Page 1


Electronic Countermeasures Future Electronic Warfare: Counter-Missile Technologies

Sponsored by

The Missile Problem Hard Kill or Soft Kill? Active Onboard Angle Deception Countermeasures Soft Kill Defined ECM Effectiveness Assessment: Jog Detection ECM Effectiveness Assessment: Angle Response Modes Other Future Possibilities

Prototype Counter-IED ECM Protection Range Estimator Device Warning Zone Definition Genetic Algorithms and Environment Characterization Solution Disambiguation Application to Reactive Jammers Possible Application to EOD

Published by Global Business Media



Electronic Countermeasures Future Electronic Warfare: Counter-Missile Technologies


Sponsored by

The Missile Problem Hard Kill or Soft Kill? Active Onboard Angle Deception Countermeasures Soft Kill Defined ECM Effectiveness Assessment: Jog Detection ECM Effectiveness Assessment: Angle Response Modes Other Future Possibilities

Prototype Counter-IED ECM Protection Range Estimator Device Warning Zone Definition Genetic Algorithms and Environment Characterization Solution Disambiguation Application to Reactive Jammers Possible Application to EOD



Martin Richards, Editor

Future Electronic Warfare: Counter-Missile Technologies


Shawn Charland, President, Sky Industries Inc. Published by Global Business Media

The Missile Problem

Published by Global Business Media

Hard Kill or Soft Kill?

Global Business Media Limited 62 The Street Ashtead Surrey KT21 1AT United Kingdom

Active Onboard Angle Deception Countermeasures

Switchboard: +44 (0)1737 850 939 Fax: +44 (0)1737 851 952 Email: Website: Publisher Kevin Bell Business Development Director Marie-Anne Brooks Editor Martin Richards Senior Project Manager Steve Banks Advertising Executives Michael McCarthy Abigail Coombes Production Manager Paul Davies For further information visit: The opinions and views expressed in the editorial content in this publication are those of the authors alone and do not necessarily represent the views of any organisation with which they may be associated.

Soft Kill Defined ECM Effectiveness Assessment: Jog Detection ECM Effectiveness Assessment: Angle Response Modes Other Future Possibilities Conclusion

Prototype Counter-IED ECM Protection Range Estimator Device


Shawn Charland, President, Sky Industries Inc.

Warning Zone Definition Genetic Algorithms and Environment Characterization Solution Disambiguation Application to Reactive Jammers Possible Application to EOD Conclusion

Material in advertisements and promotional features may be considered to represent the views of the advertisers and promoters. The views and opinions expressed in this publication do not necessarily express the views of the Publishers or the Editor. While every care has been taken in the preparation of this publication, neither the Publishers nor the Editor are responsible for such opinions and views or for any inaccuracies in the articles.

Š 2011. The entire contents of this publication are protected by copyright. Full details are available from the Publishers. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical photocopying, recording or otherwise, without the prior permission of the copyright owner. WWW.DEFENCEINDUSTRYREPORTS.COM | 1




HIS SPECIAL Report contains two articles, the first of which is about future electronic warfare (EW) and electronic countermeasure

(ECM) technologies for defense against missile attack, focused on countermeasures against terminal phase radar homing guided missiles. The work reported here is exclusively the result of internally funded research by Sky Industries, and has previously been briefed to selected international governments and members of private industry. It exists today, in hardware and software, as a demonstration adaptive ECM controller. The article begins with a cursory description of the terminal phase of a radar homing missile, then moves to a definition of soft kill, a discussion of angle deception jamming, raises questions about the current assessment of jog detection efficacy and why mistakes may be grandfathered into current thinking, introduces the idea of angle response modes, and concludes with proposed definitions for first, second, third and fourth generation adaptive jammers. The second piece is produced by Sky Industries on the subject of a device to provide real time, in combat estimation of the counter-IED ECM protection range, referred to as a Protection Range Estimator (PRE) device. The focus of this article is somewhat more technical than the first.

Martin Richards Editor



Future Electronic Warfare: Counter-Missile Technologies Shawn Charland, President, Sky Industries Inc. Sky Industries Inc., 2956 McCarthy Road, Ottawa, Ontario, Canada, K1V 8K6

The Missile Problem If you’re reading this article, you probably don’t need to be convinced that counter missile technology is important, but from a context point of view it’s worthwhile to recap just how serious an attack by a modern missile is, and how limited the options are for a defending platform. I’ve spent most of my counter-missile career working in the maritime environment, so this article will be cast in terms of terminal phase radar homing anti-ship missiles. What does “terminal phase” mean? Depending on how finely you chop it up, a missile attack has arguably three phases: a launch phase, an inertial guidance or “cruise” phase, and a terminal homing phase. In order to hit something, the missile needs to know exactly where the target is, so when it gets close it starts a terminal homing phase using its “seeker”: a little radar that acts like an eyeball, packed into the nose of the missile. The seeker turns on and quickly scans its antenna looking for targets, to build up a tactical picture. The tactical picture is used to create a prioritized list of targets, and the missile begins homing on the highest priority target while keeping its options open for alternates.

A modern missile is basically a robot by the purest definition; it’s a machine that senses its environment and autonomously makes decisions about what to do next based on what it sees and “thinks” is happening.

Hard Kill or Soft Kill? Once a modern missile locks onto a target and begins tracking and homing it’s bad news: there’s not a lot that can be done to prevent it from hitting its target. Here are the current choices, and, barring the invention of a tractor beam or a Star Trek transporter, they are also the future choices: 1) deceive it, 2) distract it, 3) destroy it, 4) hope for a missile malfunction, or 5) get hit. Only the first three are valid options, but whichever you choose, it had better be quick: after the seeker unmasks, there’s probably between 40 and 60 seconds before the missile arrives. Probably less if it’s hypersonic. At this point, some definitions are needed: the first two options are called electronic countermeasures (ECM), whose purpose is to cause missile soft kill. “Soft kill” means that the missile can no longer harm the target, although

In order to hit something, the missile needs to know exactly where the target is, so when it gets close it starts a terminal homing phase using its “seeker”: a little radar that acts like an eyeball, packed into the nose of the missile.



Crosspol is completely different from Crosseye, despite the fact that they both share the word “cross” in their names.

it hasn’t been physically destroyed. The third option is called hard kill, whose purpose is to physically destroy the missile – either by shooting it down with bullets, or by shooting it down with another missile, or some other method. This is an article about future EW and ECM technologies, so it will focus on the first two options. Distraction (option 1) can be done with, for example, an offboard decoy, but there is a limited window to achieve this, and it’s pretty much all at the beginning, so reaction time is critical. Deception (option 2) means providing deceptive information to the missile to cause a miss. The objective is to fool the seeker either into thinking you’re not a target, or to corrupt the flow of guidance information so the missile flies in the wrong direction. But all terminal phase radar homing missiles have at least one generic ECM-related weakness: there needs to be a transducer between the sophisticated onboard signal processing and the outside world. The transducer is the antenna, and here’s why it’s a potential weakness: because the beam shape can be electromagnetically distorted by a jammer. In order to function in missile guidance, the antenna must have a radiation pattern that looks like a flashlight beam: almost all the energy is focused in the forward direction (figure 1(a)). Now imagine there is a way to change the shape of that radiation pattern, so it doesn’t look like a flashlight anymore. This is the conceptual equivalent of creating one or more “phantom targets” – a ghost target that the seeker sees, but it’s not actually there. In principle, this could be used to disturb the guidance signals passed from the seeker to the autopilot, and cause the missile to fly in the wrong direction. This is called active onboard angle deception countermeasures.

Active Onboard Angle Deception Countermeasures The good news is that the list of these countermeasures is short, but that’s also the bad news. The principal players are: 1) Amplitude modulation, 2) Cross eye jamming, and 3) Crosspolarization (Crosspol) jamming. There are also hybrids, but space in this article prohibits a detailed discussion. Amplitude modulation (AM) was very effective in the old days when seekers used something called “conical scan” to extracting information. AM effect: the seeker antenna spins off in some wild direction, hauling the missile with it, never to be seen again. A Google search will produce an abundance of information. This didn’t last long – the missile designers came up with monopulse angle tracking, and a 4 | WWW.DEFENCEINDUSTRYREPORTS.COM

number of variants. It’s a clever idea worthy of another Google search. Bottom line: by the time you know you’re being tracked, it’s too late to do anything about it. And not only will AM not work, it will attract the missile. Also when someone illuminates you with a monopulse radar, it means one of two things: they’ve fired at you, or they’re about to fire at you. To peel a monopulse tracker off a target anglewise, it’s necessary to exploit the electromagnetic properties of the antenna – and that’s where Crosseye and Crosspol jamming come in. But they have been a hard sell in the user community because you have to be an expert to understand how they work. The important thing to emphasize here is that it is not necessary for the user community to understand how these work, provided their technical experts do and are provably confident. You don’t need to know how an internal combustion engine works to drive to the store, and you don’t need to know how television works to watch The Simpsons. Nevertheless, here’s how they work: Crosseye involves radiating coherent signals from two antennas that are laterally separated. This creates an interference pattern that, when it’s properly aligned on the seeker antenna, effectively splits the flashlight antenna beam in two (loosely speaking). Result: the seeker’s flashlight beam antenna pattern is distorted so there are left- and right-pointing flashlight beams, but no flashlight beam that points where the real target is. Sawtooth amplitude modulation of the two crosseye antennas causes an endless stream of tasty false targets to strobe across the horizon, like the lights on a movie marquee sign. It’s not all gravy though: between Crosseye and Crosspol, Crosseye is the petulant spoiled child of the two. It can produce unique angle disturbance effects in the seeker, but it’s tricky and expensive to implement. Crosspol is completely different from Crosseye, despite the fact that they both share the word “cross” in their names. Crosspol takes its name from the crosspolarized response of the seeker’s antenna. Antennas are designed to receive a particular polarization, where “polarization” refers to the direction of the electric field in an electromagnetic wave: vertical, horizontal, or circular. Even though the antenna is designed to produce a particular polarization, it incidentally produces the orthogonal or “cross” polarization, where orthogonal means 90° rotation. Antennas have the same gain pattern whether they are used to receive or transmit; this is the principle of reciprocity in electromagnetics. This means, from a jamming point of view, that if an antenna is illuminated with its orthogonal polarization, some of that energy gets in. And here’s the interesting


part: the shape of the crosspolarized radiation pattern is wildly different than the copolarized flashlight beam. Whereas the copolar pattern has a single main beam (figure 1(a)), the cross polar pattern has four main beams (figure 1(b)). Now imagine that the seeker is unknowingly tracking a cross polar jamming signal; in simple terms, it has to sort of look at the target out of the corner of its eye, it has to cock it’s antenna to align one of those four beams with the target. That means it needs to physically move its antenna to a new pointing direction to track the target. When it does that, it sends guidance of signals to the autopilot, which disturbs the missile’s flight profile. Like Crosseye, it’s necessary to modulate the jamming signal, and that means wiggling the polarization. There are two reasons to do this: 1) the crosspolarized response of the antenna exists over only a fairly narrow angular window, so sweeping the polarization near expected crosspol means it’s not necessary to know exactly what the right polarization is, and 2) modulating the polarization causes the false targets to move. Target movement is important because, generally speaking, missiles use something called Proportional Navigation (PN) guidance, which means the missile flies a trajectory to zero the rate of change of line of sight to the target. If those targets don’t move, you’re going to get hit even if the antenna is pointing in a cockeyed direction. So let’s recap: once a radar homing missile has locked onto you with its seeker and started its terminal homing phase, there are only a couple of things you can do to avoid getting hit, and there’s very little time. The choice is between hard kill and soft kill. Hard kill means try to shoot it down, soft kill means try to send it away. Hard kill looks good on paper, but it does not have a good track record (http://www.stormingmedia. us/93/9312/B931291.html), and it’s fraught with its own problems – including missiles that use random high-g weaves so they’re hard to hit. Soft kill means throwing something overboard (like a decoy), or radiating confusing signals to attack the missile autopilot through its seeker. The offboard soft kill route creates two things to worry about: 1) the seeker might be smart enough to reject the offboard decoy and continue homing, and 2) once there are no more things to throw overboard there are also no more soft kill options, so it’s necessary either to resupply, leave the area, or get help. The onboard soft kill option has the advantage of obviating resupply - you never run out of EW bullets for your EW gun. But soft kill is, and has always been, a hard sell into the user community because it is... invisible. You can’t see soft kill happen with your eyes. Its competitor, hard kill, suffers no such limitation:

when hard kill happens you can see it; it’s visceral and certain, something blows up. Soft kill has always been perceived by the customer community as a little too touchy-feely to bet your life on. That doesn’t make it a worse idea, just a harder sell.

Soft Kill Defined Can we make soft kill a visible? Yes we can, as it happens. Making soft kill visible falls under the category ECM effectiveness assessment, which is the name given to the amalgam of techniques, methods, and concepts to determine whether ECM is (or is not) working, and if so by how much. Cutting right to the chase, here’s the definition of soft kill: soft kill occurs when the heading error of the missile becomes so large that the missile is physically unable to execute a maneuver to correct it’s flight trajectory, to intercept a target. In other words, it cannot pull enough gs (g for “gravity”, meaning lateral acceleration) to hit the target. Under these conditions and ignoring the specialty case that the missile may come about and re-engage the target after a miss has occurred (highly unlikely since the launch platform might get hit!), the missile is guaranteed to miss the target. This means that it’s possible (a) to define conditions under which a missile miss is guaranteed, and (b) to base this concept solely on the missile airframe’s performance limitations. The math needed to do this is straightforward, not much more than is taught in a high school basic geometry class, plus a small bit of calculus because a derivative is needed. The mathematical starting point is that a missile pulling maximum gs flies in a circle... so it can’t hit anything inside that circle. If the target is considered mathematically to be a point (that means it has zero width), soft kill is defined by this simple little equation: θdot_SK = amax/ (2Vm), where θdot_SK = bearing rate required for soft kill (rad/sec), amax = maximum lateral acceleration (m/sec2), and Vm = missile velocity (m/sec). The equation represents a maximum threshold for the bearing rate of an inbound missile, if the missile is still to be able to hit its target.

Soft kill occurs when the heading error of the missile becomes so large that the missile is physically unable to execute a maneuver to correct it’s flight trajectory, to intercept a target.

This is a formal definition of soft kill. The instant the missile bearing rate meets this threshold is the instant of soft kill, for a point target. The equation tells us that in order for the missile hit a point target, it has to stay inside a shape that looks like a corridor on the sea surface (figure 2); the corridor starts wide and narrows until it WWW.DEFENCEINDUSTRYREPORTS.COM | 5


Jog detection involves measuring the seeker power onboard the targeted platform, and watching for dips or “jogs” that happen when the seeker FIG. 2: INTERCEPT CORRIDOR FOR A ZERO-WIDTH POINT TARGET

antenna points away.

reaches the ship. It’s a funnel in three dimensions. I named it the Intercept Corridor (a client asked that I rename it the Intercept Funnel, so if you see that term floating around, it’s the same thing and it came from Sky Industries, i.e. me). Interestingly, the mathematical expression depends on only two things: the missile’s maximum lateral acceleration (how many gs it can pull, amax), and its velocity (Vm). Here’s what the dependency on these two things means: imagine you’re standing on a ship and you see a missile coming toward you; unless it’s coming straight at the ship, it will appear to move along the horizon while it gets closer. The Intercept Corridor equation (above) says that if you can make the missile move along the horizon at a minimum rate (so many degrees per second, e.g. 2.3 deg/sec for a 2.5 g missile), then at that point the missile’s heading error is so large that the airframe is not agile enough to correct the flight trajectory to hit the target regardless of how far away the missile is, and regardless of what happens next in the engagement. This is called soft kill, and if we measure the bearing rate of the missile, we can literally watch it happen. So far we’ve just talked about a “point” target, but in the real world there’s no such thing as a “point”, because a point has zero dimensions – no width or height or length. It’s more useful to define a minimum acceptable miss distance relative to the silhouette of the target. In real-world terms, the minimum acceptable miss distance is as physically close as we ever want to come to an inbound missile. It’s called the protection field, and for argument’s sake it’s a circle around a surface target (or a sphere


around an aircraft, say). An isometric view of the Intercept Corridor for a nonzero protection field is shown in figure 3 (a). There’s an important concept that falls out of a formal definition of soft kill: soft kill has implicit in it the notion of identity. Soft kill is defined for a particular platform; it only applies to the object at the bottom of the Intercept Corridor. That means each platform has its own Intercept Corridor, always and only with respect to a single inbound missile. This means that each platform has a different Intercept Corridor for each inbound missile (figure 3 (b)). Several interesting future-EW possibilities arise from a formal definition of soft kill: 1. Soft kill time: It’s possible to define the moment in time when a particular ship successfully soft kills a particular missile. This is important if you want to direct EW resources as quickly as possible to counter another inbound missile. 2. Soft kill range: Assuming the missile is range tracked, it’s possible to define the missile range at which soft kill happens. 3. Degree of success: A formalization converts soft kill from an ill-defined binary on/off concept to a graduated process with a threshold; the higher the missile bearing rate, the closer it is to soft kill [attributed to F. Symons, System Intellect Inc.,]. 4. Closest possible approach: By reformulating the problem, it’s possible to convert missile range


and bearing rate information into an estimate of its closest possible approach to the target. It’s an estimate that can be updated during the entire engagement, right up to – and even past – the point of soft kill. 5. Adaptive ECM: Since it’s possible to recognize when soft kill happens, it’s possible to use the indicators (missile bearing rate and range) as a control on the ECM technique and waveform, and EW assets in general. This can form the basis for an adaptive ECM system (see Adaptive Countermeasures section), a system which reacts constructively to observations during a missile attack. For example, suppose during a missile engagement the missile bearing rate 4 seconds ago was 1.5 deg/sec, and now it’s 1.9 deg/sec; the ECM is working, so keep going. But if the bearing rate has dropped to 1.2 deg/sec, the ECM may have stopped working, or may need to be improved – a different action needs to be taken. 6. Threat ranking for resource allocation: From point 1, it’s possible to rank inbound missiles continuously in time according to the threat level they represent, so that soft kill and hard kill resources can be logically and safely allocated for the greatest tactical benefit. In simple terms, there’s no need to waste valuable countermeasures resources on a missile which is no longer a threat, because our sensors tell us it has moved outside the Intercept Corridor. Save your decoys. Save your hard kill rounds. Move on to the next inbound missile. Almost certainly there’s more than one coming at once, either as a stream attack or a barrage attack.

7. Netcentric planning for coordinated defense: The same information could be used in a network of defended platforms to create a coordinated defense plan involving soft kill and hard kill resources from two or more ships, to assure (a) survivability of all platforms, and (b) the economic use of consumable defensive assets such as counter-missile missiles, close-in weapon systems rounds, chaff rounds, decoy rounds, etc., and to ensure interoperability (e.g. make sure only one jammer engages the missile).

ECM Effectiveness Assessment: Jog Detection Future EW technology can – and should -– involve jog detection. A key enabling technology for using angle deception countermeasures, and particularly Crosspol jamming, is “jog detection”, because it can be used to tell whether the ECM is having an effect on the seeker, and the intended effect – there’s an important distinction. Jog detection involves measuring the seeker power onboard the targeted platform, and watching for dips or “jogs” that happen when the seeker antenna points away. Remember, the seeker antenna pattern looks like a flashlight beam, so seen from the target it’s brightest when it’s perfectly aligned (i.e. when it’s pointed straight at you), and it gets dimmer when it points away. When Crosspol jamming causes the antenna to deflect away from the target, this is visible to the target as a power jog – a dip in received power. A power jog can characterized by two numbers: the depth of the “fade”, and the rate of change of power, or “fade rate” (in dB per second, say).

It’s possible to test jog detection ideas by conducting field experiments in which an aircraft, equipped with a missile seeker simulator, flies attack profiles against a ship equipped with an angle deception jammer.




An adaptive jammer changes its behavior during the engagement according to what it sees happening – by measurement of (at least) missile range, bearing, and seeker power.

Jog detection is not a new idea; it’s at least as old as tracking radars, and so is the awareness of its major drawback: multipath. “Multipath” happens between a transmit antenna and receive antenna, and refers to interaction between the direct-path signal, and the signal that arrives indirectly due to reflection from somewhere in the environment (for example, by reflection from the sea surface). The direct and indirect signals interfere with each other constructively the destructively, depending on the geometry between the receiver, transmitter, and whatever is causing the indirect reflection. As the distance between the receiver and transmitter (and the reflector) changes, multipath causes the received power change. This is potentially a serious issue for jog detection because signal power changes caused by multipath might be confused with power jogs caused by the angle deception ECM. The concern is that multipath might cause false indications that the ECM is working when, in fact, it might not be. Assuming there’s a problem, there are number of possible fixes. They all depend on using information about the phenomenology of multipath, the angle deception technique, and seeker angle tracking to disentangle false jog indications from real jog indications. In a nutshell, here’s how: 1. Use multipath phenomenology: Consider a sea skimming missile inbound towards the ship; a few things are known about it, such as its altitude and likely speed. From this it’s possible to calculate bounds on the multipath-induced fade rates that are likely to be observed. ECM induced angle jogs can be separated from multipath fades at ranges for which the upper bound on multipath-induced fade raids is less than the fade

rate caused by the ECM. Qualitative conclusion: depending on the properties of ECM-induced jogs, multipath false jog indications may only be a problem at close range. This is discussed quantitatively below. 2. Use phenomenology of the ECM technique: There’s something we know phenomenologically about Crosspol jamming: the seeker antenna only moves when the polarization is near crosspol. Any jog which is observed when the polarization of the jammer is outside a predefined window near crosspol must have been caused by multipath. 3. Use more multipath phenomenology: From the basic principles of multipath and low-angle scattering, if two jogs appear very close together in time and the missile is known to be a longrange, then at least one of them was caused by ECM. 4. Use phenomenology of the missile seeker: It is possible to place bounds on the fade rates expected ECM-induced jogs based on estimated seeker angle loop properties. Jog detection appears to be widely regarded as impractical, but I’ve never heard the reasons explained other than to say that it’s “too difficult” to extract true antenna jogs from a multipath false indications. It’s accepted wisdom, but is this true? Simulation can be used to estimate the fade rates which are likely to be observed in an actual missile attack, where the missile flies as the skimming profile at high subsonic velocity (e.g. 0.9 Mach, 300 m/ sec). Example results are presented in figure 4, showing power level, power rate, and jog indications for an inbound sea skimming missile flying an altitude-stepped attack profile, with a vertically polarized 9 GHz seeker. Sea swells




are not present, but capillary waves are. There is no jamming in figure 4, so there are no jogs. Consider a hypothetical jog detector configured so only fade rates of less than -30 dB/sec cause a jog indication. By examining figure 4, , there are false jogs until the missile is within 3.2 km of the ship – then false indications begin to appear, but not before. Of course this depends on the propagation model. Assuming the propagation model is correct, why would there be a vague (or specific) conclusion that jog detection doesn’t work? Two thoughts come to mind: 1) it might be because the propagation model (including the shape of the sea surface) used in the above analysis is unrealistic, or 2) it might be based on incorrect conclusions drawn from field tests. Let’s set aside the model issue temporarily, and consider the second possibility. It’s possible to test jog detection ideas by conducting field experiments in which an aircraft, equipped with a missile seeker simulator, flies attack profiles against a ship equipped with an angle deception jammer. The record of received power vs. time is then examined for evidence of ECM-induced jogs, and multipath-induced jog indications. Imagine the aircraft flies toward the ship, and the ECM is turned off; in this case, the only power fades are due to multipath. If jog indications appear in runs like these, it might be interpreted as proof that jog detection doesn’t work in the real world. That conclusion is too hasty, if it’s based on raw data. An assessment of jog detection cannot be made directly from results of this type of experiment because the aircraft flight profile differs from that of a missile in ways that are important to evaluating a potential jog detector: altitude and velocity, both of which affect fade rate. A test aircraft can be expected to fly higher (for safety reasons) and slower (for propulsion reasons) than an inbound missile. High altitude tends to increase fade rate, because the grazing angle is higher and so propagation nulls are more closely spaced. Low speed tends to decrease fade rate because the nulls appear more slowly at the ship, like pulling the film slowly through a movie projector. A fighter aircraft might come closest to representing a high-subsonic missile if the pilot broke some rules, but there will still be differences – and that means the fade rates derived from raw measurements must be mathematically interpreted to draw conclusions about the likelihood of multipath false jog indications during a real missile attack. If these calculations aren’t done, then it’s not possible to make a scientific evaluation of jog detection. Investigators can still draw conclusions though; it’s always possible to draw conclusions

– they just might be incorrect conclusions. It’s easy to see how this could happen by honest mistake: suppose a jog detector is used during one of the aforementioned air-carry tests, and the seeker simulator is known to be tracking the ship the entire time because the ECM is turned off. If the jog detector produces indications of antenna jogs, the indications are known to be false because the antenna is known to be trained on the target during the entire flight, leading directly to the conclusion that jog detection does not work. This conclusion might be right, but it’s scientifically unjustified because the empirical experiment has not been proved to adequately represent a real missile attack, in terms of grazing angle and inbound velocity. All that can be defensibly said is that jog detection does not work against a missile that flies like an airplane. I mean really, who cares? That’s not the right problem! So that’s a thumbnail sketch of multipath issues related to jog detection. The next logical question is: what do jogs caused by angle deception ECM look like by comparison? Do the antenna deflections caused by angle deception ECM result in fade rates that are distinguishable from multipath fade rates? Because if they do, then jog detection can be made to work, at least over part of the missile’s flight. Keep in mind that jog detection is most likely to work at long range, and that’s where it’s needed; it would be foolish to reject jog detection because it doesn’t work when the missile gets very close, in the part of the missile flight for which jog indications may be irrelevant. The objective of ECM is to cause soft kill as far from the ship as possible.

Although the open-loop waveform approach still has merit, it loses relevance when used against a modern, sophisticated, contextsensitive, smart weapon systems – of any type – if the countermeasure is unable to cause the missile to miss its target.

ECM Effectiveness Assessment: Angle Response Modes Let’s go back to phenomenology and Crosspol jamming: is there anything fundamental we can say about jog detection based on the response of a seeker to Crosspol jamming, in turn based on the physical principles by which Crosspol jamming causes angle errors? The explanation is out of scope for this article, but according to simulation and analysis: the answer is yes. Consider triangular polarization modulation. This means equal clockwise and counterclockwise sweep rates, and sweep limits that are symmetrical on either side of crosspolarization. For these waveforms, and considering a seeker which tracks in the azimuth plane only, patterns have been observed in software simulation of Crosspol jamming, using Sky Industries missile engagement model ENGAGE (mentioned for traceability only, this isn’t a sales pitch since WWW.DEFENCEINDUSTRYREPORTS.COM | 9


ECM needs to graduate from a talking-dollwith-a-string-on-its-back to true robotic systems.


ENGAGE is not a for-sale software product). They fall into three categories, or “response modes”: Mode 1: the seeker antenna twitches back and forth near boresight; angle errors are confined to the main lobe of the seeker’s antenna pattern. Mode 2: the seeker antenna is deflected outside the antenna main lobe to the vicinity of an antenna pattern null, and back again. Mode 3: the seeker antenna is deflected into its sidelobe region and becomes trapped there; it does not return to the target. Examples of these angle response modes are shown in figure 5, along with their fade rates. The fade rates are far in excess of the multipath rates predicted for a sea skimming missile (figure 4), which means that Crosspol angle disturbances can, in principle, be detected while rejecting multipath false jog indications, at least for triangular Crosspol waveforms against an azimuth-only seeker, and for the propagation conditions described previously.

Other Future Possibilities All these ideas – soft kill, angle deception jamming, jog detection, and the use of phenomenology – can be used to design an adaptive jammer. An adaptive jammer changes its behavior during the engagement according to what it sees 10 | WWW.DEFENCEINDUSTRYREPORTS.COM

happening – by measurement of (at least) missile range, bearing, and seeker power. For this reason, each engagement can reasonably be expected to result in a completely unique sequence of techniques and waveforms, or partial waveforms, or continuously-adapting behaviors, for which the term “waveform” by its usual meaning is a misnomer. For example, consider the behavior of a Crosspol-based second generation adaptive jammer whose polarization is continuously controlled by measured the above-mentioned observables - that means the jammer polarization is controlled by the missile seeker’s behaviour. The jammer becomes a parasitic element and a seeker angle tracking loop, and the seeker becomes a parasitic element in the polarization control loop. The concept of polarization sweep rate and limits no longer have consequential meaning. This is in contrast with the current paradigm of countermeasure development, in which an ECM engineer is tasked with selecting an optimal ECM technique and waveform to counter specific threat or group of threats. The technique and waveform define the behaviour of the jammer throughout the missile engagement. Although the open-loop waveform approach still has merit, it loses relevance when used against


a modern, sophisticated, context-sensitive, smart weapon systems – of any type – if the countermeasure is unable to cause the missile to miss its target. Space in this article only permits the following definitions to be offered regarding first, second, third, and fourth generation adaptive jammers: First Generation: First-generation adaptive jammers could offer continuous effectiveness measurements, discrete decision points, and a suite of scripted (i.e. preprogrammed) open-loop behaviours. In simple terms, a first generation adaptive jammer has a repertoire of behavioural blocks at its disposal, and adaptation is in the order the blocks are put together during an engagement. Its main limitation is that waveform adaptation can only occur at discrete time points in the engagement; once the jammer decides to execute a scripted waveform, it will complete that waveform before deciding whether or not to change its behavior – even though it measures ECM effectiveness continuously. First generation jammers should make use of all available threat characteristics information (as all generations should), and their behavior should include threat-specific actions in case electronic support measures systems can positively identify the type of missile threat. Second Generation: Second-generation adaptive jammers include all first-generation features, and could offer continuous processes and estimators, continuous decisions, and continuous waveform adaptation. In simple terms. a second generation adaptive jammer can interrupt its scripted behaviour at any time, and may enact unscripted free-form continuous behaviours which are partially determined by the continuously-observed behaviour of the seeker and missile. Third Generation: Third generation adaptive jammers include all first and second generation features, and could offer real-time cooperation between multiple ECM systems, automatic accumulation of fleet experience into an information network, and intra-network teach/ learn capability. A live missile engagement is the ultimate field trial, and no information arising from such an event should be – it represents an opportunity to test and improve the design of the adaptive camera. This applies across an entire fleet of jammers; if one jammer is involved somewhere in the world in a missile engagement, the entire fleet of jammers can benefit from the experience, regardless of the outcome of that particular engagement. In simple terms, third generation adaptive jammers cooperate and share information with each other, including lessons learned from all old battles.

Fourth Generation: Fourth generation adaptive jammers include all first, second, and third generation features, and could include self-design and self-optimization capabilities, possibly based on heuristic methods such as genetic or evolutionary algorithms for optimization of multidimensional nonlinear systems.

Conclusion The purpose of this article is to share some thoughts concerning possible future EW technologies for platform defense against guided missile attack. In the author’s opinion, a shift is required from the current paradigm of countermeasure development involving openloop, unreactive countermeasures, to a new paradigm involving adaptive systems which tailor their response to real-time feedback of ECM success. All of the ideas presented in this article involve real-time ECM effectiveness assessment, based on real-time observable effects, for the purpose of real-time adaptation of ECM and techniques and waveforms. Everything described in this article can be done today – no new technologies are required, and no new knowledge is required. It is this author’s opinion that there is considerable scope for EW development and improvement by shifting to a new paradigm based on adaptive countermeasures. The alternative is to continue to rely on unreactive, scripted, open-loop, feedback-free countermeasures which can at best be only roughly tailored for the broad range of attack scenarios and threats which are endemic to modern combat. ECM needs to graduate from a talking-doll-with-a-string-on-itsback to true robotic systems. The Invicta adaptive ECM controller has been built by Sky Industries, and includes every first and second generation feature described in this article, and more – including continuous polarization control. It has passed software and hardware confirmation tests, and shows remarkably versatile behavior in software simulation. But it has never been tested with a missile seeker or seeker simulator. What’s really required to progress the ideas in this article from concepts and demonstrations into fielded technology is not more hardware or more software or more funding or more work, but a shift in thinking. Changes in thinking happen when a community begins to challenge accepted wisdom, ask devastating key questions, discuss fundamental problems, and thoughtfully examine new possibilities with detached objectivity and scientific curiosity. I hope this article will help to begin to bring about all these things.

Although the open-loop waveform approach still has merit, it loses relevance when used against a modern, sophisticated, contextsensitive, smart weapon systems – of any type – if the countermeasure is unable to cause the missile to miss its target.



Prototype Counter-IED ECM Protection Range Estimator Device Shawn Charland, President, Sky Industries Inc. Sky Industries Inc., 2956 McCarthy Road, Ottawa, Ontario, Canada, K1V 8K6

Improvised explosive devices (IEDs) or “roadside bombs” come in a variety of types, one of which is radio controlled (RC).

The focus of this article is somewhat more technical than the first. Some of the main points in this paper are listed below, none of which have been published before: • a conceptual definition of the PRE device warning zone • protection range probability density functions and the use of an “inclusion threshold” for a numerical definition of the PRE warning zone • the use of Genetic Algorithms for environment characterization • the application of a PRE device to reactive jammers • a possible EOD application for a PRE device • user interface concepts Improvised explosive devices (IEDs) or “roadside bombs” come in a variety of types, one of which is radio controlled (RC). One way of mitigating these is by using electronic countermeasures (ECM) or “jammers”, whose purpose is to prevent the trigger signal from being received and processed by the IED receiver, wherever it is. This happens essentially because the jammer power overwhelms the trigger signal power, so the IED receiver is effectively “deafened” to the trigger signal. Since jammer power generally decreases as one moves away from the jammer, it follows that there will be a range at which there is insufficient jammer power injected into the IED receiver to prevent the trigger signal from detonating the IED. This is the effective protection range of the jammer, colloquially referred to as the “protection bubble”. There is currently no way for ECM operators to determine the size of the ECM protection bubble. This capability is an as-yet missing piece of technology: literally the other half of the counterIED ECM problem. We have countermeasures sets, but no way of knowing, quantitatively, the amount of protection they provide while – and where – they are operating. Lessons learned in the past 50 years of electronic warfare provide the solution to this problem. To determine the size of the ECM


protection bubble, information is required about three aspects of the attack scenario: 1) the characteristics of the jammer, 2) the characteristics of the local propagation environment, and 3) the characteristics of the integrated weapon system, which in this case is the RCIED and which comes in various types and flavors. There are two factors which any calculation of the protection bubble size must deal with: first, not all of the IED attack variables are known prior to an attack actually happening (this is referred to as a “partially-observed problem”), and second, the calculation of the protection range is a sensitive function of the choice of some of the parameters. There is another scientific field which has faced the same kind of problems, and solved them over the past 40 years: weather forecasting. Weather forecasting is a partially-observed problem whose solution requires the use of validated mathematical models. There’s a catch though, and it applies to the counter-IED problem as well. The models used in weather forecasting are tried-and-true and confidently known to represent physical reality, but investigators quickly learned, to their great disappointment, that the model outputs are fraught with high sensitivities to the choice of values for input parameters. This is a doubly serious issue, since the ground-truth values in weather forecasting are not well known. The same issues apply to the counter-IED ECM effectiveness problem: there is high parameter uncertainty (uncertainty about the characteristics of the RCIED transmitterreceiver pair), and high sensitivity of the solution (the ECM protection range) to the choice of parameters. These problems can be solved by borrowing mathematical techniques from weather forecasting. This is done, loosely speaking, by calculating the statistical characteristics of a population of simulated IED attack scenarios, in which the parameters have all been varied according to their uncertainties. With some caveats, present


day commercial off-the-shelf (COTS) computers are sufficiently powerful to do these calculations in real time, which opens the possibility of creating a fieldable PRE device. The main problem, technically speaking, is input conditioning: the challenge is to determine the best possible set of inputs to the PRE device. Literally, this means the best information available about the characteristics of our own jammer (installed antenna patterns, cable losses, transmitter and waveform characteristics, etc.), the characteristics of local propagation environment (are there scatterers present, and if so where are they, and what are they made of, and how are they oriented relative to the line of sight between the ECM and a test point), and the characteristics of the threat RCIED receivertransmitter pair. The technology to create a PRE device is the subject of a number of patents pending worldwide, filed by Sky Industries. Patents for this technology are now in force in the United Kingdom (2009) and Australia (2010).

Warning Zone Definition Assume for a moment that the problems pf parameter uncertainty and output sensitivity

have been solved. There then comes the issue of the “meaning” of the output of the PRE device. The purpose of this section is to define the PRE device output, and what it means. It is intuitively appealing to have a device which can tell an operator whether he or she is “safe” from RCIED attack, but like all other aspects of combat and conflict and life in general, there is no such thing as perfect certainty. What can be offered, however, with high confidence, is a statement about whether the operator is operationally protected by the jammer. A good way to illustrate this is with a thought experiment. Imagine a test range on which is positioned a jammer, a PRE device, and an instrumented RCIED receiver (figure 1 (a)). Suppose further that the receiver is placed close to the jammer, and an attempt is made to trigger it from a remote location. Since the receiver is instrumented, we can tell if the trigger signal was received and processed. Suppose further that at close range, the jammer prevents the trigger signal from being received or processed, meaning that the RCIED receiver is inside the ECM protection bubble. Suppose next that the experiment is repeated for increasing ECM-RCIED receiver range until the trigger signal is received and

To determine the size of the ECM protection bubble, information is required about three aspects of the attack scenario.




The inclusion threshold is hereby defined as the probability that the warning zone includes the ground-truth ECM toggle range.

processed, indicating that the RCIED receiver is outside the ECM protection bubble. At some point in the test, the RCIED receiver will be at a range where the ECM is only intermittently able to prevent reception and processing of the trigger signal (yellow segment in figure 1 (a)). As a side point, use of the word “intermittently” means that repeated trigger tests are required at each test range. Let’s call this the ECM effectiveness toggle range, the range at which the ECM “toggles” between effective and ineffective. A few milliseconds of thought reveals that the outcome of this thought experiment depends on a number of as-yet unstated parameter choices implicit in the problem statement: for example, how far away the trigger man is from the IED receiver, the relative antenna gains for the ECM, threat receiver and threat transmitter, the power of the transmitter, the power of ECM, the ECM waveform type, the type of IED, and a host of other variables. Now suppose the experiment is repeated, but this time the trigger man is moved closer so the trigger signal is more powerful in the IED receiver, and further suppose that nothing else changes. As a result, the ECM protection bubble is smaller, i.e. range at which the ECM is able to prevent the trigger signal from being received and processed is closer than previously. Now suppose we repeat the experiment many times, let’s say 5,000 times, and a different

parameter set is used each time. Generally speaking, each experiment will result in a different ECM toggle range. This population of answers defines the range window in which all observed ECM toggle ranges lie (figure 1 (b)). The best way to present this information is as a probability density function, or pdf (written with small-case letters, the since capital-case version PDF is used to designate a probability distribution function). A pdf is a graph of the relative likelihood that a particular answer is in the population, and an example one is shown in figure 2 (a). One of the properties of a pdf is that the area under the curve adds up to 100% probability, or 1.0. From basic probability theory 101, these curves can be used calculate the probability that an experimental outcome (e.g. ECM toggle range) will lie between two values; it’s just the area under the curve between the two values. At this point it’s useful to introduce the idea of an “inclusion threshold”: The inclusion threshold is hereby defined as the probability that the warning zone includes the ground-truth ECM toggle range. Remember: we do not – and cannot – know the ground-truth ECM toggle range because we do not – and cannot – know all of the specifics of the attack scenario. If we did know all the specifics, that would include the location of the trigger man and the IED itself, and we could avoid or capture both. Instead, the best alternative is to define




a range window which, probabilistically, must contain the true ECM toggle range, with a given user-defined likelihood, or probability. In vernacular, the counter-IED ECM warning zone is defined as the range window, centred on the median toggle range, which includes the ECM toggle range with a selected probability, or inclusion threshold. It is calculated such that the area under the pdf curve between the two values equals the user-selected probability. The following principles and properties apply to the warning zone calculated using the above definition, assuming the toggle ranges are clustered around a single value: 1. The warning zone is defined by a near range boundary and a far range boundary. 2. As the inclusion threshold decreases, the width of the warning zone increases (figure 2 (b)). 3. As the uncertainty of the attack scenario goes down, the pdf becomes narrower, and the warning zone becomes narrower also (compare figure 3(a) with 3(b)); in the limit, if all attack scenario parameters are known then the toggle range can be perfectly calculated, the pdf collapses to a delta function (i.e. a vertical line), and the width of the warning zone becomes zero (discounting the effects of thermal noise). Regarding the third point, there is an important relationship between the warning zone width and the choice of inclusion threshold: the width of the warning zone is probably less important than where the near-range boundary is, since it

is imprudent to allow assets to be farther from the ECM than this. The above definition of the warning zone is intuitive but is based on the hypothesis that there is a single ECM toggle range in each attack scenario. However, depending on geometry and frequency there may be more than one toggle range in each attack scenario, as suggested in figure 4, so the single toggle range hypothesis is violated. This can arise because of propagation nulls, or because of interference from nearby scatterers, or because of operation near a hill or surface depression. In this case, a more sophisticated definition of the warning zone is required; it must be able to define surface areas which are notionally more dangerous than others, because in these regions the ECM power is especially depressed compared with other areas. One option is to treat each cluster of ECM toggle ranges separately, and then to treat the separate toggle range clusters according to their probability of occurrence.

The basic idea is to learn about the environment by occasionally probing the environment with signals radiated by the ECM antenna.

Genetic Algorithms and Environment Characterization Calculation of the warning zone depends on information about three things: 1) our own ECM, 2) the characteristics of the threat, and 3) the characteristics of the local propagation environment. Information about the first – our own ECM – comes from doing our homework; measuring antenna patterns on our vehicles,




Genetic algorithms are a way of solving a mathematically complex problem while potentially doing almost no math.

characterizing the behavior of jammers as a function of temperature and environment in time, configuration managing equipment and waveforms, etc. Information about the second – IED threats – comes from exploitation activities in which captured RCIEDs are dismantled and some reverse engineering is done to determine how they work, what their susceptibilities are (i.e. what inputs they have that are accessible to a jammer), and what their vulnerabilities are (i.e. which of those susceptibilities can be used, singly or in combination, to defeat a particular RCIED when the receiver-transmitter pair is considered as an integrated weapon system). Information about the third – the propagation environment – is more challenging to acquire, because the environment can’t be measured in a lab or by doing “homework” – it needs to be acquired in situ, during operations. Is this possible? Yes it is. Here’s how, in a nutshell.



The basic idea is to learn about the environment by occasionally probing the environment with signals radiated by the ECM antenna. These are called “pilot signals”, and their only purpose is to discover the characteristics of the local propagation environment. Pilot signals are received by a sensor (the PRE device), located some distance from the ECM transmit antenna. Because we know how signals propagate through a flat vanilla-flavoured environment, it’s possible to infer certain things about the environment from what it did to the transmitted signal by the time it got to the receiver. For example, if the received signal shows up looking just like it should if the world is flat, then the world is probably flat. If it doesn’t, then there’s something else out there. Let’s start by listing what we want to find out. That’s pretty easy; assuming the ground is flat and level, there are four main things we really want to know about the local propagation environment to be able to calculate the ECM toggle range, and from that the warning zone


near-range and far-range boundaries. These four things are: 1) ECM transmit antenna height above the ground (assuming it can be modeled as a point source, which may or may not be true, depending on distance ), 2) distance to the sensor (PRE device), 3) height of the PRE device antenna above the ground, and 4) the gain of the ECM antenna relative to the gain of their PRE device antenna (or equivalently, vice versa). There are only four parameters because everything else needed for the warning zone calculations can be determined by characterizing our own equipment, and by relying on best estimates from threat intelligence that are derived from the exploitation. Also, a lot of parameters that simply scale power can be rolled into a single antenna gain term. The most important part of the previous paragraph is a phrase “assuming the ground is flat and level”. So logically we need to add a fifth element to the list: a way to detect whether the ground is flat and level.

If this yes-or-no detector bit is set to “FALSE – it’s not flat and level”, the list of desirable parameters gets longer and a bit more ambitious. Aside from the four main things and whether the ground is flat or “something else”, some of the other things we’d like to determine are: If the ground is not flat, what’s its curvature? Is it a simple or compound curve? What’s the ground made of? And perhaps most importantly: are there spurious scatterers in the environment, and if so (a) where are they relative to the ECM and the PRE device, (b) what are they made of, and (c) what is their orientation? This is a classic multidimensional problem – that means a problem that has a lot of things in it you don’t know. These kinds of problems are especially hard to solve because the answers for some parameters depend on the answers you chose for other parameters. This is a way of saying that the solution is heavily interconnected with itself, or closely coupled. Multidimensional problems are typically solved using something called “heuristic methods”,

Ambiguity is more tolerable in some variables than others, since the overall objective is not to determine the parameters, but ultimately to estimate the variability of ECM toggle ranges.




The objective is to use pilot signals and genetic algorithms to get just enough information about the environment to give “sufficient” precision when calculating the answer we need.

which is a catchall phrase that refers to things like genetic algorithms, evolutionary algorithms, synthetic annealing, Tabu search, and more. Let’s pick genetic algorithms, just because the name sounds the most interesting, and of the bunch it’s probably the one that most readers would have heard the name before. Fair warning: explaining this is a bit like peeling an onion, you have to go down layer by layer, but on the plus side each layer is easy to understand. Genetic algorithms are a way of solving a mathematically complex problem while potentially doing almost no math. Suppose we are trying to figure out the four main parameters listed earlier: 1) ECM antenna height, 2) sensor antenna height, 3) ECM-sensor range, and 4) ECM antenna relative gain. Here are the broad-brush steps to make it work (it’s easy, I’ve done it): 1. Start by guessing the answer. It doesn’t matter how good the guesses are, you just need a lot of guesses, let’s say 1,000. A single guess is a set of four numbers: ECM antenna height, sensor antenna height, ECM-sensor range, and ECM antenna relative gain. 2. In the real world, use a sensor (a PRE device) to measure the power of a pilot signal transmitted from the ECM antenna. I’m talking about a real measurement here, not simulation or calculation. 3. For every guess in step 1, use a propagation model to calculate the pilot signal power that would be received at the PRE device antenna if the guess is correct. It has to be a good propagation model, one that matches reality, a validated propagation model. Compare this predicted power with the measured power; if they agree (to within a selected tolerance, +/-1 dB say), we conclude that the guess is, by blind luck, pretty good. Save that guess off to the side, it’s “fitness” is high so it’s a “survivor”, and it will be needed it a minute. Conversely, if the predicted power does not agree well with the measured power, the guess is probably wrong, so it’s discarded (it’s fitness is low, so it “dies”). 4. So now we’ve got a bunch of guesses which each give a predicted power that more or less matches the measured power. There will be much less than 1,000 of them though, because most of the original guesses were probably wrong. The next step is to combine the relatively few surviving guesses to create a bunch of new guesses which are like the winning guesses, but not exact copies. One way is to “breed” winning guesses to create enough “children” (new sets of the four parameters) to reconstitute the pet population back up to 1,000. One simple way to breed children is to take two solutions and calculate the four values that define


the child to be the average of the parents’ four values. The parents could be equally weighted, or weighted according to their scores, so children are most like the high scoring parent. These choices represent the design of the genetic algorithm, and it’s a bit like a cake recipe. As a last step, add some wild-card guesses into the population. How many should you add? That’s part of the cake recipe, try it and see what works best. 5. Go back to step 3 and repeat this process. Each pass through steps 3 to 5 is called a “generation”, and if the process is mathematically tuned correctly, the overall quality of the guesses improves with each generation. A set of stopping criteria need to be defined, and when those criteria are met, the final answer is derived from the last generation... or possibly all the generations calculated in the campaign since the first generation (where “campaign” refers to all the steps described here, a single attempt to figure out what’s in the environment). How the final answer is computed is, again, part of the cake recipe. Notice that almost no math is needed: you just have to calculate predicted power over and over. There’s no need to invert complex functions with nasty things like embedded transcendental functions and exponentials and logarithms, there’s no need for parameter sensitivity tests, the answer falls out by Darwinian mechanisms of evolution: survival of the fittest. But don’t be fooled: the devil’s in the details, so there’s some hands-on know-how you need to make this give a meaningful answer. The genetic algorithm can also be designed to be self-adapting, so that survival thresholds, population sizes, and termination criteria are dynamically determined by the progression of the solution. This can simultaneously increase accuracy and decrease execution time, if enough adaptive functionality is added and if that functionality is tuned correctly. One way to do this is by adding a 6th step after the final answer is obtained, so the next time through the genetic algorithm is used, it’s design has been changed by the previous pass. In this 6th step the survival thresholds, population sizes, and termination criteria etc. are changed according to observed residual errors, the number of generations required to meet one or more of the stopping criteria, and other factors. Another way is by adding adaptation before the final answer is obtained, i.e. within the steps listed above. As an example, consider the survival threshold mentioned in step 3; in a non-adaptive algorithm, a fixed threshold is be used to cull poor performing solutions from good ones, where the good ones go on to make the next


generation. Instead, the survival threshold could be dynamically chosen in step 3 according to the distribution of scores in the not-yet-culled population; this way, the survival threshold could be set – at least temporarily – to cause a certain minimum percentage of the population to survive. The effect of this adaptation is to sidestep “population extinction” by temporarily relaxing the fitness criteria, which also sidesteps the computational overhead of a complete genetic algorithm reboot if all the candidate solutions happen to disappear. Remember, design of a genetic algorithm is like a cake recipe, so it’s part art and part science.

Solution Disambiguation Here’s the next layer of onion skin: if the ECM transmits at a single frequency, the solution(s) only have to match the measured power at a single frequency. This can, and does, lead to solution ambiguity – that’s where multiple combinations of the four parameters produce the same observed power. An example of solution ambiguity is shown in figure 5; it’s an overlay of predicted power vs. range for 100 candidate solutions (reminder: one candidate solution is a single value for ECM antenna height, a single value for sensor antenna height, a single value for ECM-sensor range, and a single value for ECM antenna relative gain). The solutions each produce the same observed power at the measurement range, but different, diverging answers elsewhere; the degree of divergence is a measure of the diversity of the solutions – how different they are from each other. For readers paying very close attention: the range axes of all data sets in figure 5 have been aligned so the predicted sensor range – not the predicted power – occurs at 62.2 m; the common power crossover point, visually striking in the graphs, is a genuine property of the population of solutions. The alignment has been done for visual clarity. So how can we tell which solution set is right? The question is more slippery even than it sounds – ambiguity is more tolerable in some variables than others, since the overall objective is not to determine the parameters, but ultimately to estimate the variability of ECM toggle ranges. An analysis of the effect of parameter ambiguity on toggle range variability is relatively straightforward, but beyond the scope of this paper. Instead, let’s have a brief discussion about how to get rid of solutions that don’t make sense. I’ll call this solution disambiguation. One way to disambiguate the solutions is to perform the same analysis at a second frequency. And a third, and fourth, etc. The more frequencies

you use, the more the group of candidate solution sets become constrained, because the acceptable solutions must match the measured power at each frequency. There are a lot of different ways of understanding how pilot signals can be used to characterize the local propagation environment, but they all boil down to this: because the signals at different frequencies all travel through the same physical path between the ECM antenna and sensor (PRE device), and because “different frequency” means “different wavelength”, each frequency will appear at the PRE device a different power level. The pattern of power levels is like a fingerprint of the local propagation environment. Of course you never get something for nothing; there is a relationship between the number of pilot signals, their frequency distribution, and the precision with which the four values comprising a single solution (two heights, range and antenna gain) can be determined. However, the objective is to use pilot signals and genetic algorithms to get just enough information about the environment to give “sufficient” precision when calculating the answer we need: the distribution of ECM toggle ranges. An example of disambiguation by frequency diversity is shown in figure 6, where three frequencies are used. Note that in this example, disambiguation isn’t perfect – the power vs. range curves are clustered more closely than before, but they still diverge as one moves away from the power crossover point. This divergence is caused by “smearing” of the estimated parameters values. There are several other methods of disambiguation, besides frequency diversity. One way is to use two or more antennas that are separated in elevation by a known distance; this approach is more hardware-complex, but it also solves some other problems and provides some other valuable information. Another method is uses range diversity, and another is based on temporal diversity (although that one is trickier). Some disambiguation can be done phenomenologically, for example by considering the time history of all solutions in the context of known properties of short range propagation. In some cases, disambiguation may not be immediately possible, but may become possible as the engagement progresses and with the introduction of new information, possibly from a secondary or tertiary source. In these cases, it may be advisable to carry forward multiple hypotheses about the solution until all but one (or a practically indistinguishable few) can be ruled inadmissible. As an example, consider the case where everything is known except the height of the receive antenna. A single power measurement will, in general, cause the genetic algorithms

Some frequency choices provide more information than others about the local propagation environment.



A reactive jammer has a lot of advantages over barrage jammer; for example, a barrage jammer must transmit constantly and so will drain its batteries quickly.

to produce multiple candidate solutions for the receive antenna height. In general, some solutions will be higher than the transmit antenna, and some lower, so they can be placed into groups: a high height hypothesis group, and a low height hypothesis group. If the receive antenna height is known to be lower than the transmit antenna, the higher height solutions can be rejected as inadmissible. If that information is not available, or not immediately available, the best approach is to carry both sets of hypotheses forward until such time as one set can be rejected. This is an important example, because ECM antenna height is a strong determining factor in ECM protection range. The disambiguation problem is rich in other ways too, especially for a multidimensional problem. For example, suppose the genetic algorithms have produced a pool of candidate solutions from which we need to extract the best candidate. We know something about how propagation works phenomenologically, so if we accept a particular solution for the range between the receiver and transmitter, that tells us something about the necessary relationship between frequency and antenna heights. If the

range is correct, a small wiggle in frequency should cause received power to wiggle by xyz dB. If the range solution is incorrect, then the same frequency wiggle will produce a different wiggle in received power. The design of a device to provide this kind of ability is an interesting one, not just for counter-IED applications, but for other remote sensing applications as well, perhaps in the telecommunications industry. It’s easy to imagine an intelligent device which continuously conducts its own scientific experiments on the environment based on meta-analysis of real-world measured power measurements, using transmitter frequency, power and phase as its tools. A detailed discussion of disambiguation techniques is out of scope for this paper, as is the performance enhancement that accrues from using a combination of disambiguation techniques, though they may be treated in future papers. There’s a final important point I want to make in this section concerning disambiguation by frequency diversity, and in a minute I’m going to relate it to reactive jammers: all pilot signals are not created equal. Some frequency choices




provide more information than others about the local propagation environment. This is easy to understand by considering the effect of antenna height on, for example, the position of nulls in a graph of power versus range (see figure 7). Small changes in height – or frequency – have the effect of changing the range at which a propagation null occurs, so if the receive antenna happens to be sitting near a null, small changes in height or frequency will have to big effect on the power received from the transmitter. This is because a null happens when the direct and indirect paths cancel (or nearly cancel) each other; a little wiggle either way, in height or frequency, means the wavelengths don’t line up anymore (unless you move to a different range). Now imagine that, in a real-world experiment, the power measured at the receive antenna is very low; only a relatively narrow set of height and range combinations will cause a null. The converse is true at ranges where there is a relative peak between direct and indirect signals, i.e. where the direct and indirect signals reinforce each other instead of canceling. In this case, changing the height or the frequency has relatively little effect on the received power. In summary, a null is an information-rich propagation event; if the receive antenna is in a physical location where the measured signal is low or undetectable, but tiny changes in transmitter frequency or position make the measured signal reappear, the receive antenna is in a null... and it’s possible to incidentally figure out rather a lot about the propagation environment that’s causing this to happen, because very selective and specific conditions are required to make it happen. This means that the best selection of pilot signal frequencies – the ones which provide the most information about the local propagation environment – depends on the geometry between the receiver, the transmitter, and the scatterers in

the local environment. And this leads to a bit of a conundrum: a PRE device is literally in a position to choose those frequencies, but it’s the jammer – way over there – which has to transmit them. To allow a PRE device to characterize the local propagation environment as accurately and efficiently as possible in time and power, there needs to be a communication channel from the PRE device back to the jammer. And luckily, government and industry has spent perhaps $100 million in nonrecurring engineering costs creating one. It’s called a reactive jammer.

Application to Reactive Jammers What’s a reactive jammer? A Google search turns up lots of information. In a nutshell, a reactive jammer is one which doesn’t normally transmit anything; it listens to the signal environment and classifies the signals it hears as friendly, unknown, or hostile. If it hears a hostile signal – a RCIED trigger signal – it turns on very fast, and covers the trigger signal frequency to jam the RCIED receiver. When the trigger signal goes away, the jammer stops transmitting. In the counter-missile world this is called a “repeater jammer”; different terminology, same in meaning. This can be contrasted with a barrage jammer, in which the jamming signal is always on. A reactive jammer has a lot of advantages over barrage jammer; for example, a barrage jammer must transmit constantly and so will drain its batteries quickly, whereas a reactive jammer almost never transmits so presumably it can get away with a smaller battery for the same endurance, and therefore would be relatively lightweight. Also a barrage jammer must spread its energy over the entire spectrum where the trigger signal may appear, whereas a reactive jammer can place all its power exactly on the trigger signal. In simple terms, this

With information about the relative velocities of the PRE device and jammer, and if the jammer-PRE device are in a lock-track state with spurious scatterers, is may be possible to distinguish between moving and stationary scatterers relative to the line of sight between the jammer and the PRE device.




A collision between a PRE ping request and a trigger signal is undesirable, but this is a minor solvable technical detail.

means an improvement in jam to signal ratio (JSR) something like the ratio of the barrage jammer’s bandwidth to the reactive jammer’s bandwidth; if a barrage jammer is designed to cover 50 MHz and a reactive jammer is designed to cover three times a typical communications receiver bandwidth, say it covers 50 KHz, the JSR improvement is a factor of 1,000, or +30 dB. Less power is needed to counter the RCIED, which has possible positive health implications for operators. The downside of a reactive jammer is that it is a specialized piece of equipment – it has to react fast and cover a broad bandwidth, so it’s probably expensive to develop and manufacture. Suppose we have a reactive jammer and want to make it work with a PRE device, to determine how much RCIED protection the jammer is actually providing moment by moment, in real time, under combat conditions. The first obvious problem is that the reactive jammer doesn’t transmit anything unless it sees a trigger signal. But imagine that the PRE device transmits a weak signal that the reactive jammer classifies as hostile, or recognizes as a pilot signal transmission request. The jammer is designed to repeat that signal – on frequency – instantly. This means that the PRE device working with a reactive jammer, can automatically request any frequency it wants, just by sending out a lowpower “ping” at the desired pilot signal frequency. The concept is a bit like a submarine. As a submarine moves silently along, every once in a while it sends out a sonar ping, whenever it wants to learn something about the environment. It listens for the echo, and after applying some sophisticated signal processing, it finds out what it needs to know. Most of the time it doesn’t transmit anything, because it doesn’t want to be detected. I imagine some really smart people have spent a lot of time figuring out, from information theory, just how often these pings should happen, where the need for information is balanced against the need for stealth. This work might be applicable to this problem of scheduling/controlling PRE device pings. Sounds like a great idea for a research project, but I have found internationally that government agencies which advertise themselves as open to new ideas are in fact practically closed, administratively intractable, and unfriendly outside the contracting community they themselves have established. That’s not a complaint, just an observation; it’s a business model that didn’t work very well in the former Soviet Union in forming space or defence or domestic policies, and I don’t think it will work – or is working – very well in the West; but c’est la vie. Back to the RCIED story: remember that the pilot signal frequencies which provide the most information about the propagation


environment depend on the environment itself – they’re the ones that make a null happen at the PRE device’s location. But even the PRE device doesn’t know what those frequencies are, until it probes the environment. When operated with a reactive jammer, a PRE device can probe the environment by sending out a series of pings, which will be repeated by the reactive jammer. The PRE device can then analyze the pattern of received power levels (as a function of frequency), and revise the pilot signal frequencies, and ping the new frequency set. By iterating like this, it can find the frequency set that causes the nulls, or relative nulls – thus revealing information about the local distribution of spurious scatterers. Following this train of thought, a PRE device could enter into a sort of “tracking” mode with the reactive jammer, in which the pilot signal frequencies requested by the PRE device (by sending out pings) are adapted and jittered continuously to maintain propagation nulls at the PRE device. In manner analogous to FM demodulation by a phase-locked loop (PLL), the characteristics of the environment could be determined by the pilot signal frequencies necessary to maintain the “tracking” condition, i.e. all or some of the pilot signal frequencies place a null at or near the PRE device’s physical location. This is equivalent to the device “locking” onto physical objects – scatterers – in the environment. If the device loses lock, perhaps because in a known condition suddenly appears, it can warn operator, effectively saying “STOP. Something’s happening in the environment that I don’t understand – you’re off the reservation, get out of there!”. Even more interestingly, if modulation is added to the pings and the replies, it’s possible to create a two-way asynchronous (that’s a key word, asynchronous) communication channel between the PRE device and the jammer, leading to real-time, in-combat cooperative and adaptive interaction between the jammer and the assets it’s designed to protect. For example: the PRE device only needs to ping the jammer when it decides it needs to learn more about the environment. Suppose the PRE device has a GPS receiver, as does the reactive jammer. If the PRE device notices that its own position has stopped changing, and if pings from the jammer include GPS information about the jammer’s own position, the PRE device can maintain a time history both their positions. With information about the relative velocities of the PRE device and jammer, and if the jammer-PRE device are in a lock-track state with spurious scatterers, is may be possible to distinguish between moving and stationary


scatterers relative to the line of sight between the jammer and the PRE device. This means it may be possible to correlate scatterer indications with physical objects in the environment. Aside: this might be considered a new kind of short-range semi-imaging radar. Example: consider two vehicles traveling at constant speed, one is the jammer, the other the PRE device. As the two pass a stationary reflecting surface, like a building, the pilot frequencies required to maintain a null at the PRE device will change. The changing frequencies reveals that the geometry is changing, and since the convoy speed is known, the relative speed of the reflector (it’s stationary) can be deduced. Run the same thought experiment, but replace the building with an at-speed flanking vehicle. Of course there are issues with processing speed, but I’m just talking about a concept here. Continuing with the reactive jammer/ping story: if the position time histories show that both the jammer and the PRE devices have become stationary, the need for an update may become less; it’s driven by objects that are moving in the environment, since the assets are stationary. This could be cued by video or by an internal timer, which could itself be a referenced to GPSderived location; operating in an urban area might suggest more frequent updates than operating in a rural area. As another example, for operational reasons it may be necessary for the PRE device to become silent; a single ping from the jammer is all that’s needed to tell the PRE to stop transmitting, and for how long to stop transmitting. Another thought: the exchange of pings between a PRE device and a reactive jammer does not need to be a 1 to 1 mapping; depending on programming, single ping from the PRE device – with the right coding on it – might cause the reactive jammer to send out a spread of simultaneous pilot signals a preselected frequencies. Since both the PRE device and the reactive jammer know what these frequencies are, it’s straightforward to make sure that the PRE device has its receiver tuned to receive them all. Of course, this proposition steals time away from the reactive jammer which otherwise would be spent listening for RCIED trigger signals. A collision between a PRE ping request and a trigger signal is undesirable, but this is a minor solvable technical detail. The solution relies on the statistical trade-off in protection between the likelihood of such a collision, the likelihood that assets are unknowingly exposed to an RCEID threat because the ECM has been unknowingly compromised by the environment, or some other factor.

The key word in the last sentence isn’t “exposed”, or “threat”, or even “compromised”; the key word is unknowingly. Which brings us to the next section, a discussion of a possible immediate application for a PRE device: Explosive Ordnance Disposal, EOD.

Possible Application to EOD EOD is to military operations as cayenne pepper is to food: if you need it, nothing else will do, but it’s tricky, hot, and a little goes a long way. The EOD problem has a number of unique aspects to it: there’s a bomb, we know where it is, a human life is definitely at risk, and by extension so is the essential skill set and experience of a highly trained individual, probably built up over years at tremendous financial cost. Without a doubt, ECM must be present for EOD operations. With so many unknowns present in such a dangerous operation, the last thing we want to happen is for the ECM to be unknowingly compromised, either by the environment, or by the operator as an active part of the environment. At a recent briefing an excellent question was posed: how would a PRE device behave if it were in close proximity to an EOD technician (e.g carried by) when he/she went up-range to defuse a device? EOD techs typically carry their own gear, which might include some metal and definitely includes a heavy suit. Maybe scattering by the suit, or the operator’s body, or some or all of his gear, might lead to false indications from the PRE device. Maybe under those circumstances, it would be better not to have a PRE device at all; this is, after all, a high-stress situation and having an indicator light that blinks back and forth between green, yellow and red may do more harm than good. It’s a fair point – this is a legitimate concern and needs to be addressed straight on. First of all, we need to distinguish between two things: 1) a capability that works, and 2) the problem of false indications. I can’t think of an argument against a capability that works; in some ways we’ve been fat dumb and stupid, practicing 1950s style EW for years with our head in the sand pretending that we don’t need to know whether EW working, because we can’t figure out how to tell of it’s working. The problem isn’t that the capability is undesirable, the problem is that the false indications are. A correctly designed PRE device must have a controlled and known and scientifically proven behavior when it comes to false indications. Radar designers have faced and conquered exactly this kind of problem decades ago, as has the modern digital telecommunications industry. The challenge is

A correctly designed PRE device must have a controlled and known and scientifically proven behavior when it comes to false indications.



Concern has been raised – and it’s a legitimate concern – about whether a realistic deployment doctrine could be developed

to create this capability, and to do this we use science and the scientific method, which means that the subjectivity of opinion and guesswork are replaced by the objectivity of mathematical calculation and field measurements. You simply don’t release a PRE device for operation until firstly it has achieved a false indication performance standard judged acceptable for military applications, and secondly a doctrine for its use has been established. We can argue all day about whether either of these are achievable and/or affordable, but so far there are no technical show-stoppers. And here’s something else to think about, even more important: behavior that looks like a false indication may not, in fact, be a false indication. The question of how an EOD operator affects the operation of a PRE device is a good one, but it’s only half the

for a PRE device.



question; we also need to ask ourselves how the presence of an EOD operator and his equipment affects the operation of the ECM near the bomb. Has his body, or his suit, or his equipment occluded the jammer or in some way unknowingly compromised the strength of the ECM field near the bomb? If the answer is yes, is there something he can do about it? Should a portable metal fence be erected to block areas that are outside the line of sight to the jammer, and if so, where? Should he position his body in a different way? Should he approach the device from a different direction? If he is carrying ECM with him, is there some way he should be carrying it to guarantee it provides the protection it’s intended to? These are key questions, and the answers – so far – aren’t in the EOD tech’s toolbox.



What would a user interface look like? It has to be simple enough that no specialized technical expertise is needed to interpret positive or negative indications, so the idea of green/yellow/red lights is a candidate. The original concept was to use green to represent “safe”, yellow to represent “warning”, and red represent “danger” ( f i g u r e 8 ( a ) ) . H o w e v e r, t h e r e ’ s n o such thing as “safe”, so a better approach might be to use a green light indicate that the situation is “operational”, i.e. ECM protection is not currently compromised. A next-level capability would include a power level meter calibrated against the environment and estimated threat characteristics (figure 8(b)), so the indicator lights can be seen in a continuum; how close is the current ECM power to touching the threshold of the warning zone? Very far, not very far? If I walk three more feet forward, am I now in danger? If I walk backwards 3 feet, sideways 10 feet and then forward 8 feet, does the light stay green instead of going from green to yellow, or even to red? There’s a truck parked over there, is that compromising my ECM? What about that chainlink fence, or that building? Should I be doing something different? Even better, is it possible to show the near and far edges of the warning zone as part of a video display? Of course it is. An example screen capture is shown in figure 8 (c), and an ECM absent screen capture in figure 8 (d).

My friend and colleague Dr. David King, told me something years ago that has always stuck in my mind, and although we were having a general discussion, it bears on the advisability of fielding a PRE device, among other things: “The only question of practical significance is, ‘What do we do next?’”. That’s right. If a PRE device doesn’t give information that leads to a change in action, or a change of body position, or a new decision, or a change in the way resources or assets are disposed, then it’s entirely useless, you might as well pass out mood rings to the troops. And the ECM effectiveness message to EOD techs will continue to be, “Good luck, we’ll tell you how safe you are when you get back.” To close out this section, there’s another type of objection which is worth mentioning: it’s doctrine-related. Concern has been raised – and it’s a legitimate concern – about whether a realistic deployment doctrine could be developed for a PRE device. This is a real and important challenge, but it’s outside the purview of this paper. I can share some thoughts though, and here they are. The question has been asked, “What if a dismounted soldier had a PRE device, and he/ she had to go up range, but his indicator light turned from green to red. He might not want to go. In fact, it might cause so much stress that it’s really better not to have an indication at all.” In my opinion the thinking behind the “stress” comment is flawed, for several reasons. Here are three of them: 1. This is the chain-of-command problem related to how information is acted on, and is logically separate from the technical problem of providing the information. Yes they are coupled, but they first need to be considered separately. One can hardly argue against the logically-identical issue of reconnoitering a village to find out how many enemy armed combatants are present, on the grounds that knowing answer would unnerve the troops. See point 2. 2. It presupposes that there is nothing that can be done to remedy a negative indication. Some of the time this might be true, but some of the time it is certainly untrue – some of the time you certainly can do something to remedy a negative indication. For example, the first thing that comes to mind if a soldier uprange has a negative indication – his light is red light instead of green – is to move ECM until his light changes from red back to green. We have to step out of the 1950s-era EW paradigm and into a new 21st century paradigm which allows for – and expects – feedback and

Today we have a much better understanding of phenomenology, and we have computing power which literally could not have been imagined at that time, in terms of size and capability.



‘What we have right now, in relying on standard operating procedures as a proxy for real ECM effectiveness assessment, is arguably the ultimate example of a false sense of security’.

interaction between EW/ECM and the assets it protects. But make no mistake: if there is nothing we can do – nothing – to change the protection status of that soldier uprange, then providing a PRE device comes right back again to the equivalent of handing out mood rings, and there is absolutely no need. But I don’t think that’s the case; I think in the vast majority of cases there is something that can be done to convert his red indication to a green one, and to make sure the mission is a success, and that the political will of the country is enforced, and that he or she goes home safe and in one piece to their family. 3. Although it’s legitimate to raise the concern that a PRE device could be a stress raiser, I think it’s the other way around: a correctly designed, fully tested, and properly qualified PRE device would be a stress reducer, not a stress increaser. Pretty obviously the user community gets the last vote on this one, and I think they should be asked. I’ve heard that the number one question the troops ask when they are given a new piece of EW equipment is, “how do we know it’s working?” and I think the answer “you don’t need to know” isn’t going to be very satisfying for them.

Conclusion At present, it seems that counter-IED ECM effectiveness assessment is based on empirical observations made during ad hoc field experiments conducted in out-oftheater safe areas, resulting in rules of thumb, which become standard operating procedures. If this is correct, we’re stuck in the 1950s, a time when EW was new, technology was new, computers were nearly nonexistent, and there were no practical alternatives to good old try-it-and-see. But that was then, and this is now; today we have a much better understanding of phenomenology, and we have computing power which literally could not have been imagined at that time, in terms of size and capability. One of the biggest and most serious – and recurring – criticisms of the idea of fielding a PRE device is that it could give a false sense of security. That’s true, if it’s not correctly designed and implemented and tested and commissioned. But as a final point, I’ll quote a comment from a thoughtful colleague and listener who shall remain anonymous: ‘What we have right now, in relying on standard operating procedures as a proxy for real ECM effectiveness assessment, is arguably the ultimate example of a false sense of security’. 26 | WWW.DEFENCEINDUSTRYREPORTS.COM

Defence Industry Reports… the Defence Reports….the leadingIndustry specialist combined leading specialist online research andcombined networking online research and networking resource for senior military and resource for senior military and defence industry professionals.

defence industry professionals.

Up•to Up thetominute Industry and Technology Newsand and other content available the minute Industry and Technology News other content available to to all site users on a free of charge, open access basis. all site users on a free of charge, open access basis.

Qualifi ed signed up members to access accesspremium premium content Special • Qualified signed up membersare areable able to content Special Reports and interact with their peers varietyofof advanced online Reports and interact with their peersusing using aa variety advanced online networking tools. networking tools.

• Designed to help users identifynew newtechnical technical solutions, understand the the Designed to help users identify solutions, understand implications of different technicalchoices choices and and select best solutions implications of different technical selectthe the best solutions available.

available. Thought Leadership – Advice and guidance from internationally recognised • Thought Leadership - Advice and guidance from internationally recognised defence industry key opinion leaders.

Peer Input – Contributions from senior military personnel and defence • Peer Input - Contributions from senior military personnel and defence industry industry professionals.

Independent Editorial Content – Expert and authoritative analysis from • Independent Editorial Content - Expert and authoritative analysis from award award winning journalists and leading industry commentators.

Unbiased Supplier Provided Content.

Designed to facilitate debate. • Designed to facilitate debate

Written to thetohighest professional • Written the highest professionalstandards. standards

defence industry key opinion leaders


winning journalists and leading industry commentators

Unbiased Supplier Provided Content



Global Business Media

Profile for The Magazine Production Company

Special Report – Electronic Countermeasures  

Defence Industry – Special Report on Electronic Countermeasures

Special Report – Electronic Countermeasures  

Defence Industry – Special Report on Electronic Countermeasures