are introducing capability to the Alliance

The NCI Agency has to earn its income through the projects and services it provides to its customers – and the nature of those customers is changing. “More and more, individual nations or groups of nations are turning to us with communications requirements,” says the Agency’s Chief Operating Officer, Ludwig Descamps. Requirements from States, rather than military commanders, have always been there, but Descamps has witnessed increasing demand. A turning point was Afghanistan, which accelerated collaboration at operational, tactical and strategic levels. One recent successful project that the Agency has undertaken is cloud-based app service delivery. “What we want to do through this approach is very similar to what happens in the app store in

commerce,” Descamps explains. “We want nations to download software apps that they can use at a national level, whilst also promoting interoperability between national and NATO systems.” One bonus of that process is that, when officers from individual Member States are seconded to NATO, the apps they use are often already familiar to them. Much of the NCI Agency’s work is outsourced to industry, but its role is much more than simply that of an allocator of projects. One reason the NCI Agency outsources the development and production of systems to industry, rather than doing so itself, is that, according to Descamps, the nations don’t want the NCI Agency to start competing with national industries. That said, the organization’s work involves much more than simply



› The NCI Agency develops mobile applications to provide flexible, secure services to NATO forces (NCI AGENCY)

writing a statement of work and organizing a competition with industry to select the winner. “We’re NATO’s C3 [command, control and communications] service provider,” Descamps points out. “We see ourselves as more of an interface between NATO and industry. We’re an active player that bridges requirements. We have to understand NATO’s requirements, both financial and non-financial, and ensure that these can be incorporated into the NATO environment without being too much of a problem.”



There are certain NATO standards to be respected. “On the software side, for example, we provide NATO headquarters with traditional commercial software,” explains Descamps, “but we also help industry

to develop software packages that are specific to NATO. We call these ‘functional services’.” To ensure that this is done safely, the NCI Agency provides a test environment to check that the newly developed code does not introduce any unintended consequences and that it is safe from cyber-attack. The NCI Agency’s responsibility for defending NATO networks means that the cyber realm is an area that has become increasingly important. As part of this immense effort, a new community for technical cyber defenders across the Alliance, known as the Cyber Security Collaboration Hub, was recently established to speed up the exchange of information regarding cyber threats on the network(s). However, cybersecurity is not just about monitoring the cybersphere. “We also need to make sure that our networks, and the architecture of our networks in particular, have some built-in resiliency. That comes down to design,” says Descamps. This is particularly significant, as NATO is in the process of a major modernization and transformation of its IT infrastructure – the Polaris project.

Polaris will deliver a new, modern digital enterprise for NATO. Descamps clarifies the scope of the endeavour: “That involves work to establish new data centres, and service operation centres that have an important role to play in monitoring cyber threats and the deployment of end-user equipment, such as laptops and cell phones.” The NCI Agency is naturally committed to delivering successful projects, but the shape of that success may, in future, differ from currently accepted norms. “We want to deliver solutions in the IT environment more rapidly,” says Descamps. “Because technology is evolving so rapidly, we’re moving away from ‘100%, gold-plated solutions’ that you then operate for the next 10 years.” The reason is simple. Such solutions take a long time to deliver – and may never actually ever arrive – given the speed at which technology is moving. Instead, the NCI Agency is looking at solutions that deliver 80%, or perhaps only 60%, of the customer’s requirements, but in a much shorter timespan: “We’re looking at what is already available, together with rapid implementation and adaptation,” he concludes.

Simona Rocchi, the NCI Agency’s Interim Director of Acquisitions, talks about her priorities for NITEC19



WHAT ARE YOUR PRIORITIES FOR NITEC19? We are looking forward to an important discussion on the advanced acquisition module of the Enterprise Business Application (EBA), which we want to implement by the end of this year. We believe this will bring a lot of benefits for industry partners – in particular, the e-procurement element. The EBA interface will support both the bidding and the contract-execution stages, giving access to solicitation packages, submission of bids, availability of bid results, submission of invoices and visibility of payments status, amongst other features.



The use of nonprofessional Unmanned Air Systems (UAS) is a cause of concern

Each prospective bidder will get immediate access to the relevant published information and documents. This should not only reduce the procurement timelines, but also produce a stronger sense of partnership and transparency between the Agency and industry. As Interim Director, this project will be my main focus from now until the end of 2019, ensuring that it is delivered on time and works to everyone’s advantage.

will work in practice. Therefore, I have invited some of our PCOs to come with me to NITEC. The Service Line Chiefs will present the programmes/projects that they are going to implement, but they will have the Principal Contracting Officer at their side. This is a team effort, and I think it is good for industry partners to know the PCOs, as well as the SLCs.

The Acquisition function is at the forefront of the NCI Agency’s move towards a matrix-type organization. We already have Principal Contracting Officers (PCO) as direct counterparts to the Service Line Chiefs (SLC), so NITEC is an opportunity to help explain how this


The Polaris programme... is currently the most important project 60

The Polaris programme – the game-changing modernization of NATO’s IT infrastructure across the whole enterprise – is clearly a very exciting challenge that is currently the most important project for the NCI Agency. On the horizon, we can already see the next developments, such as the hybrid Cloud. Central to NITEC19, the wider integration of artificial intelligence (AI) and data analysis into NATO systems will be essential for future NATO capabilities. The NATO Secretary General has stated that the secure exploitation of data is one of his main priorities, and the acquisition of Open Source Intelligence (OSINT) will be a very important issue for NATO and the NCI Agency in future. Advances in IT are inevitably creating an exponential growth in the volume of data, and OSINT will fulfil an ever greater proportion of the requirement. The way that data is acquired, owned and protected by NATO will


As an Agency we have been pretty successful. This means we have more requests than we can immediately service. And, at the moment, we do have an issue with resources. The diversity that different types of actors can bring is definitely of value to us. We could partner with actors outside industry – such as academia, defence labs or research and scientific institutions from NATO nations – to supplement our workforce in subject-matter expertise in certain areas where we have

HOW IS PROCUREMENT BECOMING MORE AGILE? We clearly want to adopt an agile approach for the procurement of what we call technology-intensive projects. In 2017, we began talking about introducing more milestones in the contracting method. This would allow us to check to see if the solution is really what the users need, so that once we have achieved that consensus we can move on to the next step. The core aim is to enable collaboration between the various parties, incorporating regular and frequent contributions from the user community and eventually delivering added value to NATO progressively. So far, we have selected some small projects as pilots. Bigger projects will come into focus in the near future, including Intelligence Functional Services (INTEL FS) Increment 2 and the Logistics Support Functional Services (LOG FS) programme. Much more needs to be done, but primarily we will need to revisit some of our contract provisions to ensure they fit with the phased, agile approaches being introduced, addressing how to share responsibilities in case of emerging complexities.


therefore be a crucial area of interest for the NCI Agency. Finally, the ‘Game of Drones’, as our scientists call it – the use of non-professional Unmanned Air Systems (UAS) – is rapidly expanding, and this is creating concerns for the security of personnel and infrastructure. Currently, we are detailing and quantifying the operational requirements for counter-UAS systems, and also outlining future requirements based on the pressures that are coming from such emerging technologies.

ARE THERE ANY CHANGES PLANNED FOR THE BASIC ORDERING AGREEMENT FRAMEWORK? This is clearly an interest for us. We want to enlarge the number of companies, especially small and medium-sized enterprises, that want to participate in NCI Agency acquisitions, and the Basic Ordering Agreement (BOA) framework is, in our opinion, one of the most successful acquisition frameworks we have ever implemented. It has been in place for over 20 years, and we now have more than 900 registered companies. However, many of them are not really active in the BOA framework, so we are now renovating the system to make it ready for new challenges.

The NCI Agency’s flagship industry conference, NITEC, is an annual platform for leading and innovative technology companies to meet with NATO and national decision-makers, discuss future business opportunities and feature their latest tech solutions

a shortage of resources or expertise. Their advantage is that they will not compete for the follow-on phases of our work, so we could work with them in areas like systems architecture or requirements testing. That is why we will have a breakout session during NITEC19 on our future not-for-profit framework, which we think will be a very interesting avenue for us to explore.

Our improvements will simplify BOA applications, which will reduce the administrative effort required from applicants. We will no longer ask for price lists to be submitted with the application. In addition, we will update the list of products and services categories, replacing them with generic categories to improve the mapping between our requirements and industry solutions. We also propose to limit the duration of the BOA agreements to three years and to subject applicants to a renewal process. By doing so, we will make sure that we have a robust and current listing of BOA suppliers, ready and able to engage in NCI Agency business opportunities.



Alan Dron talks to the manager of the Polaris programme, Paul Howland, to find out how the new IT systems his team will introduce will transform NATO’s IT network operations and security



POLARIS transforming NATO’s digital presence A major initiative is under way to modernize NATO’s IT infrastructure – the Polaris programme. This huge and highly significant effort involves replacing and rethinking the back-end servers used to run NATO’s business and operations, as well as end-user devices such as personal computers, screens and printers. Polaris covers four technical projects, but, more generally, it involves business change. “It’s not just about delivering some new servers in a server room; it’s about new IT, how that is delivered and how operational users will consume that IT,” says Polaris programme manager Paul Howland. The NCI Agency is responsible for the oversight of IT on 44 sites, ranging from NATO’s Supreme headquarters (HQ) in Mons and the new NATO HQ in Brussels, down to small sites with just a few users. All these sites have developed organic solutions over past decades: “Local IT departments have bought local solutions, so it’s very heterogeneous, in terms of software, patches and ways of solving issues.”

This means that there has been no central oversight of the organization’s IT, and investment has been piecemeal, with most of NATO’s IT infrastructure either obsolete, or about to become so. Polaris is designed not only to bring that infrastructure up to modern standards, but also to bring more central oversight, better cyber protection and cost efficiencies. Polaris comprises several aspects, with four main projects: » IT Modernization (ITM), which will see three data centres being built (two are already built); » NATO Communications Infrastructure Project (NCIP); » NATO Public Key Infrastructure (NPKI); » Service-Oriented Architecture/ Identity Management (SOA/IM). ITM data centres at Mons and Brussels, in Belgium, and Lago Patria, in southern Italy, will back each other up, to prevent data being lost in the event of a major crash. Additionally, some





Polaris will involve moving personnel to reflect the more centralized infrastructure model (NCI AGENCY)

of NATO’s larger commands will have ‘enhanced nodes’ to host any critical local applications that can still be accessed in the event of a major problem at the data centres. Some of these applications are bandwidth-heavy, so it makes more sense to host them locally. NCIP will upgrade routers to make the network faster. NPKI will enable staff to have access to equipment such as printers through their ID badges, which have cryptographical ID embedded in them. SOA/IM will cover several functions, but the most important is the NATO Enterprise Directory Services, a database containing the names and addresses of everyone allowed to use the network. Over and above these projects, Polaris will involve moving personnel to reflect the more centralized infrastructure model and putting in place the necessary processes to handle it. An IT Infrastructure Library will lay out

best practices for the organization on how it should run its IT services. One major challenge will be application migration. A NATO site will have perhaps four commercial off-the-shelf (COTS) systems, plus a couple of hundred NATO-specific applications. “These are quite complex apps,” explains Howland. “It’s not like re-installing Windows on your PC. If this migration is not achieved seamlessly, there could be a break in dataflow between sites that could destroy the ‘air picture’, for example.” The main contract to deliver ITM was awarded in 2017 – the other three main projects will follow – with the main contract due to deliver in four waves. The first wave, which covers the Mons and Lago Patria sites, together with two ‘service operation centres’ and four of the ‘enhanced nodes’, is expected to be completed by the end of 2019. Once NATO’s Investment Committee has verified



The Polaris programme will upgrade the technology available to the Commands, centralize services and bring about the early stages of cloud technology to NATO (NCI AGENCY)

the first wave and is happy with the contractor’s performance, work will move ahead on the other 38 sites. Each of the remaining three waves will take around a year, with a scheduled completion date for Polaris at the end of 2022. “A lot of the risks are front-loaded in this programme, because that’s where the design is done, together with the testing of plans and processes,” Howland notes. “Later waves will be repetitions of what’s been done; it should be much more a case of ‘rinse and repeat’.”



Centralizing IT may present an attacker with juicier targets and makes defending them more critical than ever, but the ability to focus NATO cyber defences on a limited number of sites – and, importantly, build in those defences from the ground up, rather than trying to ‘bolt on’ defences to existing

systems – “makes things harder for attackers,” says Howland. One of the work packages under the ITM part of the project will introduce modern cyber monitoring in every data centre and enhanced nodes to make it more difficult for attackers to worm their way into the network. New equipment will essentially be commercial, but how it is configured will be unique to NATO. Also, as well as publicly available systems, such as Microsoft Windows and Oracle databases, there will be several hundred NATO-specific command, control and intelligence apps. So, what will NATO staff ‘on the ground’ see as a result of Polaris? “Some of the differences are behind the scenes. The problem with IT is that you never get recognized for things not failing! But this will bring in a lot more reliability,” Howland predicts. From a practical perspective, many users will have new devices on their desks,

such as laptops and tablets. There will be two distinct IT networks. One will handle the routine business of running the organization and will carry traffic only up to ‘NATO Restricted’ classification. Laptops on this network will have internet access and can be used outside the office – when staff are working from hotel rooms while away on business, for example. Material on this network that is passing over the internet will be encrypted. Staff will also have new capabilities, such as video conferencing. The second network will be ‘operational’ and will carry information up to ‘NATO Secret’ level. Computers on this network will be hardwired and will not be able to be removed from NATO premises. Staff on this network will no longer be sitting at their desks beside a beige tower containing a hard drive; they will have only a keyboard and screen.


Gerhard Marz Executive Vice President, Responsible for the Public Sector Division, Bechtle

HOW DOES BECHTLE SUPPORT THE NCI AGENCY IT MODERNIZATION PROJECT? Bechtle has been supporting the NCI Agency as a trusted partner with two IT Modernization contracts since 2017 – ITM WP2 and Horizon 3. We advise the Agency on all technical aspects relating to the Agency’s future client-infrastructure needs, including the selection and certification of all technical components and devices for COTS and TEMPEST products. Bechtle also helps the NCI Agency mitigate internal schedule adaptations within the POLARIS programme by providing storage capacities and shorter delivery times. So far, we have been supplying client end-user equipment to 40+ NATO sites and NCI Agency customers in over 14 countries for two of the contracted five years. The product range that we offer includes mobile devices, monitors and peripherals, as well as stationary computing solutions.

WHO IS BECHTLE PARTNERED WITH ON THIS ACTIVITY? Our main partners are Dell and GBS TEMPEST & Service GmbH. Both companies are highly respected and well established within the defence sector. Naturally, the quality of their

products and delivery meets the high standards demanded by the NCI Agency. Dell hardware forms the baseline for our COTS and TEMPEST products. TEMPEST is a highly complex sector in the IT industry, and only a few companies have the technical resources, know-how, expertise and required national accreditation and certification to fulfil the challenge of providing these highly secure systems in such a short time frame.

WHAT SECURITY DO BECHTLE END DEVICES HAVE? Bechtle contributes significantly to NATO’s IT-security strategy by offering TEMPEST devices. An IT system is deemed ‘tempestified’ if its emissions have been reduced to a standardscompliant minimum. We offer a wide spectrum of products that are available as TEMPEST variations in three different levels: A, B and C, according to the NATO standard SDIP-27. Our TEMPEST partner, GBS, is authorized to perform certification measurements and shortmeasurement procedures according to this standard, with a focus on the entire workplace equipment suite, covering systems and peripherals, including the keyboard, mouse, headset and webcam. All modifications and certification procedures are performed in the three GBS-owned in-house test laboratories recognized by the German Federal Office for Information Security (BSI). This ensures the highest certificated production quality.

services. National and international security authorities – such as the Austrian, Dutch, German and Swiss Armies – rank among our customers and benefit from our branch-specific know-how and experience.

WHY IS BECHTLE A STRONG IT PARTNER FOR THE FUTURE? Bechtle makes it a priority to be close to its customers, with 70 systems integrators in Germany, Austria and Switzerland, as well as e-commerce subsidiaries in 14 European countries. We offer a blend of direct IT product sales and extensive systems integration services. Backed by extensive experience and expertise in futureproof IT architecture, we value traditional infrastructures just as highly as current trends, such as digitisation, Cloud computing, mobility, security and IT-as-a-service. We offer over 70,000 hardware and software products through our online shops, customer-specific e-procurement platforms and over the phone. In addition, specialists at our group-wide competence centres provide expert support for a broad range of complex topics. Furthermore, with partners like GBS TEMPEST & Service GmbH at our side, we have a comprehensive competence team consisting of highly skilled and experienced engineers and technicians ready to support NATO for the years to come.

WHO ELSE DOES BECHTLE SUPPORT? In the defence sector, Bechtle has been a partner to various armed forces for many years, delivering hardware and


Improving decision-making with Joint Intelligence, Reconnaissance and Surveillance Michael J. Gething talks to the Chief of the NCI Agency’s Joint Intelligence Surveillance and Reconnaissance (Joint ISR) Service Line, Matt Roper about his team and the critical role they play in supporting NATO’s mission. With their expertise, Joint ISR engineers, analysts and scientists ensure that vital intelligence from an increasing number of sources is distilled, analysed and shared in a timely manner to improve the situational awareness of NATO and Allied leaders, allowing them to take better-informed decisions



A Black Hornet 2 Remotely Piloted Aircraft System (RPAS). The pocket-sized and hand-launched UAV, or RPAS, uses micro thermal cameras, visible spectrum cameras and proprietary software for flight control, stabilization and communications. Weighing 18 grams, the Black Hornet helicopter can fly for up to 25 minutes at line-of-sight distances of up to 1.6km at speeds of 18 km/h. It uses GPS navigation or visual navigation via video and can fly pre-planned routes via its autopilot. The Black Hornet was developed in 2007 and been used by NATO forces in Afghanistan from 2011, with the United Kingdom the first to acquire the type and use it operationally. (UK MINISTRY OF DEFENCE)

HOW DOES THE NCI AGENCY’S JOINT ISR TEAM ENHANCE NATO CAPABILITY? Since its establishment, the Joint ISR team has focused on three key areas: to develop coherent processes and doctrine; to identify meaningful opportunities to train and increase the competence of the ISR community at large; and to bring together innovative and smart technologies that would help both collect, share and distribute ISR products and services across the Alliance. The Joint ISR team has some 88 staff located at two sites, primarily in The Hague in the Netherlands, with a support element and a maintenance unit, which is co-located with NATO’s Supreme Headquarters Allied

Powers Europe in Mons, Belgium. We provide a Centre of Excellence for ISR knowledge and know-how to the Alliance. We help nations conceive new capabilities and understand how they can integrate their national ISR capabilities within an Alliance endeavour. That’s important because we want nationally procured capabilities to be coherent and compatible with a NATO operation. We facilitate the realization and fulfilment of any capability gaps, whether it is prototypes or other work we and our industry partners have co-developed; or whether it’s acquiring existing kit through an off-the-shelf acquisition process. When NATO money is used to acquire a gap-filling system, we go through a competitive bidding process, acting as the ‘host nation’.



In the Unified Vision exercises, NATO forces test the interoperability of their Joint Intelligence Surveillance and Reconnaissance resources, to ensure they can work seamlessly together



One example is the realization of a NATO-wide intelligence platform for day-to-day operations, missions and exercises – a capability called Intelligence Functional Service (IntelFS), which is the NATO go-to service for intelligence information collection, management and analysis. Designed and conceived internally, it was passed over to industry for production with the competitive contract awarded to Thales, which now provides NATO’s IntelFS Spiral 1 capability.

To understand and manage the complexity of the Open Source Information (OSI) landscape, we are looking at the application of Artificial Intelligence (AI), cognitive computing and machine learning – Big Data, if you will – to assist sorting the relevant from the irrelevant. If we can do that in a timely manner, we can bring about meaningful effects. So, there is a lot of work being done in this Big Data science, data analytics realm which is particularly pertinent to the ISR dimension. In addition, the use of biometric identification is intended as a way of trying to deny the enemy that anonymity they enjoy, that freedom of movement that disguises or obscures them from us as persons of interest. The exploration of unique biometric management/data capture provides us with some very powerful means of denying them that manoeuvre space of anonymity.

This was nothing short of extraordinary in NATO terms, to go from the birth of an idea and concept in 2012 to delivery of a service by the end of 2015. We’re now working on improving and developing IntelFS Spiral 2, conceiving and building a further requirement that will be competed in a couple of years. We are also responsible for NATO’s core Geospatial Information System (Core GIS) that provides Alliance operations with a definitive and authoritative map and GS referencing data to use in a variety of systems and capabilities. We support and maintain that in close partnership with ESRI, the successful bidder, that now provides that capability through us to NATO.


Other emergent capabilities include: the development of an Electronic Warfare (EW) Functional Service, to provide the Alliance with the ability to manage and operate NATO’s EW capabilities and integrate them more effectively; and the development of the Alliance Open Source Information System (AOSS), which helps SACEUR distil and understand licensed feeds from open sources such as the BBC, CNN, Jane’s and Reuters (among others), on a daily basis.

WHAT ROLE DO UNMANNED SYSTEMS PLAY IN YOUR WORK? NATO is on the cusp of realizing its own organic ISR capabilities - the Alliance Ground Surveillance (AGS) system in the form of five Block 40 Global Hawk highaltitude unmanned aerial vehicles (UAVs). Operating out of Sigonella, Italy, the information they gather will be exploited and distributed for integration into the wider NATO ISR landscape. Part of the next phase will be integrating that AGS capability into the ISR enterprise. We are also examining options for countering the small-drone threat linked to the so-called Fight Against Terrorism. We are now seeing our potential adversaries utilising cheap and readily available UAVs that can be used to devastating effect. We’ve given this work a rather catchy name – ‘A Game of Drones’.


MQ-9B SkyGuardian over the United Kingdom coastline during its transatlantic crossing in July 2018

Dr Jonny King Vice-President, GA-AS UK

The General Atomics MQ-9B SkyGuardian remotely piloted air system (RPAS) will revolutionise the operational mission profiles of unmanned aircraft because it is the first one that can fly in the airspace reserved for commercial traffic. According to Dr Jonny King, VicePresident, GA-AS UK, “SkyGuardian has been specifically designed and built to meet the stringent NATO airworthiness standards; it also has a detect and avoid system, comprised of a due-regard radar, a traffic collision avoidance system and an ADS-B transponder.” These features enable it to operate in non-segregated airspace, mixing with commercial air traffic in both national and international airspace, such as over the Atlantic. “The unique certifiability of this platform was a key discriminator for the RAF in selecting this RPAS for their Protector programme,” says King. SkyGuardian has an impressive endurance capability of up to 48 hours. “Last year, when we flew it across the Atlantic from North Dakota to RAF Fairford it only consumed half its fuel load,” King reveals. This

flight also demonstrated another breakthrough for unmanned aircraft. “The complete transatlantic flight, including initiating automatic landing in the UK, was piloted by a crew in North Dakota via a satellite link with the crew communicating via onboard radios with air traffic control and the tower at RAF Fairford.” This is not the only thing that makes SkyGuardian different. For aircraft that are not designed to fly in bad weather, harsh conditions can often keep them grounded, severely limiting operational flexibility. However, SkyGuardian has lightning protection and de-icing equipment that heats its pitot tubes, knocks ice off the wing leading edge and protects the engine intake.

SEAGUARDIAN – MARITIME MISSIONS The MQ-9B SkyGuardian can be fitted with a suite of maritime mission systems, including a dedicated maritime radar in a bespoke pod under the fuselage. “When equipped with maritime systems, we call the aircraft MQ-9B SeaGuardian,” King explains. “The tracks from the maritime radar can be crossreferenced with data received from shipborne AIS (automatic identification system) to identify and locate surface vessels. The electro-

optic/infra-red full-motion video sensor can then be slaved to provide a visual inspection of any contacts of interest.” This technology has been in use for some time now on GA-ASI aircraft. “The United States (US) Department of Homeland Security (DHS) has been operating in the maritime domain with our platforms for over 10 years. Their RPAS is called Guardian and it is based on the original MQ-9 Predator B.” According to King, GA-ASI continues to develop and expand the mission capabilities of its RPAS. In November 2017, GA-ASI successfully undertook flight trials monitoring sonobuoys via an MQ-9 Predator B to locate and track a sub-surface target. GA-ASI is now developing pods to carry and dispense sonobuoys. This has significant implications for air forces and navies that want to integrate RPAS with other assets, such as maritime patrol aircraft (MPA) and surface vessels. “With its long endurance and no crew onboard, SeaGuardian is a perfect complement to other assets for surveillance and search and rescue missions at extreme range from the safety of land,” King concludes.


Air and Missile Defence Keeping up with the rapid changes to the threats facing the NATO Alliance requires new ways of engaging with industry. David Hayhurst talks to Michael Stoltz, the NCI Agency’s Director of Air and Missile Defence Command and Control to find out how this is being achieved

For NATO, the process of fully developing an integrated, interoperable and resilient Air Command and Control System (ACCS) presents a number of very pressing challenges. Within the air and missile defence field, detection, monitoring and decisive response to hostile activity against any NATO Member State – whether from military aircraft, unmanned aerial vehicles (UAVs) or ballistic missiles – all needs to be accomplished within minutes. The clear and present need for 24/7, state-of-the-art, seamless interoperability between NATO’s full array of land-, air- and sea-based sensor and interceptor systems obviously requires the integration of a vast 72





range of components and services across all Air and Missile Defence Command and Control (AMDC2) echelons. But, as the scope and sophistication of potential threats to NATO continue to mount, standard practices regarding AMDC2 systems procurement and capability establishment are becoming increasingly unfit for purpose.

CREATING A NEW INDUSTRY ECOSYSTEM At NITEC17 in Ottawa, Michael Stoltz, NCI Agency Director for Air and Missile Defence Command and Control, addressed a forum of industry representatives. He spoke of the need to create a ‘new ecosystem’ in order to greatly broaden the spectrum of industries that could contribute to meeting future needs. The challenge in creating this “new ecosystem” is that, over the years, NATO has procured and established capabilities in very traditional ways with very long gestation periods. Requirements were collected over years, before being put together in large projects. These projects typically had implementation timelines of decades, rather than years or even

months. However, Stoltz points out, “If the threat is changing very fast, and the operational complexity is incredibly high, the minimum we owe our operators is to give them the best toolsets possible.” Beginning in early 2017, Stoltz and his colleagues realized that a radical new approach was necessary to deal with the capability shortcomings they faced. The most immediate example was the NATO Air Command and Control System (ACCS) implementation project. For ACCS, one of the major changes since 2017, which will also clearly benefit industry in the future, has been the conclusion that achieving the flexibility necessary to introduce new capabilities in an incremental and agile manner requires a well-documented and verified architecture. This architecture needs to allow the NCI Agency to manage air and missile defence as a system-of-systems capability, or in future as a component- or service-based capability. Over the past year, Stoltz has worked in close collaboration with Allied Command Transformation and the NCI Agency’s resourcing community to start the development and documentation of the necessary

NATO’s Deployable Air Command and Control Centre (DACCC) in Poggio Renatico, Italy, was the first site across the Alliance to start using the Air Command and Control System (ACCS). (NCI AGENCY)


actively involved in competitions in both Finland and Switzerland. As the F-35 Lightning II program progresses, more bases around the world are flying the aircraft.

Jonathan Hoyle Chief Executive Europe, Lockheed Martin

HOW WILL THE F-35 STRENGTHEN SECURITY IN EUROPE? The F-35 is more than a fifthgeneration fighter – it’s the central node of a fifth-generation fighting force, built for multi-domain, network-centric warfare. It is designed with the entire battlespace in mind, bringing new flexibility and capability to Europe, NATO and their allies. Missions traditionally performed by specialized aircraft – air-to-air combat, air-to-ground strikes, electronic attack, intelligence, surveillance and reconnaissance – can now be executed by a squadron of F-35s. Moreover, advanced stealth allows pilots to penetrate areas without being detected by radars that legacy fighters cannot evade. So, we see the F-35 as a quantum leap in air dominance capability with enhanced survivability in hostile, anti-access airspace environments. It is the foundation of next-generation air power for Europe, NATO and their allies.

WHAT PROGRESS HAS THE F-35 PROGRAMME ENJOYED IN NATO AND EUROPE? Belgium recently announced that it had selected the F-35 as its fighter of the future and we are

In the US, Luke Air Force Base’s 56th Fighter Wing is training the world’s greatest F-35 pilots and maintainers, alongside US personnel, for a number of future European operators. In Europe, the F-35 is now operational with the Italian Air Force, the Royal Norwegian Air Force and the UK’s Royal Air Force. The Royal Netherlands Air Force, which already has aircraft flying at Luke Air Force Base, will see its first aircraft arrive into Leeuwarden Air Base later this year, and aircraft for the Royal Danish Air Force will arrive in Denmark in 2022.

DESCRIBE LOCKHEED MARTIN’S APPROACH TO MDO OPERATIONS AND MISSILE DEFENCE We approach multi-domain operations with a fifth-generation mindset that is capability, not platform, centric. Consequently, our scientists and engineers are developing ways that effectors can be employed across multiple domains simultaneously. Success in future conflicts will require the ability to create simultaneous dilemmas faster than our adversaries can react. This will mean connecting systems that rapidly transfer data across air, space, sea, land and cyber domains to provide shared situational awareness and nearinstantaneous decision making. The missile defence challenge is an engineering challenge, and that’s what we do best. To counter advancing threats, we have pioneered hit-to-kill technology, advanced cyber security and improved interceptor accuracy, capability, range and reliability. As the world leader in missile defense, our systems have achieved more than 100 successful intercepts in combat and flight testing since 1984 – more

than any other company – and 50 successful target missions since 1996. In Europe, ballistic missile defence has created opportunities for NATO’s industry partners to work together to develop open architecture systems. This approach will allow assets from many nations to be integrated into regional defence systems.

HOW WILL BOTH ACTIVITIES BE FURTHER DEVELOPED IN THE FUTURE? Across Lockheed Martin, our 50,000 scientists and engineers are working hard to expand our innovative mindset to every aspect of our business operations. We’re investing in innovation that goes beyond tangible products such as airplanes and ships. We are looking at ways to connect disparate assets in different domains to expedite the decision-making cycle. We are exploring concepts like machineto-machine learning, open-system architecture, automation, artificial intelligence and pattern recognition. We’re evolving technologies that connect, share and learn. This means investing in emerging technologies to bolster speed, precision and agility, and the ability to connect systems and allow secure information sharing across joint, allied and coalition operations. When these innovations are holistically connected across strategic, operational and tactical levels, the result will be a multi-domain, user-friendly powerhouse ready to defeat 21st-century defence and security challenges. We know we must continue to disrupt ourselves before our competitors can, investing in the breakthrough technologies that will define the future. And I’m confident that we’re doing just that.


During their deployment the Italian Eurofighter detachment conducted two intercepts of Russian Federation Air Force Tu-142 aircraft, showcasing Allied cooperation and functioning of NATO’s Air Policing arrangements for Iceland (ITALIAN AIR FORCE)

architecture for air and missile defence in an integrated manner. “Once in place, we will no longer have to implement everything in a ‘Big Bang’, large-scale, decade-long process,” he says. “Instead, we will be able to take individual components and services and replace them within the architecture in a very controlled and well-managed manner in collaboration with industry. Basically, we are becoming our own systems integrator.” Effecting this new architecture will clearly involve working with a vast array of small and medium-sized enterprises, with which the interaction will need to be very different than that with the likes of the big primes, such as Boeing, Lockheed Martin and Thales.


For smaller industry players, NATO’s existing procurement process, in which the time from initial engagement to contract signing is typically a matter

of several years, clearly does not work to their advantage. “Small and medium-sized enterprises cannot sustain years of negotiations and dialogue with slow-moving organizations before they can see tangible and financial benefits,” Stoltz explains. “This is one of the biggest problems we have. To create the ecosystem that I talked about at NITEC17, we have to change both the way industry looks at us, and the way we engage with industry. That is something which we are still working on, and it’s tough. “NATO Member States need to have proper control. We need to respect that they need to have full transparency and understanding. But, on the other hand, we need to introduce, into this rather controlled environment, sufficient agility and sufficient managed risks, so that we can move at a fast enough pace for those smaller companies.”


Thierry Weulersse CEO, ThalesRaytheonSystems

WHY DOES NATO NEED AN INTEGRATED BMD SYSTEM? The air threats that the Alliance is having to deal with are multiform; therefore, a system able to integrate all information coming from the airspace is key. It ensures the integrity of the information shared among all actors. ACCS (Air Command and Control System) fuses data collected through more than 400 sensors spread over the NATO Nations. The protocol used in ACCS to exchange information between all entities has a capability far beyond the current legacy links, enabling richer and faster data exchanges than in the past. Data integrity and speed of exchange is of utmost importance when the threat is only a dozen minutes away. The arising hypervelocity threats will be easier to handle in such a unified system environment.

in an interim capability (INCA), established in 2012 and officially declared at the Chicago Summit. The planning, command and control system was delivered to the NATO BMD Operation Center (BMDOC) in Ramstein. The initial Operational Capability (IOC) was declared in 2016 at the Warsaw Summit.

protect the citizens of NATO’s Member States. What we need to do next is to further extend this IAMDS by federating national BMD capacities, integrating more powerful sensors that have a higher range and more capable effectors that are able to intercept this new generation of ballistic missiles.

Since then, TRS has adopted an incremental approach, which resulted in an enhanced theatre BMD in 2018, leveraging more than 10 Nations’ contributions by interfacing more than 20 types of assets – including frigates, ground based air defence, satellites, radars – for BMD purposes. It is ready to defend deployed forces or specific theatres and strategic points of interest. ACCS provides an efficient decision process covering the whole chain, including surveillance, alert, engagement monitoring etc. This system is operational and already used to protect a European border.

Our goal is to leverage the ACCS capabilities and footprint, and to introduce new capabilities extending its surveillance, monitoring detection and engagement functions. This evolution of interoperability will be integrated, thanks to an open architecture framework and an increased distributive concept that will require enhanced cyber protection.



What we have been doing so far is using the innate modularity of the existing NATO ACCS to add an additional key functionality developed with Lockheed Martin to create an integrated air and missile defence system (IAMDS). We extended ACCS capabilities and sensors and effectors connections to be able to detect, track and counter ballistic missiles, as well as aircraft.

TRS has brought the best BMD experts from the European and American industry to the NCI Agency. We started the programme with the NCI Agency to develop a theatre BMD capability under the TMD1 project almost 10 years ago. This resulted

Having achieved a theatre defence system, we are now working on the next phase presented by NATO to progressively extend towards a wider territorial defence capability and increase the footprint to

WHAT RESOURCES WILL YOU USE TO ACHIEVE TERRITORIAL BMD? Due to the fast evolution of threats and very short time period over which missile defence engagements can take place, planning and positioning of needed assets and a fast decision process will become more crucial for the development of an effective defence. TRS is using the best skills, competencies and solutions of both our parent companies – Thales and Raytheon – leveraging their extensive knowledge in sensors, C4I and effectors to provide the most efficient solution. TRS also extends its cooperation with Lockheed Martin, through a teaming agreement signed in July 2018 and is willing to widen this cooperation to include other European companies.


Education and training

Located in Oeiras, a western suburb of Portugal’s capital, Lisbon, the flagship NCI Academy will open its doors in September 2019. Christina Mackenzie asks Jean-Paul Massart, the NCI Agency’s Chief of Education and Training, about NATO’s newest training hub 78


We have an important mission. The entire scope of what the NCI Agency does is covered by our training. The Agency acquires about €500 million of new Information Technology each year, on behalf of NATO. Most of it is bespoke solutions, including in the cyber field. But, in order to own a capability, not just a lot of kit, you have to add training to the mix. My mission is to make sure that NATO and national staff can use these C4ISR (command, control, communications, computers, intelligence, surveillance and reconnaissance) capabilities by providing the appropriate training services.


The NCI Academy will provide expert courses on NATO’s advanced IT and cyber systems to over 8,000 students annually

For this reason, the NCI Academy will be a very technical school with all the equipment – communications systems, including satellite links, and radar connections – that our personnel must know how to use, and which we do not have at our locations in the Netherlands or in Belgium. So Oeiras will be our principal school, while The Hague and Mons will remain as satellites.

WHY WAS THE ACADEMY CREATED? The creation of the NCI Academy has its roots in the 2011 NATO decision to close a command centre in Lisbon, leaving Portugal with no NATO presence. A political decision was made to move the existing NATO training school from Latina, Italy, to Oeiras, Portugal. Rather than seeing this just as the challenge of moving a perfectly functioning school from one country to another, we decided to see it as an opportunity to raise the level of our ambitions and find answers for the three main training challenges of the 21st century.

WHAT ARE THE MAIN TRAINING CHALLENGES? The first is that the amount of IT is growing rapidly, leading to an increased demand for training. So, we have a volume problem and cannot build classrooms

fast enough. The second is that people want to be trained where and when it suits them, and yet, for the time being, most courses are five days long and residential in a school. The third challenge is the changing demographics of ‘Generation Z’ (born from the mid 1990s to mid 2000s). Soon they will enter NATO’s workforce and they don’t want to train in the same way as the previous generation. So, we will have to drastically change our approach!

WHAT CHANGES WILL YOU MAKE TO TRAINING? There will be more e-learning, we will have mobile training teams who will be able to go to the students’ places of work, we will introduce virtual reality goggles and micro-learning, which means short training modules lasting five minutes – ‘brain snacks’. Students will be able to follow these on their tablets, smartphones, while on the move, during coffee break. The cybersphere is also a very specific challenge of the 21st century. It will be a very important subject in the Academy because our workforce must be cyber-capable, so we’re soon going to double the number of courses that are related to cyber.



PROGRAMME UPDATE Portuguese Air Force Lieutenant-Colonel Elisabete Vidal is the Deputy Manager for the NCI Academy Programme, which is a temporary organization established to coordinate, direct and oversee the creation of the Academy and the construction of a state-of-theart building in Oeiras, Portugal, to serve as the new Academy flagship training location. This not only entails the provision of a secure and resilient CIS infrastructure and the configuration and activation of all enabling services, but also the transfer of assets, staff, processes and knowledge from Latina, Italy, to Oeiras. On top of that, Lieutenant-Colonel Vidal must oversee the relocation of the CIS Support Unit (CSU) in Lisbon and the integration of the ‘AirC2’ (Air Command and Control) individual training 80

capability from Glons, Belgium. Once that has been done, she must also complete the integration, testing and acceptance of this new capability. “In short, from bricks to business,” she explains. Lieutenant-Colonel Vidal adds that the NCI Academy will also encompass the training capabilities of the NCISS (NATO Communications and Information Systems School), the SHAPE CIS Training Centre in Mons, Belgium, and the Education and Training Service Line elements in The Hague, Netherlands. Progress has been steady and offices for 150 staff, 69 laboratories and classrooms and a 250-seat auditorium are ready for hand-over to the Academy, with the first students to start classes in September 2019.


CYBER CRIME who, what, why, how?

Revenge, intimidation, greed and coercion – in fact, all mankind’s baser traits are played out with almost free rein in the cybersphere. What is going on, who is doing it and why? Simon Michell reports

In 2017, when the WannaCry ransomware spread like wildfire through global IT networks, billions of euros were lost, and thousands of lives were put at risk, particularly in the United Kingdom’s National Health Service. This episode highlights some of the uncomfortable and intractable dangers lurking within

the cybersphere. There is contested evidence that the WannaCry malware was launched by the Bureau 121 cyber cell, using its own ransomware code and borrowing elements of the EternalBlue exploit code developed by the phenomenally dangerous Shadow Brokers. This tale of mystery and intrigue



The cybercriminal’s merely scrapes the surface of the clandestine operations taking place in the cybersphere by a range of lawless individuals and groups, operating from the hidden recesses of the Dark Web.

WHO ARE THEY? Cyber criminals are a mixed bag. Some operate by themselves, others in small teams and many as bit players in multinational organized gangs. They are driven by a raft of ultimately selfish ambitions – theft of precious information, the pursuit of easy money, grooming and the urge to pry on others, as well as an uncontrollable need to show off. Beyond these core criminals lies a multilayered and dense community of state-sponsored actors that is pursuing campaigns in what is deemed to be the ‘national interest’. In a continuation of the dark arts of the Cold War, stealing secret military designs and plans is fair game, as is the destabilization of nation states via fake news, interference in national elections and attacks on critical national infrastructure. Another group – known as ‘hacktivists’ – use the internet to promote social change, Anonymous being the most prominent.


Ukraine represents a clear example of a hybrid war with myriad players – both official and unofficial – that risks running out of control. The NotPetya attack on Ukraine in 2017 combined two pieces of malware – EternalBlue and Mimikatz – to devasting effect, infiltrating computers, gathering passwords and infecting others. Within a short period, the attack spread beyond its intended target to cripple systems around the world.

HOW DO THEY DO IT? The cybercriminal’s weapon of choice – malware – has become a commodity in itself. It is traded on the dark web, as is some of the booty (passwords, email addresses and bank details) harvested by the campaigns to which it is applied. This software code can covertly shepherd computers for botnets (networks of computers secretly co-opted to undertake malicious automated tasks, such as distributed denial of service attacks), steal information and/or hold a computer’s files to ransom. Attachments to phishing emails are key. Clicking on one of them liberates the malware that infects the computer network. Drive-bys and watering holes (websites loaded with malware that infects unsuspecting visitors) are also favourite techniques. Another tool is a simple phone-based confidence trick in which a caller might persuade someone to grant remote access to his/her computer or give away passwords and pin codes. The heartening truth about the vast majority of cybercrime is that it can be countered, and that the effort required to protect oneself is relatively minimal and the tasks quite simple. A failure to update one’s software applications with the regular security downloads that are sent by the suppliers represents a huge opportunity for the cybercriminals as this creates their favoured entry point or back door. Having infiltrated a computer or network, the presence of simplistic or lazy passwords is a godsend to an attacker. Likewise, failure to enable a firewall and/or install antivirus software is also asking for trouble.

Like many other government, commercial and international organizations, NATO is facing various types of cyber attackers with a variety of motivations. As a consequence, the Alliance is forever battling a range of persistent cyber threats. “We usually have several hundred incidents a month that require some sort of human intervention. The motivations can range from stealing Alliance data, making money or simply destroying or degrading our IT systems,” reveals Ian West, the NCI Agency’s Chief of Cyber Security.


Ian West, the NCI Agency’s Chief of Cyber Security, tells Simon Michell about the threat to NATO networks

“For NATO, the cyber threat comes from a range of hacktivists and state-sponsored actors, as well as non-state actors,” West continues. He points out that NATO is not alone in facing this cyber onslaught, and reveals that this is a factor that helps in the effort to counter it. In fact, he sees it as a strength: “It means that by working closely together we can improve our collective cyber defence, and that continues to be a high priority for the Alliance.”

weapon of choice – malware – has become a commodity in itself

The most common targets for NATO are its public websites. “The internetfacing NATO websites are targeted frequently. Quite often, these attacks are performed through distributed denial of service attacks, against which NATO has implemented specific protection measures to mitigate the risk of service disruption. Taking down or defacing an opponent’s internet websites is a highly visible way of impacting our communications with the public and press, so we take this threat very seriously,” concludes West.





“There are two fundamental realities: first, what happens in cyberspace absolutely affects how we fight – no matter where or when the next crisis occurs. And, second, what happens in cyberspace is integral to the collective defence of the Alliance.” These words sum up how important Major General Renner, Deputy Chief of Staff for Cyberspace at NATO’s Supreme Headquarters Allied Powers Europe (SHAPE), considers this new operational domain to be.


The inclusion of cyberattacks in the Washington Treaty article 5 collective response clause, and the declaration of cyberspace as a NATO domain of operations, has wideranging implications for the NCI Agency

Philippe Charton, Head of the NCI Agency’s Cyber Security Operations Branch, reinforces these sentiments: “Cyberspace is a domain of NATO operations, in which we must be as effective as we are in the other fighting domains of air, land and sea. NATO’s main responsibility is to defend its own networks and support Allies in their national cyber defences. That is obviously a daily activity because cyberspace is always ‘on’.” This reality explains why NATO is addressing the cyber threat with such vigour. “With the implementation of the new Cyberspace Operations Centre at SHAPE, the Allies have taken the next steps in strengthening our defences in the cyber domain in support of NATO missions and operations,” explains Charton. The NCI Agency has a 200-strong cyber team to defend NATO’s networks around the clock as the first line of defence. It prevents intrusions, detects, analyses and shares information on malware and prevents data loss, as well as conducting computer forensics, vulnerability assessments and post-incident assessments.

The NCI Agency protects all NATO networks, including those in the new headquarters



This is all part of a growing response to the threat – a so-called cyber shield. The NCI Agency’s Cyber Security Service Line, headed by Ian West, manages the broad spectrum of NATO’s cyber activities on which the shield depends, including policy and strategy development, as well as the delivery of cybersecurity services to its customers and end users. A core element of this cybersecurity strategy is the NATO Computer Incident Response Centre (NCIRC), based in Belgium. This state-of-the-art facility is responsible for the cyber defence of all NATO sites – static, mobile and those deployed on operations. The NCIRC Technical Centre (NCIRC TC) in Mons keeps up with the evolving cybersecurity threat level by constantly training its people and learning from each incident in order to adapt and tune its tools. New ideas and concepts are introduced by rotating military personnel from the Member States.

STREAMLINING EXCHANGES Emmanuel Bouillon, who leads the Cyber Security Incident Management team, is keen to stress the benefits of information sharing and expects the new Cybersecurity Collaboration Hub to have a major impact. “This initiative complements the existing communication channels between the NCIRC Technical Centre and its peers inside the NATO nations,” he says. “By streamlining these exchanges, and adding voice and video links up to the NATO ‘Restricted’ level, the Hub will reinforce the timely sharing of information relevant to the protection of Alliance computer information systems [CIS].” However, the speed of evolution in the cyber threat sees new malware and penetration techniques being introduced at an alarming rate. It is for that reason that NATO calls upon a network of institutions to develop and update necessary skills and deliver relevant training. Chief amongst these, is the NATO CIS School (NCISS) in Latina, Italy, and its successor, the NCI Academy in Oeiras, Portugal, which offer a range of courses to train staff in the dark arts of cybersecurity. The NATO School in Oberammergau, Germany complements this capability with its own syllabus of cyber education and training (E&T). More recently, the Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia, joined the E&T fold


S:186 mm



© 2016 Northrop Grumman Corporation

w w w . n o r t h r o p g r u m m a n . c o m /e u r o p e

S:266 mm

Northrop Grumman’s High-Altitude Long-Endurance unmanned aircraft systems have been the strategic eyes in the skies for the major military and humanitarian missions of the past decade.


in January 2018, when it was given the responsibility for identifying and coordinating cyber defence E&T solutions for all NATO bodies across the Alliance. In the spring of this year, MBCMP, otherwise known as the Maritime Broadcast Cryptographic Modernization Programme, successfully replaced the legacy equipment that NATO naval commands had been using to encode messages between ship and shore. Once all the NATO nations have installed the same hardware and software on their ships, the overall project will be completed and

the communication link that was being upgraded. Adding to the complexity was the fact that the cryptographic units we were replacing were designed in the 1980s.” The NCI Agency team devised an ingenious deployment approach, which allowed a seamless upgrade of the hardware – replacing two separate ancient transmitting and receiving units with a single modern item capable of doing both tasks – while retaining interoperability with the existing infrastructure of those units that continued to run the legacy equipment. An added benefit of the approach, according to Jordan, was its inbuilt futureproofing methodology. “This process also paves the way for software upgrades to take advantage of future technological advances,” he explains. Staying ahead of the cyber curve requires collaborative thinking and partnerships across many sectors, for example: academia, think tanks, civil/defence industry, military training establishments, other government departments, law-enforcement agencies, international organizations Two of the most significant partnerships that NATO has pursued are political and industrial.


› As innovations such as the Internet of Battle Things (IoBT) develop, they will present new threats to the resilience and security of networks (U.S. ARMY RESEARCH LABORATORY)

the ability of a potential adversary to eavesdrop on the signals traffic directing NATO maritime missions will be safeguarded for another few decades.


This project was far from straightforward though, as Frederic Jordan, Head of the NCI Agency’s Cyber Security Capability Development Branch, highlights: “One of the challenges faced by the project was to replace both the hardware and software, in such a way as to minimize any disruption to the operational services relying on

The EU Technical Agreement, signed in February 2016, facilitates technical information sharing between NATO and the EU to improve cyber incident prevention and response in the two multinational organizations and to share best practices. The NATO Industry Cyber Partnership (NICP), launched in 2014, is an information and best-practice sharing community between the NCI Agency and selected members of the cyber industrial sector. NICP continues to grow, with new partners Atos and Indra signing up in October 2018. Much has been achieved to bring cybersecurity to the fore, but much remains to be done. The future will bring more sensors as innovations such as the Internet of Battle Things takes shape and networks broaden and deepen, pushing decision-making to the edge of operations. Greater reliance on autonomy in both hardware and software will only expand the threat landscape.


Barbara Poggiali Managing Director, Cyber Security Division, Leonardo

HOW IMPORTANT WAS THE RECENT NATO NCIRC CSSS (CYBER SECURITY SUPPORT SERVICES) CONTRACT? The award of the NATO Computer Incident Response Capability (NCIRC) Cyber Security Support Services (CSSS) contract, which followed on from the NCIRC contract, is an excellent example of the partnership that Leonardo has forged with the NCI Agency since the start of the NCIRC contract in 2012. It is a follow on from the successful delivery of the 10 Additional Sites project, which Leonardo delivered to budget, capability and schedule in 2017. This new contract continues our partnership with the Agency in the important task of providing cyber capability to NATO, especially as the pace of cyber activities grows throughout the world. This is an important programme for Leonardo, and we look forward to working with the NCI Agency as we sustain cybersecurity solutions across more than 75 sites from all 29 NATO Member States.

HOW DOES SEonSE ENHANCE MARITIME SECURITY AND HELP TRACK ILLEGAL MARITIME ACTIVITY? Leonardo is able to cover all of the domains of the modern world and our Smart Eyes on the Sea

(SEonSE) service is an example of the merging of our maritime and space capabilities to provide real-time maritime surveillance services in support of border and maritime zone security, to enable the detection of illegal activities and support the monitoring of traffic and its legality. SEonSE enables the observation of vessels in any weather conditions, in remote areas by day or night, which supports the challenges faced by NATO members, both in the High North and around the world.

HOW IS LEONARDO HELPING GOVERNMENTS AND THE MILITARY ADAPT TO AN INCREASINGLY CONNECTED WORLD? Leonardo is working on a number of activities and research projects designed to make sense of this connected web and hybrid scenario. We have successfully developed a Cyber Defence Situational Awareness capability with artificial intelligence-based Decision Support Systems (DSS) to visualise and display it. Furthermore, in order to help personnel working in this environment to take charge of, and manage, emergencies, Leonardo is also able to provide complex representations and scenarios in our Cyber Academy and Cyber Range offerings.

HOW DOES LEONARDO HELP SECURE THE INDUSTRY 4.0 CONNECTED FACTORY? In the Industry 4.0 (I4.0) technological paradigm, production and logistics equipment is controlled by IT systems able to take decentralized decisions, communicate and collaborate with human operators. Our cyber situational awareness model leverages I4.0 capabilities to enhance human activities and take actionable decisions. This relieves the need for humans to undertake time-consuming and often dull and repetitive activities.

We enhance our I4.0 portfolio in fields such as energy, manufacturing and supply chains with cyber security capabilities based on Big Data, IoT and analytics. Industrial and Critical National Infrastructure systems are becoming increasingly subjected to cyber attacks, which attempt to steal valuable data and take control of vital systems. Our I4.0 platforms are developed through a secureby-design approach, specifically conceived to avoid and contain these kinds of cyber attacks. This consists of a set of cyber security services throughout the software development lifecycle to model the threat and remove vulnerabilities.

WHAT OTHER ASSURANCE AND RISK SOLUTIONS DOES LEONARDO OFFER? Leonardo offers comprehensive assurance and risk-mitigation capabilities to provide our customers and partners with methods and solutions to understand their issues and solve their problems. Through consulting-led services, such as our Cyber Vulnerability Assessments, we can review an enterprise (or a set of systems) to deliver an understanding of the key areas of risk and vulnerability, whilst recognising the complex interactions between people, processes and technology. The outcome is a set of prioritised and highly targeted recommendations that address the design and build of cybersecurity solutions. As you would expect, we also deliver General Data Protection Regulation (GDPR) and EU Network and Information Systems (NIS) Compliance Directive reviews and compliance services to ensure that our customers are able to comply with these standards.





Since 2010, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) based in Tallinn, Estonia, has been holding the Locked Shields real-time network cyber defence exercise. This highly complex and realistic training event typically simulates a networked system that is under attack from a Red Team, and which is defended by Blue Teams from NATO Member States, as well as one comprised of staff from NATO itself. Locked Shields is the largest and most complex international live-fire cyber defence exercise in the world. The annual real-time network defence exercise is a unique opportunity for national cyber defenders to practice protection of national IT systems and critical infrastructure under the intense pressure of a severe cyber-attack. Altogether, the exercise involves around 4,000 virtualized systems and more than 2,500 attacks. In addition to defending complex IT systems, the Blue Teams must also be effective in reporting incidents, executing strategic decisions and solving forensic, legal and media challenges. For Locked Shields 2019, the NCI Agency invited six Member States – Bulgaria, Croatia, Norway, Romania, Slovenia and Turkey – to send some of their computer emergency response specialists to join the NATO Blue Team, as well as entering their own national Blue

Teams as they have done in previous exercises. Consequently, for the first time ever, national military and civilian personnel from a range of Member States travelled to the NCI Agency office in Mons, Belgium, to participate in the Locked Shields as part of a NATO Alliance Blue Team.


After triumphing at the 2018 Locked Shields cyber exercise, the NCI Agency mentored cyber specialists from the Member States for the 2019 Locked Shields event

ALLIANCE BLUE TEAM The idea behind creating an ‘Alliance’ team was for NATO cyber defence personnel and national cyber defenders to learn from each other and gain experience working together in a crisis situation. A major difference between the NATO Blue Team and the national teams in past exercises has been that, whereas the NATO team was made up of military and civilian personnel from up to 29 countries, the national teams are made up mainly of their own citizens. As a result, the NATO team has years of experience in integrating disparate personnel from across NATO in a short space of time. The aim was to share this experience with national teams, and to learn from each nation’s cyber defence strengths. In fact, the practice in ‘Teaming’, the rapid integration of disparate personnel into an effective, coherent unit that can defeat a planned threat, may be as important a part of Locked Shields as exercising each team’s technical cyber defence skills. After all, most participants work in teams on a daily basis, but forming a new team



› A team member

at the 2019 Locked Shields live-fire cyber competition (NCI AGENCY)

at short notice is an effective way to tackle a monumental crisis, and it requires a set of more nuanced social human interaction skills. Practice in this kind of rapid integration of cyber defence teams “was part of what we tried to achieve this year by teaming beyond NATO itself,” notes Emmanuel Bouillon, head of the NCI Agency’s Cyber Security Incident Management Section. “Hopefully, that’s going to be the long-term benefit of this approach,” he explains.


The 2019 exercise structure was similar to Locked Shields 2018, with each Blue Team defending a network consisting of more than 100 virtual hosts. It is worth noting that six of the 12 training objectives set for the 2018 exercise concerned non-technical aspects, including teamwork, information sharing, situation reporting, crisis communications and time management. These were all scored and contributed to final team totals and the results show that some teams scored well on technical defence, but lost out

› The 2019 Locked Shields winning team from France (NATO CCDCOE)

due to poor communications or other performance aspects. The scope for Blue Teams to learn from each other across the range of capabilities that will be needed in a real crisis-response situation has thus become clearer. The Locked Shields 2018 After Action Report, produced by the CCDCOE, also highlighted how the more successful teams stayed ahead of the game, shaping the conflict with the Red Team, and not being driven into a purely reactive, firefighting mode. By slowing down some of the Red Team’s attacks, rather than aiming to prevent them entirely, some of the Blue Teams were able to control the tempo of the conflict, and, as a result, had more resources available to handle strategic tasks – such as communications, situation reports and media calls – as well as a greater flexibility in responding to new attacks as they came. The victorious Locked Shields 2019 team from France demonstrated a clear understanding of these lessons and utilized them well to deliver an outstanding performance resulting in a thoroughly deserved win.

– Threat Vector Analysis Workshops



Chris Aaron talks to Emmanuel Bouillon, Head of the NCI Agency’s Cyber Security Incident Management Section, about the utility of confidentiality in discussions over cyber security Organizations of all kinds need confidential fora in which they can openly discuss commercial or security sensitive issues with third parties without risking the uncontrolled spread of information and any resultant damage to an organization’s operations or reputation. For the NCI Agency, one such forum is the Threat Vector Analysis (TVA) Workshop programme, which was set up in 2016. Organized through the NATO Industry Cyber Partnership (NICP), these workshops bring together




senior Information Security Officers from commerce and industry alongside NCI Agency and other NATO personnel to exchange best practice in cyber security, including lessons learned from real-life encounters, and the use of standards in exchanging cyber threat information in order to improve understanding and the efficiency of information sharing. Emmanuel Bouillon, Head of the NCI Agency’s Cyber Security Incident Management Section, emphasizes that, while “all the information discussed is NATO Unclassified”, the use of Chatham House rules, which ensure confidentiality, enables participants to share and analyse the details of cyber incidents and defence methods with an openness not possible in a more public environment.

There have been 11 workshops organized since 2016, hosted either by the NCI Agency or an industry partner. Some 26 companies have attended at least one workshop so far, and Bouillon is openly encouraging more people to come. “More participants are welcome. So long as they want a real bilateral exchange with NATO and are open to sharing information and contributing details of their experiences and methods with the group,” THREAT VECTOR ANALYSIS he confirms. He goes on to explain how he intends WORKSHOP TOPICS SINCE 2016 to widen the scope of the discussions, “So far, we » 360-degree Threat Landscape Update have focused on the cyber-related industry side, » Current and emerging threats but I think we want to open the discussions to » Distributed Denial of Service (DDoS) attacks other verticals, such as banking and healthcare.” » Insider threat » Mobility challenges Each session begins with an update on the threat » Security in the modern datacentre vector landscape, as seen by an industry expert » Security Operations Centres and a NATO specialist. Recent incidents are (SOC) best practice discussed, which may involve sharing sensitive » Supply-chain cyber security details of intrusions, hence the need for trust and » Security in the Cloud confidentiality. This is followed by an in-depth » Threat hunting discussion of a particular topic – a specific threat » Threat vectors vector, or a potentially vulnerable technology such as the Cloud, or a cyber defence methodology.


SEARCHING FOR THREATS The most recent TVA workshop examined the use of Threat Hunting approaches to cyber defence – a concept whereby a proactive search for cyber threat activities is undertaken, rather than a continuous screen for intrusions. “It is more generic, less static and signature-based. For instance, we can hunt for new domains that may be NATO lookalikes,” explains Bouillon. “We know some of the TTPs [tactics, techniques and procedures] that threat actors are using and we match these against the creation of user domains. If you know that a domain has been bought using bitcoin, and has NATO in its name – for example, instead of, it might be being used to lure victims to malicious websites.”

The NCI Agency’s aim is to develop effective hunting mechanisms on one site, and then roll out Threat Hunting as a normal service available across NATO. In order to do this effectively, a strategy and methodology needs to be agreed and, therefore, it was extremely useful that the TVA workshop produced a number of recommendations relevant to such a project: »» define what Threat Hunting means for your organization; »» scope it, define objectives, and appoint an accountable person; »» build a process, starting with something simple; »» implement a sound methodology to limit bias; »» focus on objectives and improvement; »» think of behaviours, not technical IOCs (indicators of compromise); »» automate wherever you can. For Bouillon, the TVA workshops enable discussions to take place with peers in industry on how to solve common problems. “They have been very useful in understanding how industry has solved some of the problems that NATO is now facing,” he says. “We have lots of things to learn from industry. For instance, we had a very interesting workshop dedicated to supply-chain security, which is very relevant. Industry is facing supply-chain challenges related to intellectual property and counterfeit challenges that are crucial to their businesses, and for NATO the integrity of the supply chain for security-related equipment is obviously very important.”

“We want to open the discussions to other verticals, such as banking and healthcare”





“As we lose reflective ice and snow due to climate change, more heat-absorbing dark ground and water is exposed. Thus, local warming gets even more extreme,” explains Dr Nancy Fresco, Assistant Professor at the University of Alaska Fairbanks. In fact, thanks to this phenomenon, known as the albedo effect, climate change is taking place almost twice as fast in the Arctic and High North as it is elsewhere. This alteration in Arctic and High North conditions may facilitate increased commercial activity and prosperity in the region (at least for those engaged in those activities), but it also brings catastrophic implications for those living there, as well as the flora and fauna. Not surprisingly, Dr Fresco is worried not just for the environment, but also for the people. “In my opinion, the most pressing challenges are those that most directly affect people’s lives and livelihoods,” she explains. “These tend to be those associated with threshold changes, which alter the status quo, rather than more gradual shifts.” According to Dr Fresco, the biggest threshold shifts are related to seasonal or total loss of


Simon Michell asks Dr Nancy Fresco, of the International Arctic Research Center at the University of Alaska Fairbanks, for her perspective on the cultural, environmental and political pressures facing the High North sea ice, land-fast ice, glaciers, snow and frozen ground (permafrost). The human cost is enormous. A lack of protective coastal ice during the storm season is resulting in devastating coastal erosion, with communities having to relocate as their homes drop into the sea. The reduction in permafrost is also producing other alarming outcomes. For infrastructure that has been built on what was once solid ground, its metamorphosis into a more flexible and dangerously unstable platform has meant that roads are buckling, bridges are breaking and forests are falling over. “The consequent loss of coastal communities and the degradation of safe transit for subsistence activities, as well as for the transportation of people and cargo on snow, rivers and sea ice, is threatening a way of life that has existed for centuries,” warns Dr Fresco.

GEOPOLITICAL IMPLICATIONS Dr Fresco also predicts political problems as a result of climate change: “I see dual political challenges, both of which are exacerbated by the fact that northern regions tend to be sparsely populated, leaving



Climate change has major implications for the environment, politics and culture of the Arctic and the High North

local residents with less political clout and less of a ‘voice’. First, some climate changes, such as the opening of Arctic shipping lanes, are likely to ramp up development pressures that may be associated with environmental, political and culturally thorny implications. Second, climate change places even more pressure on the traditional cultures of the far north, as people who have already faced multiple cultural challenges also have to deal with adapting to rapid ecological and geophysical change, coupled with the aforementioned developmental pressures.” An important consideration, says Dr Fresco, is that, in the face of ongoing change, the traditional concepts for the preservation and conservation of lands and resources may have to alter. “Adaptation is crucial, even as we hope to slow and limit the eventual impacts of climate change via mitigation efforts,” she advises.


Another impact of the reduction in ice lies beyond Dr Fresco’s remit as a biologist, but it cannot be ignored. The increased levels of commercial shipping in the region allied to competing national claims on mineral rights as oil, gas and

precious metals become more easily accessible have already heightened tensions. NATO is adapting to the change and is bolstering its ability to act in the harsh conditions of the High North – the Trident Juncture 2018 exercise is testament to this strategy.

ENVIRONMENTAL CHALLENGES The impact on the environment is likely to have a knock-on effect on the entire globe, as permafrost is one of the planet’s main ways of storing carbon dioxide and methane. As this warms up, it is releasing enormous amounts of these two climate-change gases. Professor Örjan Gustafsson, an environmental scientist at Stockholm University, thinks this is a worry, as it has not been factored

into climate change models yet. An added complication is that when permafrost gets eroded into the sea, it causes acidification – so-called fizzy water – that, according to the professor, has a hugely detrimental effect on plankton and those animals at the smaller end of the food chain. On land, the negative impact on trees and shrubs is leading to an unwelcome increase in wild fires. Dr Fresco is somewhat pessimistic, both for the environment and for the people of the Arctic and High North. If we are not careful, development of the Arctic alongside climate change could be an “economic, environmental, political and cultural disaster,” she warns. She also makes this plea, “I think the key point here is to plan ahead, see the change coming, work collaboratively, and be prepared to adapt, rather than react in haste once it is too late.”

Dr Nancy Fresco is a biologist and forest/ecosystem ecologist at the University of Alaska Fairbanks. The views expressed in this article represent her personal opinion and not that of any organization


STEM graduate opportunities in the High North STEM graduates are in high demand in the High North. Mike Bryant talks to Gisle Hellsten, head of careers at Oslo University, to find out why 99


A degree in Science, Technology, Engineering or Mathematics – STEM – can open up a wide world of career opportunities for graduates looking to make their mark in the defence or commercial sectors. That is certainly the case in the North, as illustrated by the thinking of Norway’s oldest institution for research and further education, the University of Oslo (UiO). According to the UiO’s head of career services, Gisle Hellsten, “There is no doubt that technology graduates are particularly wanted by businesses operating in Scandinavia.” Recent newspaper coverage in Norway points to two areas of particular focus for those making applications for further education – technology and healthcare. Digitisation and IT are very much at the centre of modern society, Hellsten points out, and that is reflected in the student applications for higher education in Norway. Graduates with well-developed IT skills are particularly valued by Norwegian businesses. By way of example, Hellsten points to one of Norway’s biggest economic activities, and one that is of particular significance across much of the High North – the oil and gas industry. Oil and gas is a big focus for many students leaving university in Oslo, and it is very much a technology-driven business. UiO places such emphasis on this area that ‘Energy’ is one of just three strategic priority areas at the university. It focuses on advancing new ways of using energy to reduce global climate change and environmental challenges. “Awareness of issues relating to the environment, sustainability and other value-based issues is so much greater now,” says Hellsten. Not only is the oil and gas industry in the High North becoming ever more technology-driven in terms of the extraction, refining and distribution of fuels, the sector also places a much greater emphasis on its environmental credentials than was the case before. Here, too, technology plays a big part in minimizing pollution. Moreover, Norway as a country is among the world leaders with its efforts to be as green as possible in all areas of life.


Another focus at UiO has been programming, and within that the revolutionary field of artificial intelligence (AI). “This is absolutely a focus here in Norway, and for the University of Oslo,” confirms Hellsten. “Code and computing language skills have become as important

as foreign language proficiency.” This is being reflected not only in higher educational establishments such as UiO, but across the Norwegian education system. Coding is now taught in schools, while other more basic digital skills are taught at an even younger age – for instance, young Norwegian schoolchildren are using iPads in class, rather than pens and paper.


In another STEM field – and in a more mathematical approach to a problem – UiO, through its BigInsight data analytics research centre, is applying statistics to enhancing shipping safety. The risk of major disasters at sea is being reduced by statistical methods, explains Ingrid Glad, professor of statistics and data science in the Department of Mathematics at UiO. The trick is to interpret the large amounts of data collected by a ship’s sensors in order to identify possible warning signs. Glad explains that machine-learning techniques are behind the concept. “Our main approach in BigInsight could be described as model-based AI,” she says. “Combining statistics with AI allows us to do tailored analyses and to better assess uncertainty. We do our data analyses using a range of machine-learning and statistical-learning techniques, sequential testing, methods for dimension reduction, Bayesian modelling and kernel methods, to mention just a few.”

FUTURE OPPORTUNITIES Of the large number of science and technology graduates produced by UiO, about 50% go to work in the private sector and the other half to the public sector. More of those that enter into private-sector careers choose to work within the STEM fields, Hellsten says. Of course, there are other trends that are driving not only where graduates choose to work, but also in the ways that they choose to work. “Education in Norway is now very value-based”, says Hellsten. In other words, students need to know that the education they are receiving is going to help them make a positive difference in the world, whatever the field in which they choose to work after leaving university.

› The oil and gas industry is looking for graduates that can help producers optimise their output whilst minimizing environmental impact (TOP: OLE JØRGEN BRATLAND/ © EQUINOR, BOTTOM: EINAR ASLAKSEN/ © EQUINOR)



Artificial intelligence, 3D printing and quantum computing are revolutionizing the future of industry, but it is students that are pioneering the use of these techniques and potentially disruptive concepts

In November 2018, a student from the Arctic Floating University (UniArctic), on board the Russian research ship, SS Professor Molchanov, made the first connection to a quantum computer from the Arctic using her IBM Q Experience account. By logging onto the Cloud from the vessel, she was able to ask the IBM quantum computer to help with her calculations on the growing number of microplastic particles that are infesting the Arctic waters. Ominously, this task has become so overwhelming that it now requires the help of the world’s most expensive and powerful computer systems. For those wealthy countries that can afford it, quantum computing is gradually coming of age. IBM revealed its first commercial quantum computer network, IBM Q, in January 2019, and in March of the previous year Google unveiled its Bristlecone 72-qubit device, reckoned to be a milestone on the road to quantum supremacy – the point when quantum computers overtake supercomputers. The world is waking up to the potential of these new computers. Governments are hoping that quantum cryptography will usher in a new age of cybersecurity, whilst the military is looking at using quantum gravimeters to detect submarines and quantum radars to expose stealth aircraft. At the moment, however, it is academia and students – such as the UniArctic student on board the SS Professor Molchanov – that are finding useful applications for the quantum computer processing capability. In fact, universities are helping to form the backbone of research in the discipline by working alongside the 102


Although traditional defence companies do have quantum processing capability, they are outnumbered and outgunned by the commercial sector. But they, too, are in search of current useful applications and are using academia to help out. For example, LM is working with the University of Southern California and University College London, and Raytheon is hooked up with the Massachusetts Institute of Technology.

ARTIFICIAL INTELLIGENCE When the immense processing power of quantum computers is allied to the algorithmic neural networks of artificial intelligence (AI), together they will help unleash the unquantifiable amount of hidden value in Big Data, which is growing exponentially every second of the day. Once again, AI is another area in which the academic world is helping to introduce innovation and possible disruption. The University of Alaska Anchorage is experimenting with AI networks to help the US Department of Homeland Security look for ways to develop tools and systems to detect and predict catastrophic developments in the Arctic. Professor Martin Cenek and a small team of undergraduates are creating networks of AI-enabled microchips that can be dropped into the water, to alert the authorities of sudden incidents such as oil spills, or more gradual events, including acidification. Another potential application – vessel traffic monitoring – has massive implications as the waters of the High North become more navigable for longer periods during the summer.

Also, as activity increases in the High North, its sustainable development is becoming an existential challenge, not just for those living in the region, but for the whole world. It is the young who are often the most active in environmental protection and have been since before it became a mainstream preoccupation.


big commercial firms that are pioneering it, including IT giants such as Google, IBM, Intel and Microsoft.

Students on Ice (SOI) has been grappling with the scourge of plastics for years and may well have found an answer. The organization has prototyped a way of making household items and sustainable packaging with gelatine-based biomaterials and local mineral composites – think animal waste and food residue – and using 3D-printed moulds to manufacture the objects. Such is the potential for 3D printing that the Conference Board of Canada published a report in 2018 on whether it might revolutionize construction in the Arctic, create cost savings in building and transportation, and reduce associated carbon emissions.


Another group of students, this time from Southampton University in the United Kingdom has been working on a project that might also have applications in the remote High North region. They designed and built the world’s first ‘printed’ aircraft in 2011 – the SULSA – Southampton University Laser Sintered Aircraft. This unmanned aerial vehicle (UAV) was successfully launched off the Royal Navy’s HMS Mersey in 2015, and in 2019 the university now boasts a family of 3D-printed UAVs (including the Spotter UAV, above) with wingspans ranging from one to three metres. 103


Engaging small and medium-sized enterprises



As part of the run-up to NITEC19, the NCI Agency has once again held its extremely popular Defence Innovation Challenge. Mike Bryant talks to the Agency’s Michael Street to find out why the organization holds the competition and who benefits from it

The NCI Agency liaises with the world in many ways in order to attract the right ideas – and the right people – to NATO and its various supporting bodies. It also works closely with industry in its role of delivering the latest technology and services to the Alliance. In fact, almost half of the NCI Agency’s total spending each year goes on products and systems to support NATO objectives as part of the NATO Security Investment Programme (NSIP), in what is a very structured and transparent process. Of this, three quarters is outsourced to industry. While the International Conference on Military Communications and Information Systems (CIS) provides an annual focal point for the NCI Agency to engage with academia, NITEC allows industry to explore that procurement process and understand how small and medium-sized enterprises can help the NCI Agency and NATO to meet evolving global security challenges.

DEFENCE INNOVATION CHALLENGE The Defence Innovation Challenge provides an opportunity for small and medium-sized enterprises that specialize in innovative technological development to offer their revolutionary product ideas to the NCI Agency and NATO. The winners are judged by subject matter experts in both emerging technologies and the changing international security landscape from three different parts of the Alliance – a division of NATO headquarters devoted to Emerging Security Challenges; the NATO Centre for Maritime Research and Experimentation (CMRE); and the NCI Agency itself. Proposals are judged on their inventiveness; the practicality of the idea, as well as their potential speed of deployment by NATO; and the impact that they will make. The winners receive not only a financial consideration to facilitate the breakthrough of their disruptive technological ideas into the market, but also access to a wide range of NCI Agency assistance that is at least as important.



The winners of the 2018 Defence Innovation Challenge (NCI AGENCY)

The Defence Innovation Challenge is now in its fourth year, having been launched back in 2016. Its genesis lies, explains Michael Street, Head of Innovation and Data Science at the NCI Agency, in the Agency’s increased focus on innovation and the lessons learned from its Cyber and Security Incubator, established in 2015. This technology incubator reached out to innovative companies, academia and research organizations. It was a one-off activity, but demonstrated the value of accessing diverse thinking and pioneering solutions, as well as the need for an innovative mechanism to do so. “We needed a way to reach out to organizations that we don’t normally work with,” Street recalls. Many companies consider themselves too small to work with NATO, or they don’t consciously think of themselves as part of the defence/security industry sector. “The Defence Innovation Challenge provides a channel to that community, with a focus on the key technology areas that could advance NATO’s current technology landscape,” Street adds.


“We needed a way to reach out to organizations that we don’t normally work with”

Each year, 10 winners are selected from three technological categories, including communications and cyber. Winning entries of the Challenge have varied widely in nature, as have their ideas. In 2018, two of the winners presented disruptive technologies in the field of the Internet of Things (IoT) – using IoT in a secure way for military applications. Illustrating the wide range of successful entrants to the Challenge, another past winner was a charitable organization that developed an app for handling people needing to make an emergency escape from a building, in the case of a bomb threat or a direct attack on the premises.

INTERNATIONAL ACCESS Earlier this year, another 10 successful entrants to the Challenge have again been selected by the judging panel and have been invited to NITEC. Their presence at the exhibition will offer them access to a truly international market for their solutions – including national defence organizations, agencies and multinational companies. The 2019 top entrant, a team formed of the US Naval Postgraduate School (NPS) and the Norwegian Defence Research Establishment (FFI), will also receive a €10,000 prize. But, perhaps of greater value, they will gain direct assistance from the NCI Agency in the form of mentoring, plus support from Agency technology and procurement specialists and the opportunity to pilot their solutions into the NATO environment. At NITEC, winners have the opportunity to meet potential customers and establish their credibility with a wide audience. For NATO, it is a great opportunity to gain insight into small and medium-sized enterprises that can offer the Alliance genuinely disruptive technologies.

Connecting and protecting what matters most By focusing on people, partners, applications, devices, and data. We’re proud of our long-standing relationship with NATO.

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.