The Voice of Military Communications and Computing
Special Report: COMSATCOM GUIDE
Convergence Communicator Bruce T. Bennett PEO Communications DISA
Cross-Domain Security O Big-Data Analysis O WIN-T SATCOM Cybersecurity
Volume 17, Issue 5
ARM YOURSELF FOR OPPORTUNITY WITH A CYBERSECURITY DEGREE.
To win the battle in cyberspace, we need more cyber warriors. University of Maryland University College (UMUC) has answered the call, educating the next generation of cyber security specialists in the public and private sectors. Our accessible online degree programs have been recognized for excellence by NSA and DHS. And many of UMUC’s courses address industry-standard certifications, including many on the DoD 8570 list. UMUC is affordable, too, with scholarships for those who qualify, interest-free monthly payment plans and participation in the Yellow Ribbon Program. Because the nation’s battle for cyber security can’t afford to be without you.
© 2013 University of Maryland University College
AT YOUR SERVICE SINCE 1947
University of Maryland University College is the nation’s largest public university.
Learn more • 877-275-UMUC • military.umuc.edu/cuttingedge
military information technology Features
June 2013 Volume 17, Issue 5
Cover / Q&A
Mastering Big Data
Industry is stepping forward with ideas and technology to help the military and intelligence communities managing the big-data challenge. By David Silverberg
Bruce T. Bennett
A listing of some of the key providers in the field of commercial satellite communications services for the military and intelligence communities.
Program Executive Officer for Communications Defense Information Systems Agency
The increased use by the U.S. military and intelligence community of virtualization technologies and cloud computing environments has brought a whole new level of possibilities to cross-domain solutions. By Peter Buxbaum
As the cyber-threat makes the leap into orbit, satellite operators and users are focusing increased attention on the security of their communications systems. By Harrison Donnelly
The second generation of the Army Warfighter Information Network-Tactical, currently under testing, exchanges mission-critical data from headquarters elements to soldiers on the ground. By Amy Walker
Crossing Virtual Domains
Departments 2 Editor’s Perspective 4 program notes 5 People 14 data bytes 26 COTSacopia 27 Resource Center
Cyber-Threats in Space
Key Test for Warfighter Network
Industry Interview David Cavossa
President, Government Solutions Harris CapRock
“One of our ultimate goals in the agency is to converge into a common transport. We shouldn’t care whether the data is going by fiber, electrical, Ethernet, RF or two tin cans and a string.” — Bruce T. Bennett
Military Information Technology Volume 17, Issue 5 • June 2013
The Voice of Military Communications and Computing Editorial Managing Editor Harrison Donnelly firstname.lastname@example.org Online Editorial Manager Laura Davis email@example.com Copy Editors Sean Carmichael firstname.lastname@example.org Laural Hobbes email@example.com Correspondents Adam Baddeley • Peter Buxbaum Cheryl Gerber • Karen E. Thuermer
Art & Design Art Director Jennifer Owers firstname.lastname@example.org Senior Graphic Designer Jittima Saiwongnuan email@example.com Graphic Designers Scott Morris firstname.lastname@example.org Eden Papineau email@example.com Amanda Paquette firstname.lastname@example.org Kailey Waring email@example.com
Advertising Account Executives Cheri Anderson firstname.lastname@example.org
KMI Media Group Publisher Kirk Brown email@example.com Chief Executive Officer Jack Kerrigan firstname.lastname@example.org Chief Financial Officer Constance Kerrigan email@example.com Executive Vice President David Leaf firstname.lastname@example.org Editor-In-Chief Jeff McKaughan email@example.com Controller Gigi Castro firstname.lastname@example.org Trade Show Coordinator Holly Foster email@example.com
A provision of the House Armed Services Committee’s defense authorization bill could add another boost to the ongoing and vital discussion about how to improve the Department of Defense IT acquisition process. In its recent report on the bill, the subcommittee that oversees IT programs noted that, even as the importance of such technology is growing, “the department’s success rate in developing, acquiring and implementing these systems remains mediocre, at best.” While troubled development programs can be found in other areas as well, the failures of programs such as the Expeditionary Combat Support System, Defense Integrated Military Human Resources System (DIMHRS) and Harrison Donnelly the Net-Enabled Command Capability certainly suggest that there are some Editor fundamental issues with the system. When the chairman of the Joint Chiefs of Staff and secretary of defense call a program a “disaster” yielding only “an unpronounceable acronym” at the cost of a half-billion dollars, for example, as occurred with DIMHRS a couple of years ago, you know you have a problem. As has been frequently pointed out but not effectively addressed in the past, the problem is that the acquisition system developed for heavy military hardware is not well suited to the fast-changing IT market, where the commercial rather than the military world calls the tune. “Unfortunately, the committee believes that the department has not done enough to come to terms with this trend, choosing instead to act as though it has the same power to influence computing and electronics markets as it did for most of the 20th century,” the panel contends. The 2012 defense bill contains a provision authorizing implementation of a new acquisition process for IT systems, but according to the subcommittee, there has been little tangible action to date. As a result, the measure calls for a report on progress in implementing an IT-specific acquisition process, as well as how lessons are being learned from recent missteps in order to improve.
Operations, Circulation & Production Operations Administrator Bob Lesser firstname.lastname@example.org Circulation & Marketing Administrator Duane Ebanks email@example.com Circulation Barbara Gill firstname.lastname@example.org Data Specialists Raymer Villanueva email@example.com Summer Walker firstname.lastname@example.org
KMI MedIa Group LeadershIp MaGazInes and WebsItes Border & CBRNE Defense
A Proud Member of
Geospatial Intelligence Forum
Military Advanced Education
Military Information Technology
Military Logistics Forum
Navy Air/Sea PEO Forum
Special Operations Technology
Tactical ISR Technology
U.S. Coast Guard Forum
Border Threat Prevention and CBRNE Response
Subscription Information Military Information Technology
ISSN 1097-1041 is published 11 times a year by KMI Media Group. All Rights Reserved. Reproduction without permission is strictly forbidden. © Copyright 2013. Military Information Technology is free to qualified members of the U.S. military, employees of the U.S. government and non-U.S. foreign service based in the U.S. All others: $65 per year. Foreign: $149 per year.
Ground Combat Technology
Integrated Fixed Towers
June 2012 Volume 1, Issue 1
Michael J. Fisher Chief U.S. Border Patrol U.S. Customs and Border Protection
Leadership Insight: Robert S. Bray Assistant Administrator for Law Enforcement Director of the Federal Air Marshal Service Transportation Security Administration
Wide Area Aerial Surveillance O Hazmat Disaster Response Tactical Communications O P-3 Program
Military Medical Military Training & Veterans Technology Affairs Forum
The Communication Medium for Navy PEOs
KMI Media Group 15800 Crabbs Branch Way, Suite 300 Rockville, MD 20855-2604 USA Telephone: (301) 670-5700 Fax: (301) 670-5701 Web: www.MIT-kmi.com
CARRIER ONBOARD DELIVERY OPTIONS
Carrier Craftsman Rear Adm. Thomas J. Moore
U.S. Navy Program Executive Officer Aircraft Carriers
Presidential Helicopter O Shipboard Self-Defense O Riverine Patrol Craft Precision Guided Munitions O Educational Development Partnership
Remote mission. Proven broadband. Cost-effective solution. In the world of satellite communications, GNOMAD stands apart. Combatproven by the U.S. Army in Northern Iraq and Kuwait, GNOMAD equips forces with reliable broadband communications by extending Wi-Fi and 3G/4G cellular networks into harsh environments. Modular by design, GNOMAD delivers affordable networking beyond line of sight while on the move. To learn more about GNOMAD’s innovative capabilities, visit www.exelisinc.com/gnomad-dom.
Exelis is a registered trademark and “The Power of Ingenuity” is a trademark, both of Exelis Inc. ITT is a trademark of ITT Manufacturing Enterprises, LLC., and is used under license. Copyright © 2013 Exelis Inc. All rights reserved. Photo courtesy of the U.S. Army and Sgt. Ken Scar.
PROGRAM NOTES Security Guides Approved for New Mobile Devices The Defense Information Systems Agency (DISA) has approved Security Technical Implementation Guides (STIG) for Apple iOS 6, BlackBerry and Samsung Knox devices, clearing the way for Department of Defense organizations to use those devices in conjunction with a secure enterprise mobility environment. The release of DISA’s Samsung Knox STIG provisionally allows DoD to use the latest technology as soon as it is available commercially. STIGs for the currently available BlackBerry 10, BlackBerry Playbook, and BlackBerry Device Service were also issued. The STIGs allow use of accepted devices as part of approved mobility pilots with actively defended mobile device management (MDM) systems. The Samsung Knox STIG represents a paradigm shift in DISA’s business processes that dramatically increased the efficiency of bringing new devices into the enterprise. DISA Field Security Operations developed the Samsung Knox STIG ahead of its commercial release, in doing so highlighting how close partnerships between government and industry are delivering the latest enterprise technology to meet department needs. A key component of the secure mobility environment is the MDM system, which provides the essential enforcement of the STIG settings as well as other key security functions. Achieving departmental security objectives requires both the device security, defined in the STIG, as well as
active defense provided through the MDM. DISA will implement the MDM system through a contract award in early summer. The recent device approvals are part of the DISA plan for implementing commercial mobile devices, which seeks to build a multivendor environment supporting a diverse selection of devices and operation systems. DoD currently has more than 600,000 commercial mobile devices in operational and pilot use, including some 470,000 BlackBerrys, 41,000 Apple units and 8,700 Android systems. In other DISA news, the agency has undertaken a pilot program under a cooperative research and development agreement signed with Google earlier this year aimed at exploring innovative ways for DoD users to securely authenticate to commercial cloud service providers. As part of the agreement, DISA developed a proof of concept authentication gateway service (AGS) that allows for secure translation between DoD public key infrastructure common access card (CAC) authentication and Google-provided cloud services using a standards-based protocol. In order to demonstrate the utility of the AGS, DISA’s Office of the Chief Technology Officer launched a pilot of Google Apps for Government (GAfG) that allows users to utilize their CACs for authentication, eliminating the need for the less secure password-based login. Pilot users will evaluate the use of commercial cloud-based services like GAfG in a typical DoD unclassified office environment.
DoD Report Tracks Chinese Cyber-Threat A recently issued Department of Defense report on military and security developments involving China, which covers a wide range of topics, includes an extension discussion of that country’s activities in cyberspace, especially involving offensive action against U.S. government and industry networks. Following are excerpts from the report: Activities Directed Against the Department of Defense. In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military. These intrusions were focused on exfiltrating information. China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs. The information targeted could potentially be used to benefit China’s defense industry, high technology industries, policymaker interest in U.S. leadership thinking on key China issues, and military planners building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis. Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer 4 | MIT 17.5
network attacks. China’s 2010 Defense White Paper notes China’s own concern over foreign cyberwarfare efforts and highlighted the importance of cybersecurity in China’s national defense. Cyberwarfare in China’s Military. Cyberwarfare capabilities could serve Chinese military operations in three key areas. First and foremost, they allow data collection for intelligence and computer network attack purposes. Second, they can be employed to constrain an adversary’s actions or slow response time by targeting networkbased logistics, communications, and commercial activities. Third, they can serve as a force multiplier when coupled with kinetic attacks during times of crisis or conflict. Developing cyber capabilities for warfare is consistent with authoritative PLA military writings. Two military doctrinal writings, “Science of Strategy” and “Science of Campaigns,” identify information warfare (IW) as integral to achieving information superiority and an effective means for countering a stronger foe. Although neither document identifies the specific criteria for employing computer network attack against an adversary, both advocate developing capabilities to compete in this medium. The [two documents] detail the effectiveness of IW and CNO in conflicts and advocate targeting adversary C2 and logistics networks to
affect their ability to operate during the early stages of conflict. As “Science of Strategy” explains, “In the information war, the command and control system is the heart of information collection, control, and application on the battlefield. It is also the nerve center of the entire battlefield.” In parallel with its military preparations, China has increased diplomatic engagement and advocacy in multilateral and international forums where cyber issues are discussed and debated. Beijing’s agenda is frequently in line with Russia’s efforts to promote more international control over cyber activities. China and Russia continue to promote an Information Security Code of Conduct that would have governments exercise sovereign authority over the flow of information and control of content in cyberspace. Both governments also continue to play a disruptive role in multilateral efforts to establish transparency and confidence-building measures in international fora such as the Organization for Security and Cooperation in Europe (OSCE), ASEAN Regional Forum, and the UN Group of Governmental Experts. Although China has not yet agreed with the U.S. position that existing mechanisms, such as international humanitarian law, apply in cyberspace, Beijing’s thinking continues to evolve. www.MIT-kmi.com
Compiled by KMI Media Group staff
Dismounted but Digital To help address the situational awareness and communications challenges facing by small units operating in the field, the Defense Advanced Research Projects Agency (DARPA) recently asked for information about technologies that can help lead to digitization of dismounted squads. By digitization, DARPA means collecting sensor data that would provide much more detailed and actionable realtime information about a squad’s condition, surroundings and adversaries. It is believed that digitization could provide squads of nine to 13 members and their unmanned assets with enhanced tactical awareness and advantage up to a mile away, in both urban and open-air environments. To deliver these capabilities, DARPA is seeking innovative technologies in such areas as sensing technologies for warfighter health and operational status; absolute or relative geolocation
technologies, particularly for GPS-denied areas; non-optical and distributed sensing solutions; communication network solutions; and approaches to tactical information synthesis and delivery.
Maj. Gen. Alan R. Lynn
Army Major General Alan R. Lynn, commanding general, Army Network Enterprise Technology Command, Fort Huachuca, Ariz., has been assigned as vice director, Defense Information Systems Agency.
Compiled by KMI Media Group staff
Brigadier General Paul M. Nakasone, who has been serving as deputy chief of staff, intelligence, for the International Security Assistance Force Joint Command in Afghanistan, has been assigned as director, Army Cyber Operations Integration Center/G-3, Second Army/Army Cyber Command. KPMG has appointed Doug Gates, an eight-year veteran of the firm, to head its global and U.S. aerospace and defense practice.
ViaSat has hired Ken Peterman as general manager of its Government Systems segment. His industry experience includes serving as president and chief executive officer of SpyGlass Group, president of ITT Communications and Force Protection Systems, and vice president and general manager of Rockwell Collins Government System’s Integrated C3 business. Science Applications International Corp. has appointed Lou Von Thaer as president of the company’s
National Security Sector. The NSS, along with SAIC’s current health and engineering businesses, will be part of the solutions company Leidos following the company’s planned separation. In his new role, Von Thaer will lead nearly 13,000 analysts, scientists, engineers, and business professionals providing support for customers across the full spectrum of national security programs, including cybersecurity. Von Thaer previously served as president of General Dynamics Advanced Information Systems.
MIT 17.5 | 5
Cloud computing and virtualization are changing how cross domain solutions control the flow of information between security levels.
By Peter Buxbaum MIT Correspondent
The increased use by the U.S. military and intelligence community of virtualization technologies and cloud computing environments has brought a whole new level of possibilities to cross domain solutions, which regulate the flow of information between different levels of security classification. Traditional cross domain solutions have regulated the flow of information to individual users based on the classification clearance of that user. In general, legacy cross domain solutions allowed data to flow separately from individual security enclaves to a single computer screen either by toggling the screen among multiple computers, or by allowing access to one network at a time on a single computer. That meant that users had access to only one class of information at a time when using email, search, chat, and command and control applications.
6 | MIT 17.5
The ongoing migration to virtualized and cloud environments within military and intelligence agencies, however, is posing two important new questions. One is how to provide cross domain solutions to these newer environments. The second is how cross domain solutions can be delivered in a virtualized fashion. Technologies have already been developed that allow information from different classifications to be viewed together on a single screen. So, for example, top-secret email and search results could be viewed side by side with secret or unclassified email and search results, in a separate window. The step beyond that is to mash those views together to allow users a single inbox or a single set or search results across all classification categories to which the user is entitled. These next-generation capabilities aren’t quite available yet, however. Testing and accreditation of those technologies have yet to be completed, so users will have to wait a little while before gaining access to these new systems. “Major industry players are developing technology to access data that resides in multiple, separate security domains,” said Mitch Parker, a group vice president at Citrix. “Remote desktop architectures Steve Bean provide users with simple, multi-device access to data that never leaves the data email@example.com center. By hosting each virtual desktop in the data center, isolated from other domains, users are given access the information and applications they need with incredible degrees of control.” “Right now there are no solutions approved by the government to provide cross domain solutions across different clouds,” said Steve Bean, a program manager at Lockheed Martin Trusted Security Solutions. “Where we want to Ryan Durante go is to provide cloud services through which a user can call a service to downgrade a piece of data and allow the user to see all data from his security level and down. This will be seamless to the user. He won’t even know the solution is there.” At least at first, the next generation of cross domain solutions will likely find greatest acceptance at lower classification levels, according to Colin Robbins, technical director at Nexor. “As you go to the higher end you won’t see much change in how cross domain solutions are implemented. At the higher levels of classification, there is a reluctance to accept the risks associated with going to cloud solutions.”
Transparent Solutions Military and government agencies are also at work, along with private companies, to develop and accredit cross domain solutions that take advantage of the new computing environments. “We are working to make the solutions more transparent,” said Ryan Durante, chief of cross domain solutions at the Air Force Research Laboratory (AFRL). “Cross domain solutions have traditionally meant to be opaque and hidden from the rest of the world. As a result they are hard to manage and people don’t use them.” www.MIT-kmi.com
MIT 17.5 | 7
“Cross domain end products now need to work in cloud and virtualThe Unified Cross Domain Management Office (UCDMO) was set ized infrastructures. Many of our customers are migrating from old up in 2007 to create efficiencies across the defense and intelligence legacy guards, and consolidating on products that offer one solucommunities in the deployment and use of cross domain solutions. tion for secure chat, email, or any kind of transfer of information, “We are looking to consolidate physical resources,” said Sandi whether OCONUS or CONUS.” Roddy, director of the UCDMO. “Many organizations use point-toCloud-based cross domain solutions are better able to support point solutions. We are encouraging the increased use of enterprise security across multiple classification levels, noted services. That way the burden of maintaining devices Steil. “Organizations that have 20 different cross can be allocated across a smaller set of resources and domain data guards across 20 different locations are broadly distributed across all of the network. This not going to get the performance of a solution that also allows us to make sure that cyber protections are has been designed to support an enterprise architecmore appropriately applied.” ture,” he said. “The fact that the military is consoliA key part of the new generation of cross domain dating data centers means that they need to satisfy solutions is the implementation of a trusted or mulmultiple customers and domains.” tilevel operating system. “That way, we can keep the BAE Systems last year introduced the XTS Guard processes and applications running on the computer 5 multi-enclave cross domain solution for enterprise, at the secret level separate from applications and coalition and tactical use, supporting XML, email resources at the top secret level,” said George Kamis, George Kamis and file transfer capabilities. The new XTS archichief technology officer at Raytheon Trusted Comtecture supports 22 security enclaves in standard puter Solutions. firstname.lastname@example.org hardware and multiple file-type transfer capabilities “We take this core technology, in our case the in a single appliance. Linux server operating system, along with other secuXTS Guard 5 runs on BAE Systems STOP OS, a rity mechanisms, to lock down the system in such a high-security operating system already supporting way that information sharing can be done only by the multiple UCDMO-approved solutions. BAE Systems’ trusted processor. We look at the data, inspect it, and other new solution, SIBA, provides intelligence anaperform file checks and other inspections before allow lysts and consumers with the ability to tag sensitive data to transverse the two different security levels,” data within a file, so that only users with the approKamis added. priate credentials may access it. The military’s push toward a virtual desktop Nexor is taking something of a different approach infrastructure (VMI), in which individual desktops to cross domain solutions, suggesting that setting are stored in the cloud and not on the local comDouglas Steil up secure portals might be the best way to share puter, is an important facilitator to this process. “We expand on that by not only allowing that to occur on email@example.com information across domains. “Cross domain is all about sharing information between two parties,” said a single class level but on multiple class levels,” Kamis Robbins. “Previously email would have been the most explained. “With our trusted thin client product, we dominant way of doing that. We see the next phase can give access to multiple cloud-based VMI environof evolution as the use of portals. Instead of sending ments at multiple sensitivity levels.” emails, many users find it more convenient to put up These approaches are consistent with the UCDinformation on portals that use cloud technology.” MO’s efficiency initiative. “The major reason to go to Besides the advantages of user preference, the use the cloud is to emulate a cleaner and more adaptable of portals can reduce the costs of accrediting cross model, as opposed to using point-to-point solutions,” domain solutions over the long run, according to said Roddy. Robbins. “The up-front costs for portals are greater “Inside of the cloud there may be a cross domain because they are more complex, but once it is done service for the enterprise, and its job is to move Brian Testa the accreditation can be used for multiple portals. email or shared calendaring up and down security As you aggregate those costs over multiple instances, the solution domains,” she continued. “We already have implemented that type becomes cheaper.” of service at Defense Information Systems Agency regional support The use of portals is well accepted for cross domain information centers in Afghanistan. The model and the capability has been there transfers in the United Kingdom and elsewhere in Europe, Robbins for some time, and we are now looking to bring that to a broader noted, but less so in the U.S. community of users that access the cloud for cross domain and other security services.” Virtual Machines Data Center Consolidation AFRL’s engagement in a technical collaboration with Intel and Citrix resulted in SecureView, a government solution that expands The consolidation of data centers and the migration to the cloud on COTS capabilities in Citrix XenClient and vPro processors. renders point solutions obsolete and requires more enterprise“SecureView is virtualized on top of the XenClient hypervisor so oriented cross domain solutions, analysts say. that we use XenClient to virtualize multiple independent machines “Industry is developing cross domain products that allow cloudand provide access to multiple independent networks,” said Brian to-cloud communications and data transfer in a secure fashion,” said Testa, a senior computing engineer at AFRL. “We are also using Douglas Steil, director of cross domain solutions at BAE Systems. 8 | MIT 17.5
virtualization to create small hidden virtual machines to host private network clients so that each virtual machine can talk to other appropriate machines over a single wire.” “By virtualizing the client hardware, multiple operating systems with local storage can run side by side on a desktop or laptop much in the same way they do on data center servers today,” said Parker. “Leveraging the compute power of the client allows for an enhanced experience for the end user with a higher degree of security than ever, even in circumstances without a network connection. Used together, client virtualization and hosted desktop virtualization becomes extremely powerful.” Strict separation of workloads must be at the core of any client virtualization solution that handles sensitive data, Parker noted. “Citrix and Intel have worked closely together so that the XenClient hypervisor takes full advantage of the capabilities of the hardware to isolate and protect workloads,” he explained. “The Xen hypervisor adds a flexible architecture for isolation at the software layer,” Parker continued. “Security-critical tasks like management functions can be separated from untrusted and opaque code. The small code base and the open-source nature of Xen make it ideal for this role, as security-critical source code is open for inspection and verification by third parties. The strength of mechanisms that separate trusted from untrusted code can be evaluated independent of the business interests of any one group of stakeholders.” In addition to the separation at the platform level, XenClient XT takes advantage of a hardened Linux virtual machine instance to control access. “The cross domain solutions community will significantly benefit from the adoption of client virtualization,” said Parker. “Value comes from cost savings through client consolidation, along with flexible management policy and operational efficiency.” An AFRL study estimated that deploying SecureView to 10,000 users over a four-year period would achieve cost savings of $63.5 million compared to a traditional environment with independent security levels and three PCs per user, and $29.9 million compared to a multi-level security solution with one thin-client. SecureView offloads memory management from the CPU to a chip, noted Testa. “This allows us to isolate certain regions of memory so that nothing can get in the way,” he said. “Attackers can’t do a man-in-the-middle attack because the process is completely directed in the hardware, rather than the software, which is harder to fool and more difficult to change.” The virtualization in this case takes place at the client level instead of at the server level. “We have moved virtualization to the edge,” said Testa. “You need data close to the user to get the performance you want. You have the hardware capability to run everything locally but you can also run this on a thin client and access data from the data center.”
Smart Windowing An effort to take virtualized cross domain solutions to the next level is now under way as part of an AFRL Cooperative Research and Development Agreement with BlueSpace Federal. AFRL and BlueSpace will work on integration of BlueSpace’s Multi-Level Secure (MLS) 2.0 capabilities with AFRL secure cross domain programs. “MLS 2.0 is an approach to cross domain applications that transfers only highly constrained XML through a certified data guard to provide a unified user experience across multiple security domains www.MIT-kmi.com
and systems,” said Pat Motola, chief executive officer of BlueSpace. “MLS 2.0 applications can take advantage of trusted workstations to further enhance the user experience.” Working with AFRL’s SecureView, BlueSpace has developed another innovation in cross domain applications called the Smart Windowing User Experience. “With Smart Windowing, the user interacts with labeled windows from different domains on a single display as part of a single cross domain application experience,” said Motola. Smart Windowing builds on SecureView 2.0 MultiView technology that allows application windows from different security domains to be seen simultaneously on the same screen. MLS 2.0 Smart Windowing orchestrates these windows so they are related as part of a single cross domain application experience. “MultiView handles window labeling and data separation,” said Motola. “The user is presented with a unified view of cross domain information. The content now appears in a labeled application window on their display. The user interacts with that window as they would with any other application window.” BlueSpace technology applies mashups, web services and service-oriented architecture concepts to cross domain applications, allowing for labeled items from multiple domains to be captured in a single view such as an email inbox or a set of search results. BlueSpace also has developed specific military applications for use with its cross domain products. GeoSpace is a cross domain command and control application that provides a three-dimensional, geospatial common operating picture of the mission environment across multiple classification levels and coalition partners. Sentinel is a cross domain cyber-situational awareness application that provides a unified view of cyber-status and threats across multiple security levels. “All this is virtualized on top of XenClient, which is the virtualized Xen hypervisor,” said Testa. “Virtualization is what allows us to fuse multiple windows together.” “MLS 2.0 users always work directly with the original content, at the original security level, under control of the original application. There is no copy, filtering or transfer of the content across security domains,” Motola explained. Advantages to this approach include immediate access to the data, no waiting for transfer of data through a guard, and no loss of content due to rejection or filtering by the data guard. “There is no duplication of content,” said Motola. “Content duplication creates classification and leakage issues.” Users may have to wait a bit to try all this, however, since many of these products have yet to receive accreditation from the National Security Agency. Testa said that NSA plans to spend six to nine months studying XenClient, and that U.S. Special Operations Command will be testing SecureView 2.0 and XenClient 3.0 for two or three months beginning this summer. Lockheed Martin’s next-generation cross domain solution is also ready for testing, according to Bean. He expects cloud-based cross domain solutions to be available within the next 12 to 18 months, at which point, he said, “users will be embracing it.” O
For more information, contact MIT Editor Harrison Donnelly at firstname.lastname@example.org or search our online archives for related stories at www.mit-kmi.com.
MIT 17.5 | 9
Mastering Big Data Industry is stepping forward with ideas and technology to help the military and intelligence communities managing the big-data challenge. By David Silverberg, MIT Correspondent
10 | MIT 17.5
Information has always been an essential element of military operations, and today the informational inputs are more extensive and technologically capable than ever before. Drones, sensors, intercepts, satellites and the Internet all provide terabytes, and increasingly petabytes, of digital data. Human beings produce an estimated 2.5 quintillion bytes of data every day, and 90 percent of today’s data was created in the past two years. It has given rise to a whole new language. “Data crush” is the avalanche of information sometimes burying its collectors; “data mining” is reaching into the data to find relevant items; but most of all, “big data” is the term to describe vast amounts of electronically transmitted and stored information. The issues of how to handle this data, sort it, organize it, make sense of it and, most of all, use it, present the U.S. military and intelligence communities with one of their greatest challenges. As the leading military power with the most advanced capabilities, the United States is in the forefront of meeting the big-data challenge. To date, however, most of the work on big data has been done outside the Department of Defense in the CIA and, in particular, the National Security Agency. Necessarily, most of that work and progress is secret. As part of a $200 million, six-agency White House “Big Data Research and Development Initiative” announced last year, the Defense Advanced Research Projects Agency (DARPA) rolled out its XDATA program, which the agency said would develop “computational techniques and software tools for processing and analyzing the vast amount of mission-oriented information for defense activities.” XDATA will develop algorithms to process the vast variety of data, create customizable, interactive tools for handling it and develop large-scale processing for a variety of settings. The software toolkits that XDATA develops will be open-sourced and promote collaboration among all related disciplines and communities. While that work goes on, industry is stepping forward with ideas and technology for managing the big-data challenge.
Data Lake “The first thing is to have an understanding of big data,” said Jason Escavage, a principal on the analytics team supporting clients in defense and intelligence for Booz Allen Hamilton. “There are a lot of different definitions. The way that we collect, store, manage and distribute, it’s the amount of data in the world. A significant amount was created in the last two years and it’s growing exponentially. We’ll max out the traditional storage mediums. But it’s in volume, velocity, variety; that’s where you get the big-data challenges.” While the government has numerous systems to store data, the challenge comes in attempting to combine data systems. That gives rise to the concept of “data fusion,” the name for tying together different data systems. Even so, noted Escavage, “The way technology moves and the way innovation happens, it’s hard to [get a handle on data] in a controlled manner where you can truly leverage lessons learned across all the individual engagements.” Booz Allen’s response has been creation of a concept it calls the “data lake.”
MIT 17.5 | 11
users and warfighters that can harness all the capabilities of that “With the data lake, an organization’s repository of informadata environment, that technology environment for the benefit of tion—including structured and unstructured data—is consolithe department,” Escavage said. dated in a single, large table,” wrote Mark Herman, Booz Allen Hamilton executive vice president, and Michael Delurey, a principal with the firm, in a paper entitled “The Data Lake: Taking Big Structured or Unstructured Data Beyond the Cloud.” The goal is to end the laborious and difficult task of homogOracle has massive computing in its blood. It had its origins in enizing formats so that data can be accessed, which is a major the mid-1970s, when founders Lawrence Ellison, Bob Miner and impediment to leveraging big data’s full capabilities. Ed Oates worked on a CIA project called “The Oracle,” a relational In the data lake, wrote Herman and Delurey, “every inquiry database. No company had committed to commercializing the can make use of the entire body of information stored in the data technology, and Ellison sensed the opportunity. lake—and it is all available at once. Since then, Oracle has become one of the “One metaphor for the data lake might be a world’s premier software companies and has done giant collection grid, like a spreadsheet—one with extensive defense and intelligence-related work. billions of rows and billions of columns available Now it is committed to helping military and intelto hold data,” they continued. That data could be ligence agencies cope with big data. anything, including text, video, photographs and “Oracle is traditionally seen as a structured data various forms of feeds, and the form, origin and company because of its relational database heriorganization of the data make no difference. tage,” observed Peter Doolan, group vice president This is not the same as data mining, the authors of Oracle Public Sector. cautioned. To extend the metaphor, data mining But big data is unstructured—it comes in many means digging for nuggets of information deep forms and formats and doesn’t necessarily fit into Peter Doolan within the earth. To get the relevant information neatly organized data tables. As a result, big data out of the data lake, all one has to do is scoop up the water. This “is contrary to something that we’re very comfortable with,” he means that analysts don’t have to narrow their questions before observed, while adding that Oracle is tackling that through its making inquiries. All they have to do is ask and the connections own research and acquisitions. will appear. Despite its complexity, the approach to big data is fairly Getting at all the data in its myriad forms “is a challenge that straightforward, according to Doolan. There are three questions is not going to go away,” Escavage noted. “The key for success is for tackling big data: How is data acquired, how is it organized, to make a change.” structured and stored, and how can it be analyzed? While there are legacy systems in place, they need new investWhen it comes to data acquisition, Oracle is hard at work on ment to allow for scaling up to the vast amounts of data available, the Oracle NoSQL database. As Doolan explains it; “It couldn’t be but that needs to be done efficiently and effectively at relatively simpler. It’s a big file that you stick anything into: video, audio, low cost. “One of the successful ways to do less with more is to Twitter messages, Facebook posts or weblogs. It’s completely find a way to automate and better prepare analysts with better unstructured data but it gives you the ability to do very fast readinformation so they’re able to draw conclusions,” he noted. and-write access into that database.” The challenge is only going to increase, he maintained. There NoSQL—known to its friends as “not only Structured Query are new sensors and new platforms generating more and more Language”—denotes a type of database management system that data. “How do we continue to expand on things and how does all is more flexible than traditional relational databases, and is parthis information get distilled in that environment?” ticularly useful in dealing with massive quantities of data. The answer, Escavage suggested, lies in a combination of At the same time, Oracle has done a good deal of work on its capable technology and capable people. traditional database to get it to take unstructured data, especially “I think one of the things that’s most important is that techin the vast quantities that arrive today. nology is interesting, but we need to make sure that it’s relevant. When it comes to organizing data, Oracle has created what There’s lots of things that technology can do, but we still need the it calls an engineered system. “Basically, it’s a hardware-software leaders, the users, the humans in the loop to find a way to design, combination of pre-built components built in a factory combined customize and tailor the technology and answer the different with software we’ve developed or acquired. That’s what we call the kinds of problems that are facing the different organizations in ‘big-data appliance,’” said Doolan. the military or in the commercial world,” he said. The appliance is a large, powerful, networked computer with “That’s where the analytics really come into play. We like to massive amounts of storage. To complete the software part of the say that humans do analysis and machines do analytics,” he noted. equation, Oracle has partnered with big-data software developer “The key is that you need the humans and the data scientists to Cloudera. The combination provides a customer the ability to really define the types of problems the machines can then go look purchase the entire infrastructure for a big-data project from a for, monitor and comb through all that information to analyze. single source. “So I think that one of the things that the military and the Oracle is also working on leveraging Hadoop, an open-source government and everyone at large needs to do is to invest in that software framework for big data for parallel computing, developed next generation of data scientists. The technology is now there by the Apache Software Foundation. Existing Oracle customers that is going to allow us to do bigger and better things than we’ve can use the Oracle Big Data Connector, a piece of software that ever been able to. The next phase is developing the generation of allows them to use Hadoop, for big-data applications. 12 | MIT 17.5
When it comes to analysis, Oracle has put a great numerous tools into its products to enable big-data analysis. This includes embedding the “R” open-source language into the Oracle database, giving users a new means of sifting through massive amounts of data. In 2011 it also purchased a company called Endeca, which specialized in unstructured data management. Oracle subsequently created an information discovery tool, called Oracle Endeca, that sits in a browser and can look into all sorts of data, index it and provide answers and patterns, no matter where the data resides or what form it takes. Another tool is Oracle Exalytics, a computer that has a large amount of information with software that is engineered to connect to the Oracle Big Data Appliance and the Oracle database. It provides a very fast means to conduct analysis of large amounts of data. “We’re building products, we’re acquiring products where we need to, and our strategy is around the three areas,” said Dolan.
In the future, as engineers and analysts get a handle on unstructured data, particularly using Hadoop, the fruits of big data will really come into play, in Gottlieb’s view. “I would point to a not-too-distant future where we’re starting to analyze combat operations on a level that is completely unprecedented,” he predicted. “We’ll analyze them, not only for potential forensic analysis to find something that we missed, but also to analyze them so that we can become smarter and smarter about how to improve them.” This is already being done for security events, but “it will be worth doing for any high-stakes operation that is worth improving. It’s exciting to see where that technology is going right now.”
For Rich Campbell, chief technologist for EMC Federal, bigdata analytics in the military represents a unique opportunity for the high-tech industry. “When you look at what big data analytics can bring to the table for the warfighter and those battling terAutomated Analysis rorism, it gives a much more granular and consistent common operational picture. It’s something desperately needed on an “Big data is hard to wrestle with, but you can achieve benongoing basis. The biggest benefit today is actionable intelligence efits if you make the right design tradeoffs and in the way that in real time that can be used and consumed by multiple people in you approach the handling of the data, how you load it, store it, multiple locations,” he said. manage it but also how you query it,” said Joe Got“Use cases involve everything from an operatlieb, vice president for global security solutions at tional commander in the field, who needs to get KEYW, which supports the defense and intelligence immediate intelligence in mission-critical situacommunities and private clients with cybersecurity tions, all the way back to the bigger picture, like solutions. looking at the effect of weather on troops,” CampGottlieb and KEYW have been concentrating bell said. “The uses cases are varied, but they’re on working with time-stamp data, which they have also consistent—at the end of the day, it’s about put into a data warehouse specifically built for that getting people the right information at the right function. Use of the specialized warehouse enables time, based on a series of strategically compiled fast loading of the data as well as fast retrieval. data points. That’s really the objective for big data Compressing the data lowers its volume and speeds Joe Gottlieb analytics in military and intelligence.” up answers to queries. email@example.com Along with VMware, EMC recently launched “What we’ve learned is that when you take a Pivotal, a part of the EMC federation building the infrastructure certain set of use cases and a certain set of applications, and you for cloud, mobility and big-data applications. specialize the technology to handle big data for a set of things, “One of the biggest challenges I see is bandwidth.” Campbell then you can get really great results,” he said. “In the security said. “The more constrained the end-users are, the less access world, this has allowed us to do very rich and automated analysis, they have to real-time information. So one of the challenges that including statistical filtering on extremely rich data sets. Some Pivotal, EMC and VMware are solving is how to give the abilof our customers are bringing in information on the level of 6 ity to do federated analytics with reach-in capability, and make billion events per day.” that more available to our military and intelligence customers. KEYW has had particularly good results with geospatial data, It mitigates bandwidth challenges, and gives a more consistent according to Gottlieb. Advanced technology has allowed the effecoperational picture to forces where they need it. tive analysis of aerial imagery to determine situational awareness “They can reach out and grab all of that intelligence, instead and plan missions. For example, a photo of disturbed earth at a of having to have everything sent to them. They can do the analytsite can be analyzed for its purpose and then missions planned ics Anywhere in the world, and against multiple sources, to get a in response, down to the level of particular features like the bigger federated query that will give them the real-time mission thickness of walls or the placement of doors. This is particularly information they need,” he continued. “The challenges and use relevant in countering improvised explosive devices. cases go hand in hand with guys at the pointy end of the spear and KEYW has also put its analytics in the service of warfightthose in training, who are often disconnected from the big DoD ers, although Gottlieb declined to discuss specific missions and and intel networks.” O situations. The company is also putting its big-data tools into the cybersecurity field. KEYW is now going beyond data collection and retrieval and For more information, contact MIT Editor Harrison Donnelly putting its tools to work to discern patterns and trends, make at firstname.lastname@example.org or search our online archives predictions and extend these techniques to new areas and realms, for related stories at www.mit-kmi.com. like using video and audio information. www.MIT-kmi.com
MIT 17.5 | 13
DATA BYTES Asymmetric Warfare Group Gains Connectivity Intelsat General has been awarded a contract to provide satellite bandwidth and ground-based connectivity in support of activities abroad by the Pentagon’s Asymmetric Warfare Group (AWG). Under the contract, Intelsat General will be a subcontractor to By Light Professional IT Services, a service-disabled veteran-owned small business
that was awarded the prime contract. The AWG contract will use multiple Intelsat teleports, both in the U.S. and other countries, to connect with several Intelsat satellites in order to meet a global coverage requirement. In addition, the contract requires diverse and redundant terrestrial circuits from Intelsat’s gateway to AWG’s networks. The
required bandwidth will augment existing and future MILSATCOM capacity to provide command, control and communications capabilities required by AWG. The contract allows for portability so that if necessary, AWG can shift the coverage to a different part of the world requiring different Intelsat spacecraft and ground infrastructure.
Network Security Collaboration Fights Advanced Threats General Dynamics Fidelis Cybersecurity Solutions has integrated its flagship network security solution, Fidelis XPS, with IBM’s security information and event management product, the IBM QRadar. This product collaboration will help protect customers’ valuable enterprise assets from complex advanced persistent threats by delivering real-time malicious activity reports so customers know what is happening on their networks. Fidelis XPS monitors and analyzes network traffic to help customers detect and block cyber attacks. The next-generation Fidelis XPS leverages IBM QRadar to report events as they happen on the network and provides a clear picture of
Ka-Band Service Expands SATCOM Coverage Astrium Services Government will soon offer UAE-owned Yahsat Military Ka-band service to the U.S. government. This service allows any U.S. government or Department of Defense end-user to utilize Yahsat Military Ka-band capacity that is compatible with the Wideband Global Satellite constellation for greater global coverage and reliability. Astrium was the prime contractor for the construction of the Yahsat satellite fleet. Astrium Services will provide endto-end services using Yahsat Military Ka-band capacity in order to meet DoD requirements on contract vehicles such as the Defense Information System Agency’s Future Commercial Satellite Communications Services Acquisition program. Formerly known as Vizada, Astrium Services Government is the point of contact in North America for Astrium Services’ Skynet solutions.
14 | MIT 17.5
the type of threats attempting to penetrate the network. Once that information is captured, summarized and delivered to an enduser’s dashboard, an analyst can access the Fidelis XPS console using IBM QRadar to gather more information and act on the threat, preventing valuable data from being taken out of the network. Built on General Dynamics Fidelis Cybersecurity Solutions’ patented Deep Session Inspection platform, Fidelis XPS is a network security appliance that delivers network visibility, analysis and control over all ports and all channels in real time, to defend against advanced threats and prevent the possibility of a data breach on multi-gigabit-speed networks.
Fiber Optic Network Speeds High Performance Computing The Defense Research and Engineering Network (DREN) III contract sponsored by the Department of Defense High Performance Computing Modernization Program (HPCMP) has been awarded to CenturyLink. The HPCMP aims to solve complicated and time-consuming problems with massively-parallel computing and very high-speed networking. The contract was awarded to CenturyLink by the Defense Information Systems Agency’s Defense Information Technology Contracting Organization. The 10-year indefinite delivery, indefinite quantity contract has a minimum award value of $250,000 and a ceiling of $750 million.
CenturyLink will provide a high-speed, fiber-optic network that connects the department’s supercomputers and researchers at speeds ranging from 50 megabits to 100 gigabits per second. The company will supply Ethernet, Internet Protocol and optical wave services through a Virtual Private Local Area Network Service that will link defense scientists and engineers at leading research institutions, laboratories and test facilities at more than 150 DoD locations nationwide. DREN enables researchers to design solutions to complex problems and develop new technologies critical to the defense industrial base and national security. www.MIT-kmi.com
Compiled by KMI Media Group staff
Vehicle-Mounted Stations Support Army ISR System The Army has awarded a contract to General Dynamics C4 Systems for 10 vehicle-mounted Tactical Ground Station (TGS) Lot D systems with an option for 11 additional systems. The TGS system is part of the Distributed Common Ground System-Army (DCGS-A), the Army’s primary deployed system for posting, processing and distributing ISR information in real time to intelligence analysts and commanders. The order is valued at $31.5 million with all options exercised. The first of the new TGS systems is scheduled for delivery during the third quarter of 2013. DCGS-A provides Army analysts with access to more than 600 data sources and allows rapid collaboration through shared data access. The General Dynamics-built TGS-Lot D systems allow analysts to comb through millions of classified and unclassified records within minutes, providing commanders with status updates on persons of interest and imminent threats such as improvised explosive devices. The system is interoperable with other U.S. military, NATO and coalition ground systems, connecting intelligence analysts with information from national agencies, combatant commands, military intelligence brigades and tactical Army units. TGS systems have been widely deployed to forward operating bases worldwide.
Handheld Combines Durability, Smartphone Ease
Second MUOS Satellite Readied for Launch
The Trimble Juno T41 rugged handheld computer is a powerful, connected and compact solution for the entire mobile workforce. The Juno T41 handheld offers the convenience and ease of use of a smartphone with durability and long-term support that smartphones do not offer. Its slim, ergonomic design is easy to grasp and enables all-day use. The handheld unit has voice, SMS text and 3.75G cellular data transfer capabilities on GSM cellular networks worldwide. Users can upload and download data from the cloud using Wi-Fi or WWAN connections, and the 8 megapixel camera can automatically include time and location data from the GPS receiver. The Juno T41 is a rugged, allin-one device that reduces total cost of ownership compared to durable or consumer-grade smartphones. Mobile workforce solutions based on a single device can be more efficient than requiring workers to repeatedly handle both a rugged handheld computer and a cellular phone.
DISA Purchases Secure Voice Encryption Device The Defense Information Systems Agency (DISA) has signed an agreement with EADS North America to purchase three units of its Ectocryp Black high-capacity secure voice encryption device. The device, which recently was approved for operation by the National Security Agency and evaluated by the Joint Interoperability Test Command, helps DISA meet requirements for nextgeneration secure voice services, including communications that are more agile. Compared to other Secure Communications Interoperability Protocol devices, Ecotcryp Black’s combination of high capacity, relatively small size and programmability enables options for secure voice communications that previously were not possible. DISA will deploy the encryption units in two of its Defense Enterprise Computing Centers. EADS North America delivered the units, and supported installation and integration in one of the centers. With four T1 interfaces that allow for 92 simultaneous individual calls per unit and the ability to store hundreds of cipher keys, Ectocryp Black provides interoperability between classified and unclassified networks to a greater degree than any existing system of its size, as well as potential key management efficiencies.
The Navy and Lockheed Martin have delivered the second Mobile User Objective System (MUOS) spacecraft to Cape Canaveral Air Force Station, Fla., where it will be prepared for a July liftoff aboard a United Launch Alliance Atlas V rocket. MUOS-2 was safely transported from Lockheed Martin’s Sunnyvale, Calif., facility to nearby Moffett Federal Airfield. The 60th Air Mobility Wing of Travis Air Force Base, Calif., then loaded the satellite aboard a C-5 aircraft and successfully shipped the spacecraft to Cape Canaveral. MUOS-1 has been providing voice communications since it started operating in 2012. After MUOS-2 is operational and the ground stations and terminals have been certified, the full suite of MUOS features will be available to users in the field as new terminals are deployed.
MIT 17.5 | 15
Building a Common Infrastructure of Transport Bruce T. Bennett Program Executive Officer for Communications DISA Bruce T. Bennett is the program executive officer, communications, for the Defense Information Systems Agency [DISA], where he is responsible for the design, evolution, acquisition, implementation and fielding of all the communications within the agency, including terrestrial, aerial, space and wireless. Previously, he served as director, Program Executive Office for Satellite Communications, Teleport and Services. Born and raised in southern New Jersey, Bennett has a bachelor’s degree in engineering from the McCormick School of Engineering at Northwestern University and numerous advanced certificates from George Washington and Texas A&M. He is also a Level III acquisition professional in program management and systems planning, research, development and engineering. He graduated from the Army Engineering Intern Training Center in 1982. Bennett was interviewed by MIT Editor Harrison Donnelly. Q: How would you define your overall mission as program executive officer for communications? A: My job entails overseeing the design, evolution, acquisition, implementation and fielding of all the communications within DISA, including terrestrial, aerial, space and wireless. If it’s communications, transport or protocols, it falls within the scope of my responsibilities. All these areas are interrelated. One of our ultimate goals in the agency is to converge into a common transport. We shouldn’t care whether the data is going by fiber, electrical, Ethernet, RF or two tin cans and a string. If it meets the user’s downrange need, and his QoS requirements, that should be good enough. We need to integrate it, because we fight a three-dimensional war. So we ought to be able to support the three-dimensional mission in terrestrial, aerial, space and wireless. Q: What are your key strategic priorities for 2013? A: I have quite a few; the biggest one is what we just talked about—the need to converge into a common infrastructure of terrestrial, aerial, space and wireless transport, perhaps not into a single transport, but a series of interrelated transports all working on the same fundamental principles, so that we can aggregate bandwidth, get economies of scale, grow and be as flexible as our warfighters need us to be. Another thing I’m trying to do is to establish a firm foundation for the Joint Information Environment [JIE], which is how we’re trying to converge a multitude of COCOM, service, agency and department networks into a common infrastructure for everyone, to eliminate duplication and redundancies, improve overall reliability, and more importantly, to significantly reduce total overall operational costs, while making 16 | MIT 17.5
sure we continue to meet all mission requirements. DISA is trying to finish the final roadblock for efficient commercial satellite contracting and leasing, and to increase resiliency across terrestrial, space, aerial and wireless. Q: How do you see DISA SATCOM and related programs changing as a result of budget restrictions and the drawdown of forces from Afghanistan? A: I don’t see them changing significantly. The future looks really bright. Users’ and warfighters’ needs continue to increase. Our growth of information is tracking along with Moore’s Law, which means it doubles about every 12-18 months. Yet our budget is decreasing, so how are we going to get around that? Fortunately, we have several ‘white knights’ coming to the rescue. In space, we still have additional Wideband Global SATCOM [WGS], Advanced Extremely High Frequency [AEHF] and Mobile User Objective System [MUOS] satellites to be launched, which will significantly increase our MILSATCOM bandwidth capabilities, and our commercial satellite vendors are placing significantly more bandwidth in space. They are putting up their next generations that are in build and about to be launched. They have commercial Ka-band on them, which offers a tenfold bandwidth increase over transitional Ku-band. They’re also putting up new and better Kuband satellites, which are much more efficient than in the past. www.MIT-kmi.com
In the space area, we’re looking at new technologies and spacecraft that will allow us to get more bandwidth, or utilize the bandwidth we have more efficiently, so that we can meet the growth requirements and still comply with reduced costs. Right now, we’re in the best of both worlds. There is also a lot of pressure on the commercial industry to be more efficient in how they modulate, handle protocols and transmit information across transport networks. We’re seeing some new, inexpensive technologies that we can adapt to our needs, that will make it more efficient, so that we can get more virtual bandwidth from our existing dollars. Of course, we’re trying to converge everything so that we can eliminate duplication and redundancy. We want to reduce costs for the department, so that excess reduced costs can be put into bandwidth requirements. Even with the declining budgets that we may see in the foreseeable future, we’ll be able to continue to provide more bandwidth to meet the warfighter’s needs.
The Mobile User Objective System (MUOS) located at Naval Computer and Telecommunications Area Master Station Pacific, Wahiawa, Hawaii. is a next-generation narrowband tactical satellite communications system intended to significantly improve ground communications for U.S. forces. [Photo courtesy of U.S. Navy/Mass Communication Specialist 2nd Class John W. Ciccarelli Jr.]
Q: How can SATCOM programs respond effectively to the bandwidth challenges created by the growth of full motion video and other intensive data sources? A: I just mentioned some of the things, such as more efficient protocols and modulations. Some of the newer satellites that are coming on line are going to help. We need to do a better job of considering spectrum restrictions and SATCOM capabilities early in the design cycle when adding new sensors and new applications. As an organization designs a new capability, they need to ensure the commercial and military satellites available can accommodate collection and transport of the information without conflict or capacity issues. We have to figure out ways to be more efficient in how we collect data, parse that data, get it reduced into mission sets and get it disseminated to the warfighter. There is only so much RF in the world—you just can’t keep going bigger and bigger. For the future, what’s coming out with the new commercial satellites and some of the additional MILSATCOM birds, we should be good. But there could be another ‘killer’ technology that comes along that will outstrip our satellite bandwidth capabilities. So we’re always trying to assess that and make sure that we can provide feedback to help develop systems that integrate into the infrastructure we have. Q: What is your current assessment of the Future COMSATCOM Services Acquisition [FCSA] program, and how do you see it evolving in the future? A: FCSA has been a tremendous success. It was designed to eliminate some of the constraints that we had put up between us and the commercial satellite vendors and integrators. So we took out the problem that you had 10 different ways to sell bandwidth and capabilities to the government. We unified it into one and opened it up so that anyone www.MIT-kmi.com
who wanted a fair opportunity could have one. We’ve done all we could in that area. For FCSA to grow, and for us to continue to meet warfighter needs, we have to work on the other side of the issue, which is the laws and policies that restrict how we can lease commercial bandwidth. You may have seen the news reports about the DoD Chief Information Office looking at the recommendations on commercial SATCOM that came out of the Defense Business Board. If we can solve that problem, we can eliminate the last major hurdle to the efficient and economically smart way to lease commercial satellite services. Once we get those done, I can guarantee that those changes will be rolled into the FCSA, so that you still have only one way to buy for all of DoD and the government. Q: What role do you see the programs under your office playing in implementation of DISA’s mobility strategy? A: Mobility is the game changer for how DoD is going to transport, access and protect all its authoritative data. We are enabling secured and assured connectionless services for the warfighter. Mobility is the ‘killer appliance’ for all of our efforts to develop a Unified Capabilities communications strategy. Mobility will prove that I can work as effectively from a tablet or smartphone as I work from my desktop. Today, we are chained to our computers, which are in turn chained to the wired lines. We’re trying to make it such that it doesn’t matter whether you are using 4G, Wi-Fi or Ethernet—if you need access to data, you are able to obtain the data, and do so in a timely manner. We’re trying to make all this happen. It’s a tremendous culture shift, and we’re trying to do it as quickly and seamlessly as possible. You’ve seen some of the successes we’ve had, and there are still many more to come. A lot of the things we’re doing, there is no map for how to get there. We had to develop a process to deal with many areas, policy, culture and technology changes to make this happen. But every day, we’re getting more and more believers, and more people are coming to the DoD Mobility solution. MIT 17.5 | 17
Q: How are things going with the Joint IP Modem [JIPM] program, and what benefits do you see it providing? A: The JIPM will enter worldwide deployment this summer, when it will be available for everyone. What it does is to implement all the latest commercial standards for bandwidth efficiency and utilization. It’s one of the key tools we will need to achieve the efficiencies that are required as budgets decrease and needs continue to grow. JIPM users will see at least 50 percent improvement in their bandwidth efficiency, plus a higher level of situational awareness. Secondly, these are based on commercial standards, and are built on a commercial model. So they’re inexpensive—you or I could afford one. It’s done that way so that as we evolve, there is not a big DoD sunk cost as we evolve. One of the problems we’ve had in the past is that these modem programs cost a couple of hundred thousand dollars each, and you have them in 400 locations. So how do you come up with the money to replace that? We’re trying to eliminate some of the problems to allow us to keep up with technology. Q: What are you doing to increase resiliency in the ground infrastructures at satellite gateways? A: We’ve been partnered since day one with the Air Force SMC Resilient Bases for Space studies. Some of the things that we’re doing that don’t require any new funding are to integrate all the Standardized Tactical Entry Point [STEP] sites and Teleports across their optical
network into a partial mesh, which means that I can talk to any of the sites as fast as light travels. We’re also upgrading the convergence routers in each of the STEPs and Teleports, to allow increased functionality, redundancy and reliability because we have this optical mesh. So I should be able to move a mission from one site to another as fast as I can type a change to a router’s configuration line. We’re adding both virtual and physical diversity to the optical front end of the Teleports, and beginning to integrate some commercial teleports into our utilization plans under the same model. There are some times when I just don’t have the capability where I need it, so I also need to be able to partner with some of my commercial brethren to make sure that I can provide the information downstream. Q: Where is DISA headed with Teleport integration, and what do you see as the benefits and challenges of that approach? A: Teleport is our flagship capability for pushing information to the furthest reaches of the warfighter. Teleport can communicate to any satellite that is in orbit today. Some of the other sites have limitations—a STEP site, for example, primarily can talk only MILSATCOM, and not with the commercial side. There are a few others out there that can only talk to certain satellites. Teleports can talk to all satellites—all types, vendors, bands and protocols. Teleport was designed so that each theater has access to two of these, so that any information can get to wherever it needs to be. Unfortunately, I don’t know what the warfighter’s next need will be, so Teleports need to be a flexible
E ! TL E TI JUN TH 12 IN R G U N O MI CO
The Navy’s shift to the Pacific inspires our twelfth title and website...
OUR INAUGURAL ISSUE
will support the Navy with the latest program developments in air and sea for Congress, the executive branch, other services and industry.
Contact Nikki James at email@example.com or 301-670-5700 to participate in the inaugural issue!
18 | MIT 17.5
as possible. Also, it is our primary connectionless broadband capability. Satellite doesn’t need any wires hooked up to it, which is really important when you think about the last time you saw a carrier pull out of Norfolk, Va., with fiber out its fantail, an Ethernet cable hooked to an F-18, or telephone wires out of a tank. Also, when was the last time you saw any commercial infrastructure work in a war zone? And a lot of places in the world have no commercial capabilities. For AFRICOM, if you’re not in the capital city of a major country, you don’t have any true broadband capabilities. So Teleport is required because we have to get information to the warfighters no matter where they are in the world. Today they’re in Afghanistan, but tomorrow they could be in Patagonia. So Teleport is our flagship capability, and we’re using it as a model to help STEP and other types of gateways to grow and evolve. Q: Looking to the future, what do you see as some of the most promising new technologies coming down the road in your field? A: One that you might be familiar with is widgets and applications that are written in script for mobile devices. If you look at when the first iPhone was released in 2008, it came with 11 applications. Today, there are more than 8 million applications available. Those kinds of things can be very beneficial for where we need to be, as long as we protect the information and the integrity of the authoritative source. Our transition into 100-gigabit terrestrial transport is a major growth, which will allow us on the terrestrial side to keep up with the
growing demands of the department. The satellite initiatives include DVB-S2/RCS2, which is a commercial protocol that is extremely efficient for IP data to deployed people. It’s an offshoot of what is used for DirectTV or Dish TV. In addition, the JIE has an opportunity to significantly reduce costs and increase performance across all of our terrestrial networks. Another thing is to collapse the PE and OTN layers of the network. PE is the first routing layer, and OTN is the last optical layer. We’re trying to converge the PE and OTN layers so that we get much better efficiency and reliability, and have one box do what two boxes did in the past. Q: Is there anything else you would like to add? A: One of the things I want to emphasize is that there is no new military SATCOM satellite constellation on order. What we have are Defense Satellite Communication System, WGS, MUOS and AEHF. We’re going to be launching more of those, but we have no new constellations. My job is no longer in design, but in integration and evolution. What DISA has to figure out is how we can use the existing infrastructure better, more efficiently, more economically and with more diversity for fewer dollars. We’re trying to do the opposite of what most people do. Usually, if you want more, you pay more. In this case, I have to give you more and pay less. It’s going to be a challenge. Our commercial brethren have some new technologies coming to bear to help us, but it’s a fight that has just begun and will take a while to succeed. O
MIT 17.5 | 19
(Editor’s Note: Following is a listing of some of the key providers in the field of commercial satellite communications services for the military and intelligence communities.) ADCI of Delaware www.adcit.com ADCI of Delaware LLC (ADCI) is a provider of mobile satellite airtime, products and services to the Department of Defense, Department of Homeland Security, and numerous other public service entities. ADCI’s customers are organizations whose success depends on reliable, secure, mobile satellite communications and remote office functionality worldwide.
AIS Engineering www.aisengineering.com AIS is a woman-owned small business that provides communications, operations, maintenance and support to federal and commercial clients along with research, design, integration and implementation of satellite communications networks. AIS has implemented fully managed, turnkey global communication services, supplying logistics, engineering, network design, staffing, training and integration services for many corporations and government entities since 1994.
ARTEL www.artelinc.com ARTEL is an end-to-end managed network and IT services provider, with core capabilities in satellite and terrestrial communications, network operations center services, solutions integration and information assurance. We understand what it takes to customize and deliver secure, affordable and reliable products, services and integrated solutions to meet our customers’ mission-critical needs.
Fujitsu Network Communications www.fujitsu.com/us/services/telecom Fujitsu Network Communications is a North American designer and manufacturer of fiber-optic transmission and IP broadband platforms and provider
of IT and carrier-class telecommunications solutions. Through innovations and research from Fujitsu Labs, Fujitsu provides fully integrated IT/telecom solutions to deliver traditional and next-generation services over a broad range of metropolitan transport networks, as well as regional, long-haul applications.
Harris www.harris.com Harris is an international communications and information technology company serving government and commercial markets in more than 125 countries. Headquartered in Melbourne, Fla., the company has approximately $5.5 billion of annual revenue and about 15,000 employees, including 6,000 engineers and scientists. Harris is dedicated to developing best-inclass assured communications products, systems and services.
Harris CapRock www.harriscaprock.com Harris CapRock Communications is a global provider of managed satellite and terrestrial communications solutions, specifically for remote and harsh environments including the maritime, energy and government markets. It owns and operates a robust global infrastructure that includes teleports on six continents, five 24/7 customer support centers, local presence in 23 countries and more than 275 global field service personnel.
Inmarsat Government www.inmarsatgov.com Inmarsat Government provides secure, reliable and affordable missioncritical telecommunications to U.S. military and civilian organizations. Equipped with the industry’s leading terrestrial and satellite infrastructure and partners, it delivers custom, end-to-end commercial satellite communication networks solutions that can sustain connectivity anytime, anywhere.
20 | MIT 17.5 | 2013 COMSATCOM Guide
Intelsat General www.intelsatgeneral.com Intelsat General provides satellite communications solutions to military, commercial and government customers over Intelsat’s fleet of more than 50 satellites and a global terrestrial network of teleports and fiber infrastructure. From remote military outposts, disaster recovery sites and U.S. embassies to health and homeland security agencies, Intelsat General’s solutions support even the most complex operations.
Kratos Defense & Security Solutions www.kratosdefense.com
Kratos Defense & Security Solutions is a specialized technology business providing mission critical products, services and solutions for national security. Kratos’ core capabilities are sophisticated engineering, manufacturing and system integration offerings in areas of expertise including C5ISR, satellite communication systems, electronic warfare, unmanned systems, missile defense, cyber-warfare, cybersecurity, information assurance, and critical infrastructure security. Together with its subsidiaries, Kratos provides integrated solutions for end-to-end assurance of satellites, signals and networks, including satellite command and control, signal processing, remote network monitoring and control, data communications and RF interference mitigation.
Kratos Networks www.kratosnetworks.com Kratos Networks helps organizations assure the availability, reliability and security of communications across satellite and terrestrial networks. Flagship products include NeuralStar for real-time situational
awareness of satellite, IT and security systems; and Compass for monitoring and control of devices. NeuralStar is used by DISA as the primary software component to administer DoD’s enterprise network as part of its Integrated Network Management System and by customers that include the Army, Department of State and others. With over 3,000 installations, Compass is used by broadcasters, satellite operators and the military to ensure equipment uptime.
Kratos SecureInfo www.secureinfo.com The Kratos SecureInfo team provides end-to-end cybersecurity services across satellite and terrestrial operations for a wide variety of military, civilian, critical infrastructure and commercial customers. With over 20 years of experience and thousands of engagements completed, Kratos SecureInfo has special expertise in areas including SATCOM, cloud security, risk mitigation and continuous monitoring. SecureInfo is an independent agent of the certifying authority for IT and space systems for the Air Force and an accredited third party assessment organization under the Federal Risk and Authorization Management Program performing security assessments of cloud service providers for the federal government.
O3b Networks Limited www.o3bnetworks.com O3b is transforming communications by deploying an innovative Medium Earth Orbit satellite constellation, with fiber speed and satellite reach. Governments, fixed/ mobile operators, ISPs and enterprises will have flexible low latency, high capacity connections where and when they need them. O3b provides a low-cost, high-speed alternative for remote areas and emerging markets that have been unconnected or underserved. www.MIT-kmi.com
RT Logic www.rtlogic.com Real Time Logic, a Kratos company, is a leading signal processing systems supplier for space-ground communication and ground network applications. The RT Logic ioPLEX Access Gateway (formerly Avtec) is engineered to deliver time-sensitive, mission-critical circuits, via modern IP or ATM networks, leveraging the latest core technologies without impacting end-users reliant on legacy interfaces. Through the use of a segregated dual star topology where data and control are kept completely separate, an embedded operating system with logical and hardware centric redundancy features,
hot-swap components, and extensive use of low-power technology, ioPLEX supports high availability and greater mission assurance.
SAT Corp. www.sat.com For more than 25 years SAT, a Kratos company, has led in providing products and services for identifying and reacting to RF interference events that disrupt the availability and quality of satellite communications. SAT’s products include Monics, the industry’s leading carrier monitoring solution; satID, the most used system for quickly and accurately gelolocating interference sources; and Sigmon, for portable
monitoring and geolocation. In addition, SAT is the only global service provider of managed SATCOM NetOps services. SAT solutions are used by 80 percent of the world’s largest satellite operators in over 57 countries to help mitigate costly RF interference events.
SES Government Solutions www.ses-gs.com With a fleet of more than 50 satellites offering comprehensive global coverage and 99.999 percent availability, SES Government Solutions is an industry leader in supporting U.S. government SATCOM missions. As an FCSA SATCOM
Solutions provider, SES-GS offers transponded capacity, subscription services and custom SATCOM solutions (CS2).
UltiSat www.ultisat.com UltiSat’s managed satellite communications network provides end-to-end service from design and deployment to 24/7 operations and maintenance of systems in the field. Provided with a complete range of voice, video, data, and Internet service and solutions, UltiSat’s customers include both U.S. and foreign governments, the military, multinational enterprises, the United Nations, NGOs and telecommunications companies.
COMSATCOM Acquisition Process DITCO CONTRACTING
Customer & COMSATCOM Center
DITCO Contracting & Vendors
Customer Tech & Comsatcom Center
Customer PM & Resource Manager
4 Phases of Acquisition
Requirements Development: • • •
• • •
Gather data/information Determine scope Refine requirement [PWS/ SOW, CSSR, Market Research Report, Acquisition Plan (if required), QASP, Evaluation Plan, CLIN structure, and J&A (as required)] Develop cost estimate (IGCE) Obtain SDB Submit SAR/GAR
Technical Evaluation & DAA Approval
Requirements Completion & Funding Validation: • • • •
Receive funding via MIPR Send package to DITCO Assign tracking number Prepare additional paperwork as required
Contract Development & Proposal Evluation:
• • • •
DITCO coordinates review/ approval of ACQ plan & other documents DITCO develops RFQ and sends to vendors (RFQ on e-Buy for 30 days) Vendors submit quotes Conduct TEB/IA evaluation Customer provides Informed Consent Memo
• • • •
Validate funding Make award selection Obtain DAA approval Issue order Receive TP; set up service
(Approx 78 days. *Complexity of requirements could increase the duration.) www.MIT-kmi.com
2013 COMSATCOM Guide | MIT 17.5 | 21
Cyber-Threats in Space
SATCOM providers and users step up efforts to strengthen cybersecurity against increased potential risks.
By Harrison Donnelly MIT Editor
tion program are featurAs the cyber-threat makes the leap into ing enhanced information orbit, satellite operators and users are focusassurance requirements. ing increased attention on the security of A number of factors have their communications systems. come together to heighten Once effectively isolated, and so prothe importance of SATCOM tected, from outside intrusions, SATCOM cybersecurity, noted Stuart networks today have largely completed the Daughtridge, vice president transition from circuit- to Internet Protocolof advanced technology at based technology, as integral parts of broader Kratos Defense & Security networks operated by the Department of Solutions. Defense and industry. With that shift have “Obviously, the threat come not only improvements in efficiency has changed—cyber-threats CyberC4:Alert from RT Logic consolidates security data across satellite networks, and interoperability, but also greater potential monitoring for traffic from known malicious IP addresses using IP reputation have become much more including vulnerability to the advanced, persistent and data from the Open Threat Exchange. [Image courtesy of RT Logic] significant,” Daughtridge apparently state-supported cyber-attacks that “SATCOM equipment used to be very explained. “But there also have been a lot have become increasingly pervasive. unique in its command and control protoof changes in the satellite world that have Reports in 2011 that NASA satellites cols. But most of the monitor and control impacted this as well. First, satellite systems had been hacked a few years before have functions for RF networks are moving to used to be very stand-alone and isolated, relyadded to concerns that vital government and standard IP, which is great for interopering on the ‘air gap’ as their private SATCOM systems linkability and efficiency, but is not good from security mechanism. That’s ing military and intelligence a cybersecurity perspective, because now it’s changing both on the network forces worldwide could be just another node on the network that can be side, where they’re connecting degraded or mined for secret attacked,” he said. more and more to IP netinformation. works and are now a piece of The SATCOM industry is a bigger network, and on the responding by ramping up Assessing the Risk control side, because to drive efforts to comply with secuefficiency in operations, they rity standards, such as those To address the increasing threats have remote engineers being developed by the National and unique requirements of the satellite able to call in to support the Institute of Standards (NIST), industry, Kratos recently introduced the Stuart Daughtridge system. So you have to make and introducing new products SATCOM Cybersecurity Assessment serallowances in your air gap solution to enable and services, such as a recently announced vice. With cybersecurity legislation expected people to have remote access. The other chalsatellite cybersecurity assessment service. soon to require the application of NIST lenge is that air gap solutions have now been In addition, key government programs information assurance standards for all U.S. proven to be able to be breached, so they are such as the Defense Information Systems critical infrastructure, including satellite no longer the end-all security feature that Agency/General Services Administration’s communications, company executives note, they once were. Future COMSATCOM Services Acquisithe assessment will help ensure compliance 22 | MIT 17.5
the command signals sent to satellites. Most parts of those across the Intelreadiness for these forthcomof Intelsat’s satellites are designed with that sat network to make sure it’s ing security regulations. capability, which gets turned on when a govbeen hardened against cyber“Our view is that you need ernment task order requires it. threats. We’ve been very sucto have a clear assessment of “Security is absolutely important to our cessful with this approach. It your risk posture. Every sysbusiness and customers,” Daniels said. “In includes third-party penetratem has vulnerabilities, and protecting ourselves from cyber-threats, we tion testing, where we hire there is always risk associated use a defense-in-depth approach to protectsomeone to try to break into with operating networks. The ing the network. It’s a multi-layer approach our network, to certify that we key thing is to do a deep dive that protects the IT infrastructure through a don’t have any holes,” Daniels on where you stand relative to hardening of our systems, as well as physical said. your risk posture across the Christopher Fountain security at our teleports and offices.” O Part of the information spectrum, from end to end,” assurance process that the company goes said Christopher Fountain, senior vice presithrough on government contracts involves dent of Kratos’ SecureInfo. For more information, contact MIT Editor Harrison Donnelly at firstname.lastname@example.org certifying that it is adhering to the required “We advocate a robust assessment of or search our online archives for related stories at levels of security, including encryption of risk, leveraging the control frameworks that www.mit-kmi.com. are being required by systems used by the government and Department of Defense,” he said. In addition, RT Logic, a Kratos company, offers CyberC4, its family of products for the SATCOM environment that deliver situational awareness, system hardening, insider and external threat protection, and active defenses. Components include CyberC4:Alert, which it bills as the first Security Information Event Management system specifically for satellite networks; CyberC4: Armor, which provides anti-tamper protection for ACROSS SATELLITE AND TERRESTRIAL NETWORKS mission-critical devices used in satellite ground networks; CyberC4:Capture, which Assuring end-to-end availability, reliability and security of counters insider threats; and CyberC4:Guard, critical communications resources. a cross-domain solution for controlling the transfer of information between different security levels. end-to-end cybersecurity services across Satellite operators also are moving to satellite and terrestrial operations. address cyber- and related security concerns. Intelsat General, for example, offers roundreal-time cybersecurity products designed the-clock monitoring and proactive security specifically for satellite ground networks from RT Logic. in the Intelsat Secure Operations Center, defense-in-depth design and delivery from IA experts, operations support at each teleport, real-time situational awareness of and emergency response teams. satellite, IT and security systems. “IP-based networks raise the risk level for cyber-threats, so we take a number of precautions to make sure that our network and customer services stay safe. The risk applies across the board, possibly affecting www.KratosDefense.com network operations, network infrastructure, IT infrastructure, and flight operations. So For more information, it is an area that Intelsat takes very sericall 703-254-2000 or contact KratosTTS@KratosDefense.com ously, with a world-class cyber-protection program in place,” said Mark Daniels, vice president of engineering and operations for Intelsat General. “Intelsat has taken all of the information assurance standards that are out in the market for both commercial and government networks and applied the most stringent
Photo courtesy of U.S. Air Force
MIT Ad v1.indd 1
6/5/2013 11:11:17 AM
MIT 17.5 | 23
Second generation of Army network exchanges mission-critical data from headquarters elements to soldiers on the ground. When the advanced capabilities of the Army’s mobile tactical communications network backbone hit theater, soldiers and commanders inside Warfighter Information Network-Tactical (WIN-T) Increment 2-equipped vehicles down to the company level will be able to remain on the front line, where they can exchange critical information from higher headquarters all the way to boots on the ground. “WIN-T Increment 2 provides improved information and intelligence on what is happening on the battlefield,” said Colonel Thomas Dorame, commander of the 2nd Brigade, 1st Armored Division (2/1 AD). “In the past, that information would have only been available at 24 | MIT 17.5
my tactical operations center. And then I would have to try to get a voice message down to the platoon on the ground. But now if a soldier has a WIN-T Increment 2 vehicle, he’ll have that information right there on the battlefield as he is about to conduct operations.” Dorame commands the operational unit that conducted the WIN-T Increment 2 follow-on operational test and evaluation (FOT&E) this spring. The Army and Department of Defense last fall outlined requirements for an additional test for WIN-T Increment 2 prior to securing a full rate production decision and permission to conduct additional fielding beyond Capability Set (CS) 13, which has been delivered to
By Amy Walker
the 4th and 3rd Brigade Combat Teams (BCTs) of the 10th Mountain Division. To fulfill these requirements, the WIN-T Increment 2 FOT&E was conducted in conjunction with the Army’s Network Integration Evaluation (NIE) 13.2, which has used 2/1 AD’s 3,800 soldiers in the realistic operational environments of Fort Bliss, Texas, and White Sands Missile Range, N.M. The NIEs aim to rapidly mature and integrate the Army’s tactical communications network, and accelerate and improve the way network technologies are delivered to soldiers. NIE 13.2 was the fifth event of the semi-annual NIE series and provides an optimal venue in which to conduct the follow-on test. www.MIT-kmi.com
“The FOT&E will be the Army’s primary focus for NIE 13.2,” Lieutenant Colonel (P) Robert Collins, product manager for WIN-T Increment 2, said in advance of the event. “Through its support in previous NIEs, the brigade has already gained a great deal of WIN-T Increment 2 operational experience. Between the realistic NIE environment and the unit’s extensive experience, the Army will be able to conduct the full spectrum of operations needed for a focused, successful test.” Based on WIN-T Increment 2 initial operational test and evaluation at NIE 12.2 results from last May, the Army was granted limited permission to field WIN-T Increment 2 as part of CS 13 prior to its final full rate production decision. WIN-T Increment 2 meets a critical need for mobile communications, especially as U.S. forces support the drawdown in Afghanistan. WIN-T Increment 1, formerly known as the “Joint Network Node-Network,” began fielding in 2004. It provides soldiers with high-speed, high-capacity voice, data and video communications down to battalion-level units at the quick halt. WIN-T Increment 2 improves upon these capabilities by providing users with an integrated, self-forming, selfhealing and on-the-move network down to the company level. It further increases capability by introducing network radio waveforms and enhancing Network Operations, a suite of integrated monitoring tools used by communications officers to command and control the network. WIN-T Increment 2 provides a network connection so soldiers are not just relying on “static information,” but have a network that they can reach back to and pull information that others are providing relative to their situation, explained Major Ralf Radka, executive officer for 2/1 AD. Previously, soldiers could only pass critical network data from fixed command posts via ground satellite terminals at battalion and above. But now they have permanent communications capabilities down to the company level, both static in the command post and on the move in the WIN-T Increment 2 vehicles, from which they can push and pull data, he said. “Through networking radios, they also have the capability to further pass data all the way down to the soldier level, where they can share it in a variety of different forms, whether it’s tactical, imagery, www.MIT-kmi.com
A WIN-T Increment 2 Soldier Network Extension travels across the harsh desert terrain of White Sands Missile Range, N.M., in November 2012 during the Network Integration Evaluation 13.1. [Photo courtesy of Claire Heininger, U.S. Army]
calculated enemy locations or information about infrastructure,” Radka said. “Anything that they can tap into that is available from the network, they can pull down and get that information to specific locations.” WIN-T Increment 2 is an important part of the Army’s tactical network modernization strategy and one of its highest priorities. It is also the centerpiece of the Army’s network capability sets. CS 13 is the first of these fully integrated packages, which include radios, satellite systems, software applications, smartphone-like devices and other network components that provide connectivity from the stationary command post, to the commander on the move, to the dismounted soldier. WIN-T Increment 2 is the tactical communications network backbone that binds the capability sets together. CS 13 began fielding to the two 10th Mountain Division BCTs last October, and the two units are preparing for possible deployment to Afghanistan with these advanced capabilities. If they are called upon to deploy as security forces adviseand-assist teams, they will work closely with the Afghan forces. The units will rely on the new network as they take down fixed infrastructure and become increasingly mobile and dispersed in their operations. “WIN-T Increment 2 provides key mission command on-the-move capability to our forces and improves situational
awareness and communications down to lowest echelons, a major enhancement over the current network architecture in theater and critical for the success of these units,” Collins said. The WIN-T Increment 2 FOT&E has laid the groundwork for the WIN-T Increment 2 full rate production decision scheduled for the fall. A successful decision will allow the Army to continue to procure equipment to support future capability sets, remain aligned with Army modernization and ensure maneuver BCTs are enabled with a mobile network. “WIN-T Increment 2 provides a significant increase in capability beyond what units have today with WIN-T Increment 1, and deploying units need these advanced capabilities to support their missions,” Collins said. “The WIN-T Increment 2 FOT&E will posture the Army to continue to provide these increased capabilities to our forces in the near future and facilitate further network improvements over the longer term.” O Amy Walker is a staff writer for Symbolic Systems, supporting the Army Program Executive Office Command, Control and Communications-Tactical, Project Manager WIN-T and MilTech Solutions. For more information, contact MIT Editor Harrison Donnelly at email@example.com or search our online archives for related stories at www.mit-kmi.com.
MIT 17.5 | 25
Commercial Off-the-Shelf Technology
Solution Delivers Wireless for Rapidly Deployable Communications
Tecore Networks, a global supplier of 3G and 4G mobile network infrastructure, has announced its Raven Platform, a tactical solution delivering macro 3G/4G wireless service for rapidly deployable communications. The Raven leverages a size-optimized all-IP based architecture, delivering the most compact, adaptable and cost-effective rapid response tactical platform. The highly portable mobile platform is small enough to qualify as carryon luggage on most airlines. Each Raven system provides voice, text, MMS and megabit Internet services for local users as a standalone system or as part of a larger communications network. When networked together, users have secured access to other Raven locations. The solution Raven offers multiple backhaul connectivity options to securely connect between several locations. The integrated 3G/4G WWAN allows systems to interlink connectivity and coverage at distances up to 10km apart. Optionally, the units can be integrated with an external microwave or VSAT for the establishment of remote IP connectivity. Raven supports numerous key capabilities that are targeted for rapidly deployed systems, with features that provide reduced overhead in IP transmissions as well as optimized processing for satellite connections.
Compiled by KMI Media Group staff
On-the-Move Cell Network Drives Down Costs TWD & Associates and Lemko Corp. are partnering to create an on-the-move (OTM) mobile cellular network. The platform will reduce latencies and drive down operation and management costs by integrating radio frequency (RF)-neutral technologies. The platform can also be integrated with satellite communications, allowing it to operate across all standard SATCOM frequencies. The platform is ideal for emergency response efforts, challenged environments and remote locations. Lemko’s SwarmNet technology provides
a self-organizing and self-healing OTM mobile broadband cellular network that is highly effective in austere and RF-challenged environments. This solution, a software-defined network, virtualizes the core and replaces traditional hub and spoke architecture with an all IP-based architecture that eliminates backhaul. Additionally, the solution easily integrates with Push-to-Talk networks such as Project 25 or Terrestrial Trunked Radio, and it supports all commercial cellular frequencies and end-to-end security.
Airborne Solutions Offer Secure Connectivity, SATCOM Monitoring As the demand for airborne applications increases, iDirect Government Technologies (iGT), a wholly owned subsidiary of VT iDirect, has launched new airborne solutions for secure connectivity and for monitoring SATCOM functions while in flight, providing situational awareness and enabling reliable command, control and ISR operations. IGT’s new Airborne In-Flight Monitoring System (AIMS) provides situational awareness with in-flight monitoring, allowing customers to view the status of the entire airborne communications system while in flight. AIMS displays locally to the communications officer on board, providing the real-time position of the aircraft and information on when it is leaving one satellite coverage area and entering another. In addition, iGT is also launching its Evolution 8000 series airborne enclosure (e8000 AE) based on a 4MCU ARINC variant for
permanent integration on aircraft. Compliant with DO 160 certifications and the highest military security requirements, the e8000 AE provides fast, reliable and secure network connections for high-speed communications on the move applications. The router enables constant connectivity between manned and unmanned aircraft for uninterrupted command and control communications between theaters, ISR applications and the transmission of high-definition imagery from the aircraft to soldiers on the ground.
SATCOM Routing Software Offers Bandwidth Savings Vocality, a global network router manufacturer and supplier of voice and data network routers to the satellite communications market, has announced the immediate release of Vocality Operating System Version 8 (VOS 8). This represents a significant step forward in routing software for local and wide area network operations. Building on its success with VOS 7, which introduced increased routing and optimization 26 | MIT 17.5
features, Vocality significantly increases its core network routing software to bring major benefits to users of satellite networks, tactical edge and high-performance routing applications. VOS is the routing system used in network routers deployed in defense, nongovernmental and commercial satellite operator voice and data networks. The latest release brings a significant under-the-hood boost to
the potential of VOS as a viable alternative in network routing. For example, VOS 8’s inclusion of VoIP capabilities from Metaswitch adds SIP registration and proxy server capabilities to Vocality’s product line. VOS unlocks significant potential for bandwidth-saving and improved application support in the field of high-reliability, bandwidth-optimized, field-deployed communications. www.MIT-kmi.com
The advertisers index is provided as a service to our readers. KMI cannot be held responsible for discrepancies due to last-minute changes or alterations.
MIT RESOURCE CENTER Advertisers Index BlueSpace. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 www.bluespace.com Cornet Technology Inc.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 www.cornet.com/ipgate-whitepaper Exelis Electronic Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 www.exelisinc.com/gnomad-dom Intelsat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C4 www.farmorethansatellites.com Kratos. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 www.kratosdefense.com University of Maryland University College. . . . . . . . . . . . . . . . . C2 http://military.umuc.edu/cuttingedge
Calendar June 25-27, 2013 USCYBERCOM Symposium Baltimore, Md. www.afcea.org
August 9, 2013 DISA Forecast to Industry Fort Meade, Md. www.disa.mil
October 29, 2013 SAP NS2 Solutions Summit Falls Church, Va. www.sapns2.com
Want to REACH the decision-makers in the DEFENSE COMMUNITY With a unique concentration on senior military officers and DoD leadership, KMI
KMI’S FAMILY OF PUBLICATIONS Border Threat Prevention and CBRNE Response
Media Group focuses on distinct and essential communities within the defense
Integrated Fixed Towers
GEOSPATIAL INTELLIGENCE FORUM
June 2012 Volume 1, Issue 1
Michael J. Fisher Chief U.S. Border Patrol U.S. Customs and Border Protection
Leadership Insight: Robert S. Bray Assistant Administrator for Law Enforcement Director of the Federal Air Marshal Service Transportation Security Administration
Hazmat Disaster Response Wide Area Aerial Surveillance O Program Tactical Communications O P-3
market. This provides the most powerful and
GROUND COMBAT TECHNOLOGY
precise way to reach the exact audience
MILITARY ADVANCED EDUCATION
that procures and deploys your systems,
MILITARY LOGISTICS FORUM
services and equipment.
BORDER & CBRNE DEFENSE
MILITARY INFORMATION TECHNOLOGY
KMI Media Group offers by far the largest
MILITARY MEDICAL & VETERANS AFFAIRS FORUM
and most targeted distribution within critical
MILITARY TRAINING TECHNOLOGY
G for Navy NAU I Medium
SUE RAL IS PEOs U
Medium for Navy
CARRIER ONBOARD DELIVERY OPTIONS
market segments. Sharp editorial focus,
NAVY AIR/SEA PEO FORUM
Rear Adm. Thomas J. Moore
U.S. Navy Program Executive Officer Aircraft Carriers 2013
pinpoint accuracy and depth of circulation
PROGRAM MANAGEM ENT UPDATES
Patrol Craft O Riverine Partnership Shipboard Self-Defense Development Helicopter O Educational Presidential Munitions O Precision Guided
SPECIAL OPERATIONS TECHNOLOGY
SOF Enhancer Adm. Bill H. McRa ven Comman der Special Operatio ns Comman d
make KMI Media Group publications
TACTICAL ISR TECHNOLOGY
the most cost-effective way to ensure your
U.S. COAST GUARD FORUM
Rapidly Deployab Robotics le Technolog Networks O SOF y O Global Light SOF TrainingVehicles
advertising message has true impact. To learn about advertising opportunities, call KMI Media Group at 301.670.5700
MIT 17.5 | 27
Military Information Technology
David Cavossa President, Government Solutions Harris CapRock As Harris CapRock’s president of government solutions, David Cavossa oversees the direction and growth of the business, which focuses exclusively on serving military and federal civilian agencies. He oversees all government sales, business development, strategic planning, and day-to-day operations. Q: What unique benefits can Harris CapRock provide its customers in comparison with other companies in your field? A: Harris CapRock is uniquely positioned to serve as a single source for all our customers’ communications requirements through our extensive self-owned and -operated global infrastructure. We currently provide end-toend managed satellite communication solutions to thousands of remote sites worldwide using more than 60 different satellites. We land that traffic in one of our 12 self-owned and -operated teleport facilities and connect directly to our customers’ networks through a global terrestrial backbone network with 83 points-of-presence. Our robust terrestrial network provides bandwidth on demand with speeds up to 10 Gpbs between more than 50 key Department of Defense locations, meaning we can deliver services on our network within hours or days of receiving customer requirements, versus the industry standard of weeks. In total, we provide terrestrial services to more than 1,700 government locations in the U.S. Our network can scale to meet any of our customers’ requirements, and can provide the most cost-effective solutions in a period of contracting budgets. We are constantly innovating and upgrading our network, which enables us to offer increased capacity in a secure and efficient manner thus resulting in considerable savings to government. Harris CapRock continues to research novel approaches to expand our current services at the most competitive market rates. Additionally, as part of Harris Corp., we can incorporate its technical expertise and expansive capabilities into Harris CapRock’s product portfolio. Our recently launched end-to-end commercial ultra-high frequency [UHF] service is a great example of how we are leveraging strengths across the Harris family to offer customers something no 28 | MIT 17.5
one else can. The service integrates Harris’ industry-leading radios, waveforms and Harris CapRock’s satellite communications expertise. Thousands of military personnel in the field can use the Harris radios they already know and love with our dedicated UHF satellite channels. Using a Harris tactical satellite waveform, users can actively manage their channels by splitting the capacity into multiple networks for simultaneous users. The service successfully went live with its first customer, a European military agency, at the beginning of April. We have seen significant interest in the service, especially from international customers who do not have access to military UHF satellite constellations the way the U.S. does. We are talking with several more potential customers who need ultra-critical, tactical-edge communications and we think could really benefit from the service. Q: Are you currently developing any new products and services relevant to military and government customers that you hope to bring to the market in the future? A: As a global satellite, terrestrial and wireless network service provider, Harris CapRock continually evaluates emerging communication technologies for application in our customers’ solutions. We serve as a trusted technology adviser to our customers, taking the approach of tailoring the right technology for each customer’s unique application environment. We remain technology agnostic, focused solely on designing the best solution for performance and operational efficiency. Based on what we are hearing in ongoing conversations with our customers, two specific areas we are looking into are ways to integrate additional mobile platforms and high-throughput satellites into our solutions.
Obviously those are two completely different markets. Harris CapRock supports customers with bandwidth requirements ranging from the strategic to the tactical. For certain sets of users, we are asking and analyzing the same big question about high-throughput satellites that our customers are: Which high-throughput technology is right for them? And yet, we’re hearing from other sets of users that despite all the hype about high-throughput satellites, it is important not to forget about the steady demand for narrowband offerings for voice, text and low-data-rate critical communications. Q: How are you working to strengthen the security of your solutions? A: Harris CapRock has long been committed to ensuring that information assurance [IA] and security are properly incorporated into every solution design. Several years ago we brought a highly respected IA subject matter expert onboard to help assist our government customers in strengthening the confidentiality, integrity, availability and over-arching security posture of their networks. Since then, our global security team has upgraded Harris CapRock’s overall IA posture and driven us to progressively higher standards of IA compliance. In 2011, Harris CapRock was the first COMSATCOM provider to be inspected by the Defense Information Systems Agency [DISA] Field Security Office. We were very proud to be rated “outstanding” by the senior government representative present. Furthermore, our solutions are consistently approved by the DISA chief information officer to support government operations at the highest levels of mission assurance and confidentiality. For all the solutions we design, Harris CapRock provides an added layer of anonymity and security by positioning ourselves between our customer and the satellite fleet operators. Prior to award, each solution is reviewed and vetted against the contract and security requirements by government contracting and security officials. Our winning COMSATCOM solutions always meet or exceed the government customer’s predefined security requirements. O www.MIT-kmi.com
July 2013 Volume 17, Issue 6
The Voice of Military Communications and Computing
Cover and In-Depth Interview with
Terry Halvorsen Chief Information Officer Department of the Navy
Features • JTRS Bears Fruit
Although the Joint Tactical Radio System program no longer exists in its original form, it is still bearing fruit with products outside the programs of record that are directly benefitting from work with interoperability and capabilities for troops in the field.
• Radio Competition
The Army is working on a busy schedule of key contract awards for tactical radios, including the Rifleman Radio, HMS Manpack and MidTier Networking Vehicular Radio.
• Seal of Approval
The JTRS certification process is part of an evolving effort to ensure end-to-end joint service interoperability and security. Achieving JTRS Certification indicates a device’s readiness to operate in a DoD or service network architecture.
• Cloud Security
With the growth of cloud computing, security issues are drawing greater attention from both government and industry.
• Collaboration Technology
Enterprise systems bringing together a variety of technologies for collaboration are vital tools in a time of travel restrictions and budget cuts.
• Citizen-Soldier IT
Upgrade of Reserve Component Automation Systems brings new capabilities for those supporting the Army Reserve and National Guard.
Insertion Order Deadline: June 26, 2013 • Ad Materials Deadline: July 3, 2013
Seamless mobility comes down to a simple equation. Intelsat General is already known within the industry to have the fastest, most reliable global mobility network on land, sea or sky for critical military communications needs, including end-to-end solutions, and Intelligence, Surveillance and Reconnaissance applications. Still, our Intelsat EpicNG platform, launching in 2015, will make the best even better. New spot beam technology will complement our current C-, Ku- and X-band solutions, allowing you greater throughput as well as greater flexibility and control. And, as youâ€™d expect from Intelsat General, this technology is designed intelligently to be backwards compatible with pre-existing equipment. When the communication is mission-critical, the choice is epic.
Step up to best-in-class mobility. Visit farmorethansatellites.com.
Published on Jul 29, 2013