THINKING DIFFERENTLY ABOUT NETWORK RESILIENCE

Similar documents
UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Department of Defense DIRECTIVE

The best days in this job are when I have the privilege of visiting our Soldiers, Sailors, Airmen,

CYBER SECURITY PROTECTION. Section III of the DOD Cyber Strategy

OUR MISSION PARTNERS DISA S BUDGET. TOTAL DOD COMPONENT/AGENCY ORDERS FOR DISA DWCF FY16 (in thousands)

MC Network Modernization Implementation Plan

Test and Evaluation Strategies for Network-Enabled Systems

UNCLASSIFIED. UNCLASSIFIED Army Page 1 of 7 R-1 Line #9

3 rd Annual Electromagnetic Spectrum Operations Summit

The current Army operating concept is to Win in a complex

United States Transportation Command (USTRANSCOM) Challenges & Opportunities

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

To be prepared for war is one of the most effectual means of preserving peace.

AUSA BACKGROUND BRIEF

WARFIGHTER MODELING, SIMULATION, ANALYSIS AND INTEGRATION SUPPORT (WMSA&IS)

UNCLASSIFIED/ AFCEA Alamo Chapter. MG Garrett S. Yee. Acting Cybersecurity Director Army Chief Information Officer/G-6. June 2017 UNCLASSIFIED

Emerging Electromagnetic Spectrum Capabilities

Department of Defense DIRECTIVE. SUBJECT: Electronic Warfare (EW) and Command and Control Warfare (C2W) Countermeasures

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 7 R-1 Line #73

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Agency Mission Assurance

SUCCEEDING AT INTEGRATED AIR AND MISSILE DEFENSE. Duane Neal Associate

Joint Distributed Engineering Plant (JDEP)

Vacancy Announcement

John R. Harrald, Ph.D. Director, Institute for Crisis, Disaster, and Risk Management The George Washington University.

DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process

DOD INSTRUCTION MEDICAL READINESS TRAINING (MRT)

The Armed Forces Communications and Electronics Association (AFCEA)

GOOD MORNING I D LIKE TO UNDERSCORE THREE OF ITS KEY POINTS:

05/14/2003. Science Committee, U.S. House of Representatives. Statement by Dr. Tony Tether

AFCEA Mission Command Industry Engagement Symposium

LOE 1 - Unified Network

Cybersecurity United States National Security Strategy President Barack Obama

Defense Health Agency PROCEDURAL INSTRUCTION

UNCLASSIFIED. UNCLASSIFIED The Joint Staff Page 1 of 10 R-1 Line #107

DOD DIRECTIVE DOD CONTINUITY POLICY

UNCLASSIFIED. UNCLASSIFIED Defense Information Systems Agency Page 1 of 12 R-1 Line #203

READINESS THROUGH RELIABILITY AND RESILIENCE

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE

United States Transportation Command (USTRANSCOM) Challenges & Opportunities

Force 2025 Maneuvers White Paper. 23 January DISTRIBUTION RESTRICTION: Approved for public release.

EXECUTIVE SUMMARY. The Military Health System. Military Health System Review Final Report August 29, 2014

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Conducting. Joint, Inter-Organizational and Multi-National (JIM) Training, Testing, Experimentation. in a. Distributive Environment

FORCE XXI BATTLE COMMAND, BRIGADE AND BELOW (FBCB2)

Department of Defense DIRECTIVE. SUBJECT: DoD Electromagnetic Environmental Effects (E3) Program

F oreword. Working together, we will attain the greatest degree of spectrum access possible for the current and future Navy/Marine Corps team.

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN VERSION 1 A COMBAT SUPPORT AGENCY

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON DC

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

(111) VerDate Sep :55 Jun 27, 2017 Jkt PO Frm Fmt 6601 Sfmt 6601 E:\HR\OC\A910.XXX A910

Future Force Capabilities

Information Operations in Support of Special Operations

Cybersecurity TEMP Body Example

NETWORKING THE SOLDIER ARMY TACTICAL NETWORK MODERNIZATION APPROVED FOR PUBLIC RELEASE; DISTRIBUTION IS LIMITED. AUGUST 2018

United States Special Operations Command. Science and Technology

RECRUIT SUSTAINMENT PROGRAM SOLDIER TRAINING READINESS MODULES Leadership Overview 9 July 2012

COE. COE Snapshot APPLICATIONS & SERVICES CONNECTING OUR SOLDIERS EXAMPLE SERVICES. COE Enables. EcoSystem. Generating Force

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

Joint Staff J7 / Deputy Director for Joint Training

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Net Centricity FY 2012 OCO

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

NATIONAL AIRSPACE SYSTEM (NAS)

WHO s response, and role as the health cluster lead, in meeting the growing demands of health in humanitarian emergencies

Department of Defense DIRECTIVE

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED. R-1 Program Element (Number/Name) PE J / Joint Integrated Air & Missile Defense Organization (JIAMDO) Prior Years FY 2013 FY 2014

ARMY RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit)

EVERGREEN IV: STRATEGIC NEEDS

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Fiscal Year (FY) 2011 Budget Estimates

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Strategic Vision. Rapidly Delivering Cyber Warfighting Capability From Seabed to Space. Space and Naval Warfare Systems Command

July 06, 2012 Executive Order -- Assignment of National Security and Emergency Preparedness Communications Functions EXECUTIVE ORDER

Department of Defense INSTRUCTION. 1. PURPOSE. This Instruction, issued under the authority of DoD Directive (DoDD) 5144.

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

Department of Defense INSTRUCTION. Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN)

Transformation of DoD Spectrum Utilization Needed to Ensure Future Access

Next Steps to Revolutionary Change of Spectrum Usage

National Security Cyber Trends ALAMO ACE Presentation

Net-Enabled Mission Command (NeMC) & Network Integration LandWarNet / LandISRNet

APPENDIX: FUNCTIONAL COMMUNITIES Last Updated: 21 December 2015

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE K: Minimum Essential Emergency Communications Network (MEECN)

The 19th edition of the Army s capstone operational doctrine

U.S. Army Training and Doctrine Command (TRADOC) Analysis Center (TRAC)

EXHIBIT R-2, RDT&E BUDGET ITEM JUSTIFICATION N/Space and Electronic Warfare (SEW) Support

Department of Defense INSTRUCTION

Staffing and Scheduling

Statement of. Peggy A. Honoré, DHA, MHA Chief Science Officer Mississippi Department of Health. Before the. United States Senate

RDT&E BUDGET ITEM JUSTIFICATION SHEET (R-2 Exhibit) MAY 2009 APPROPRIATION / BUDGET ACTIVITY RDT&E, DEFENSE-WIDE / 7

Smart Energy Harvesting for Every Warfighter

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Navy Medicine. Commander s Guidance

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

AMRDEC. Core Technical Competencies (CTC)

INSIDER THREATS. DOD Should Strengthen Management and Guidance to Protect Classified Information and Systems

UNCLASSIFIED. FY 2011 Total Estimate

Transcription:

THINKING DIFFERENTLY ABOUT NETWORK RESILIENCE Felix Yao Distinguished Engineer yao_felix@bah.com Patrick Ward Chief Technologist ward_patrick@bah.com

THINKING DIFFERENTLY ABOUT NETWORK RESILIENCE THE CHALLENGE: TODAY S NETWORKS ARE COMPLEX, FRAGILE AND VULNERABLE Department of Defense (DoD) networks are not what they need to be. Technology, governance, and operational issues have made them vulnerable to outages, component failure and intentional disruption. While all these things are true throughout DoD s network infrastructure, they are particularly problematic when it comes to supporting expeditionary operations. These deficiencies have been acknowledged throughout the military, civilian government, and by numerous third parties who report and comment on military technology. These concerns are by no means new. A Defense Science Board study released nearly five years ago warned about the inability of military networks to withstand a full scale cyberattack, Military Commanders may rapidly lose trust in the information and ability to control U.S. systems and forces in such a case, the report stated. 1 Senior military commanders do, in fact, share these concerns, as Army Chief of Staff General Mark Milley made clear in testimony last spring about the survivability of networks and command systems as lessons learned from recent operations in Eastern Europe. Frankly, my concern is these systems may or may not work in the conditions of combat that I envision in the future with the changing character of warfare because of issues with line of sight, electromagnetic spectrum, the inability to operate on the move, the inability to operate in large, dense complex urban areas or complex terrain. 2 General Milley s comments are in line with those of other DoD leaders, and are echoed in statements from Defense Secretary James Mattis and, going back to 2015, in cybersecurity analyses from the Congressional Research Service. All that being said, there are a number of efforts taking place aimed at improving the reliability of military networks. The Defense Advanced Research Projects Agency (DARPA) is reaching out to defense contractors to develop new algorithms and protocols for networks in large, forward-deployed areas. DoD and the Defense Information Systems Agency (DISA) are working to improve secure wireless access to classified networks for deployed warfighters, as well as enabling them to interoperate with coalition partners without having to provide those partners with classified equipment. Other, similar, technology-focused solution efforts are taking place as well. However, technology is just part of the root cause of the resilience issues facing military networks, as General Milley also declared in his testimony. DoD s network is a system built out of small pieces, (unique systems, applications and tools with serviceand agency-specific requirements, access, interfaces, etc.) all of which are reasonable and understandable in isolation. But, together, becomes a system so large and complex that no single entity can appreciate or control it and it can therefore be very sensitive to unexpected shocks or emergent behavior (the way that large numbers of small elements can develop behaviors that are not simple, straightforward aggregations of the individual parts). With so many variables, making changes to these networks can be expensive or, worse, unreliable. The problem seems intractable. Addressing the overall governance, loci of control, and real-world operations of military networks are just as critical to improving resiliency as are technological enhancements. Without taking these factors into account, all the hardware and software available can only provide point solutions to some of the specific 1

We believe that combating fragility and improving resilience is dependent on addressing not just technology gaps, but in coming to grips with the pertinent organizational dynamics of military networks as well. 2

deficiencies General Milley and others have called out not systemic improvements. Overall guidance from cybersecurity executive orders during the Trump and Obama administrations has been too broad-based to be of effective use in these systemic concerns. While they provide useful underpinnings to critical infrastructure risk management, particularly the use of the National Institute of Standards and Technology (NIST) Cybersecurity Framework as an overall assessment mechanism, these executive orders are too high-level to be of specific value in addressing the overall issue of military network resilience. A NEW PERSPECTIVE: NETWORK RESILIENCE DEPENDS ON MORE THAN JUST TECHNOLOGY We believe that combating fragility and improving resilience is dependent on addressing not just technology gaps, but in coming to grips with the pertinent organizational dynamics of military networks as well. There is resilience already built into military networks; improvements of governance, control, and operational factors can result in more effective leveraging of the technology which already exists, as well as making the most of new technological enhancements. Resilience and Technology Today There is no doubt that the lack of robustness of military networks is, in part, a function of existing technology. All of the examples General Milley cited before the Senate Armed Services committee are real, and are functions of the nature of forward, expeditionary deployments. Expeditionary deployments often take place in an expeditious fashion. Whatever systems are currently the standard are part of the deployment; there is not much time available to fine-tune them to particular theatres of operation. The current standards have shown their shortcomings related to the operational needs of forces in the field, from military commanders to line warfighters. The historical practice of hard-coding IP addresses for all deployed devices is one of the issues degrading the resilience of military networks. The sheer administrative overhead of managing all these devices in a fluid, realtime deployment scenario is a challenge given the physically distributed nature of these engagements. Software-defined networking can mitigate this challenge to some degree, but cannot change the basic nature of the deployment. The physical landscape also contributes to instability. The physical topography of the battlefield, terrain issues, reception concerns in urban environments, connectivity while in motion, and interference with utilized bands of the electromagnetic spectrum both by happenstance and by cyberattack all play a part. A notable example of this is warfighters radios not functioning when they re sitting inside their transport. Physical network design needs to better accommodate the fact that individual nodes on the network all sorts of devices ranging from routers to servers to wireless access points to devices carried by individual warfighters may encounter these physical stumbling blocks and lose connectivity. Resilience and Organizational Challenges Technological improvements are in process, but cannot by themselves be considered overall solutions. Overall solutions to resilience gaps require military leaders to think about more than just technology. The inherent physical complexity and distributed nature of military networks are accompanied by similar, overly 3

complex governance, management, operational, and control mechanisms. The root cause of all this is a tension fundamental to military organization. For that matter, it is a tension fundamental to any large entity, military, civilian, or commercial. The military is, by its nature and design, a hierarchy. From the head of the service, such as General Milley, to the frontline private in an expeditionary force, it is driven from the top down. Policies, directives, action orders, and commands are passed through the chain of command for implementation and execution. THE SHARED MISSION CHALLENGE This hierarchical perspective is more of an ideal than an operational reality. No service, or network, exists in isolation. Mission success is dependent upon coordination and cooperation between multiple entities and agencies. Mission responsibility is, in fact, shared, and while federal leaders recognize that a shared mission perspective is the best strategy for addressing problems such as network resilience, the reality is that in many cases, agencies and their staff find it difficult to collaborate and integrate with each other. With responsibilities effectively shared among multiple entities, decision-making in practice is also shared and divided. Command-and-control is, in practical terms, far lighter on control than is optimal in order to improve and grow network resilience. Like it or not, military networks are functionally and operationally matrixed, and closing resilience gaps is going to require accepting a more holistic perspective than the shared mission can provide. Military leaders clearly acknowledge that network resilience needs significant improvement. We believe that addressing the organizational issues discussed above is the single most important action to be taken in order to optimize and improve current network infrastructure. Better leveraging of what is currently in place is an essential first step, and necessary to ensure that, going forward, technological advancements will in practicality provide the full mitigation of resiliency issues for which they are intended. How to move forward? We believe that government agencies must, along with tailoring technological solutions to network resilience issues, modify their governance structures, update bureaucratic policies and procedures, and develop new leadership models supporting collaboration, cooperation, information sharing, and coordinated, synchronized action. This will enable them to transcend the control deficiencies of the shared mission perspective and advance to what we refer to as true Mission Integration. 4

NOTES 1. Defense Science Board Task Force Report Resilient Military Systems and the Advanced Cyber Threat, January 2013, https://www.acq.osd.mil/dsb/ reports/2010s/resilientmilitarysystemscyberthreat.pdf 2. Statement of General Mark A. Milley, Chief of Staff United States Army, Senate Armed Services Committee, May 25, 2017, https://www.armed-services. senate.gov/download/speer-milley_05-25-17 5

OUR AUTHORS Felix Yao, Distinguished Engineer yao_felix@bah.com Patrick Ward, Chief Technologist ward_patrick@bah.com 7

About Booz Allen For more than 100 years, business, government, and military leaders have turned to Booz Allen Hamilton to solve their most complex problems. They trust us to bring together the right minds: those who devote themselves to the challenge at hand, who speak with relentless candor, and who act with courage and character. They expect original solutions where there are no roadmaps. They rely on us because they know that together we will find the answers and change the world. To learn more, visit BoozAllen.com. 2018 Booz Allen Hamilton Inc. consulting thought piece 02282018 BOOZALLEN.COM

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback