Sponsored by Spectra Group
https://tacs.at/Spectra
————————————————————————
11 Jun 20. The US Army AI task force takes on two ‘key’ projects. The Army’s artificial intelligence task force is working on two key projects, including one that would allow unmanned vehicles in the air to communicate with autonomous vehicles on the ground, after securing new funding, a service official said June 10.
Gen. Mike Murray, commander of Army Futures Command, said during a June 10 webinar hosted by the Association of the United States Army that the task force has moved forward on the projects through its partnership with Carnegie Mellon University, launched in late 2018 .
First, the team is working on programs dedicated to unmanned-unmanned teaming, or developing the ability of air and ground unmanned vehicles to talk to one other.
The other effort underway is on a DevSecOps environment to develop future algorithms to work with other Army systems, Murray said. He did not offer further detail.
The task force force has fewer than 15 people, Murray said, and fiscal 2021 will be the first year that it receives appropriated funds from Congress. Much of the work the task force has done so far as been building the team.
In response to an audience question, Murray said that the task force is not yet working on defending against adversarial machine learning, but added that leaders recognize that’s an area the team will need to focus on.
“We’re going to have to work on how do we defend our algorithms and really, how do we defend our training data that we’re using for our algorithms,” Murray said.
In order to train effective artificial intelligence, the team needs significant amounts of data. One of the first projects for the task force was collecting data to develop advanced target recognition capabilities. For example, Murray said, being able to identify different types of combat vehicles. When the work started, the training data for target recognition didn’t exist.
“If you’re training an algorithm to recognize cats, you can get on the internet and pull up hundreds of thousands of pictures of cats,” Murray said. “You can’t do that for a T-72 [a Russian tank]. You can get a bunch of pictures, but are they at the right angles, lighting conditions, vehicle sitting camouflaged to vehicle sitting open desert?”
Murray also said he recognizes the Army needs to train more soldiers in data science and artificial intelligence. He told reporters in late May that the Army and CMU have created a masters program in data science that will begin in the fall. He also said that the “software factory,” a six- to 12-week course to teach soldiers basic software skills. That factory will be based in Austin, where Futures Command is located, and will work with industry’s local tech industry.
“We have got to get this talent identified I’m convinced we have it in our formations,” Murray said. (Source: Defense News)
11 Jun 20. Persistent Systems awarded US Air Force JADC2 contract. Company’s MPU5 device to demonstrate networked communications, edge computing and AI capabilities. Persistent Systems, LLC (“Persistent”), a leader in mobile ad hoc network (MANET) solutions, announced today that it has been awarded a $950,000,000 ceiling indefinite-delivery/indefinite-quantity contract for the maturation, demonstration and proliferation of capability across platforms and domains, leveraging open systems design, modern software and algorithm development in order to enable Joint All Domain Command and Control (JADC2).
This contract is part of a multiple award multi-level security effort to provide development and operation of systems as a unified force across all domains (air, land, sea, space, cyber, and electromagnetic spectrum) in an open architecture family of systems that enables capabilities via multiple integrated platforms.
“This is an exciting opportunity for us to potentially support multiple categories in the networked, open systems approach for JADC2,” said Adrien Robenhymer, Persistent’s Vice President of Business Development for U.S. Air Force, Intelligence and Department of Energy.
Persistent brings its MPU5 networking device and Wave Relay® MANET solution; the collaboration it has had with various industry (sensor, unmanned ground vehicle, and unmanned aircraft system) partners; and its experience with programs which provide robust communications, cloud networking and situational awareness to Air Force strategic convoys.
“Our Android™-loaded MPU5 networking device enables such capabilities as edge computing and artificial intelligence (AI) and distributed computing for sensors, which are extremely relevant to this massive, multi-natured contract,” said Robenhymer. (Source: PR Newswire)
11 Jun 20. Senate wants Pentagon to study risks of 5G. A Senate committee wants the Pentagon to produce a report detailing the risks of allied nations having Huawei technology as part of their network infrastructure, according to a summary of the Senate Armed Services Committee’s annual defense policy bill for fiscal year 2021.
The bill’s summary, released June 11, shows Senators are worried about 5G technology from Chinese tech companies, specifically Huawei and ZTE, and the bill directs the Pentagon to enhance its own 5G capabilities to keep up with near-peer adversaries.
The provision comes as senior U.S. government officials have warned allies about the national security risks associated with allowing Huawei to build out their 5G networks. According to the summary, the bill would require the Pentagon to submit a report to the committee on the risk the Chinese tech giant’s technology poses to DoD personnel, equipment and operations in host countries, as well as any mitigating steps that department could take to reduce the risk.
When the British government announced in January it would allow Huawei to build part of its 5G network, the move prompted outcry from U.S. lawmakers. The British government recently reversed that decision, according to The Guardian. Lawmakers fear that allowing Huawei to build out 5G networks in allied countries, particularly those with robust intelligence sharing relationships with the United States, could give the Chinese government backdoor access to sensitive information.
According to the committee’s summary, the secretary of defense would also be required to “consider 5G and 6G security risks posed by vendors like Huawei and ZTE when making overseas basing decisions.” Experts have told Fifth Domain that placing Huawei or ZTE products in infrastructure near U.S. military bases could also give the Chinese government access to networks.
Meanwhile, the legislation would also direct the department to establish a cross-functional team focused on 5G wireless networks. The effort would be led by the DoD’s chief information officer and would be responsible for “related policy, oversight, guidance, and coordination at DOD.” The summary also added that the DoD could be required to demonstrate “innovative 5G commercial technologies.”
In the Pentagon’s 5G strategy released by the DoD chief technology officer in May, the department committed to hosting a “series” of 5G industry demonstrations beginning in the current fiscal year. The DoD is doing that through a series of “test beds” as selected military installations across the country.
These sites are testing capabilities like smart ports, supply chain operations, smart warehouses and logistics planning. There are currently 12 selected test beds sites across the country, though none have officially started testing. The DoD wants to award contracts to start the testing at the end of the the summer, according to Joseph Evans, the Pentagon’s technical director for 5G.
“Successfully demonstrated and proven products will be rapidly deployed, with follow-on acquisitions, operations, and sustainment through the appropriate organizations across DoD,” the strategy reads.
The bill also includes a piece of legislation by Sen. Roger Wicker, R-Miss., that would direct the Department of Commerce’s assistant secretary for communications and information to work with the Pentagon and other federal agencies to develop a plan to modernize spectrum management across the federal government. (Source: Defense News)
10 Jun 20. DOD’s $7.6bn cloud email buy heads for redo. The saga over the $7.6bn Defense Enterprise Office Solutions contract continues to provide plenty of plot twists, but this latest one may be the toughest to resolve.
The Defense Information Systems Agency and General Services Administration worked together to develop this contract for cloud-based email and calendaring services. Sounds simple enough, but now they are likely to more significantly rework the procurement after this latest round of bid protests.
General Dynamics IT first won the contract in late August 2019, then the other competitor Perspecta filed its protest two months later after going through DOD’s enhanced debriefing process.
Perspecta’s protest led DISA and GSA to take a corrective action to rework several aspects of the solicitation and here is where things took a bad turn. The companies were to update their proposals.
As part of that process, GSA sent what was supposed to be a template for GDIT and Perspecta to follow in submitting their pricing information.
But the template GDIT got included Perspecta’s labor pricing information. When Perspecta learned this, it immediately filed a pre-award protest with the Government Accountability Office in early March of this year.
Now less than a week before a final GAO ruling was due, Perspecta’s latest protest has been dismissed because DISA and GSA are taking another corrective action. What exactly that will entail isn’t clear. Given that GAO was due to publish its decision on June 15, the late notice of this second corrective action tells me that GSA and DISA knew a ruling against them was likely.
Perspecta said as much in this statement:
“Perspecta is appreciative of the decision made by the Government Accountability Office (GAO) with regard to our protest of the DEOS solicitation and we look forward to cooperating with the General Services Administration (GSA) in the next steps of the competitive process,” a company spokeswoman told us on Tuesday.
GDIT declined to comment on the protest.
How will GSA and DISA fix this? I’m told DISA and GSA will have to change the solicitation to a degree that will make Perspecta’s pricing disclosure immaterial. Meaning the revised requirements will be need to be different enough that the disclosure of the pricing information won’t put Perspecta at a disadvantage.
That also means both companies will have to submit new pricing proposals.
Another possible alternative mentioned to me in passing is that GDIT and Perspecta could sit down together and work out some sort of deal for both to get a piece of DEOS. In that scenario, GDIT would most likely be the prime and Perspecta would be the major sub. We haven’t seen that happen in a long time. It’s probably a long shot but at least worth a mention.
Timing looms as a big question. How long will a reworked solicitation and new try at an award take? The answer I’ve been getting is “depends.” Three months would be the quickest. Six months is more likely. A full year wouldn’t be unheard of either.
It is ironic to think that when DEOS first emerged as an opportunity, DOD had narrowed the field of competitors for its more high-profile JEDI cloud infrastructure contract. Their price tags are similar, but DEOS was seen as the simpler and more straightforward procurement. Little controversy surrounded it.
Now both cloud contracts are mired in protests and both share accusations of unequal treatment and improper disclosures of pricing information. Amazon Web Services has taken its case over the JEDI contract to the U.S. Court of Federal Claims after Microsoft won it. JEDI is in the midst of a corrective action. A separate appeal filed by Oracle over its elimination also continues. Even if GSA and DISA get DEOS re-awarded in six months, more legal challenges are likely ahead. (Source: Defense Systems)
08 Jun 20. Connectivity and the military base of the future. Technology is mostly discussed from the perspective of advancing military systems, but it is just as important in equipping the military base of the future to defend against new threats, as Harry Lye reports.
From digital depots to asset management and tracking, advanced software is making military bases more efficient, more resilient and cheaper to run. A key part of building the base of the future is modernising existing bases.
As Honeywell Aerospace’s senior director for connected defence and cybersecurity, Norm Balchunas, explained during the company’s recent Military Base of the Future webinar, most military installations that the US operates from are either old or ageing. Processes and standards developed in the Cold War World are ready for a refresh. The base of the future needs enhanced connectivity to keep pace with the rapidly evolving threats it will be faced with.
“What we are developing is an enterprise solution that leverages Honeywell’s global footprint, our connectivity, and integrating of IoT devices across connected aircraft, smart plants, hundreds of millions of vehicles, tens of millions of buildings, and integration into a smart city environment,” Balchunas explained. “This amazing footprint of having a connected worker, and being able to bring those kinds of capabilities forward to defence.”
The concept of connectivity emerged as a key topic during this discussion of the future military base. Just as cities and public services are increasingly ‘connected’, the military can apply the same techniques to aircraft and battlefields to support maintainers and operators. This, in turn, can keep operators’ hands on what they need to be doing to maintain equipment faster and more efficiently.
“What Honeywell has been doing, in dozens of depots around the globe, is to be able to turn around and have a much better alignment, being able to track our own assets, connect our workers, digitise our environments and the tech orders. To be able to capture that data and bring it back for enhanced decision-making and have visibility across the entire logistics chain.”
Connectivity is just one part of the future military base, but it is a key aspect in improving efficiency. Technology to track assets and spare parts has long been a mainstay in the private sector, but militaries have a long way to go in bringing their systems up to date.
Aerospace companies like Rolls Royce, for example, have for years operated a connected maintenance system for their products, allowing them to track faults, predict future maintenance and have spare parts waiting on the tarmac before a jet even lands.
“A ‘digital birth certificate’ would allow a part or system to be tracked throughout its lifecycle.”
Applying such systems to military operations could be a game-changer for readiness, keeping ships in the seas, jets in the air, and tanks rolling, not laid up undergoing maintenance. These systems are slowly gaining traction in the naval sector with Babcock’s i360 and iFrigate, for instance, designed to make ship maintenance easier; however, on a depot and supply chain scale, as envisaged by Honeywell, the benefits across the board would be significant.
Managing platforms from ‘cradle to grave’ is another aspect of Honeywell’s vision, as Balchunas explained during the webinar. For individual systems, he presented the idea of a ‘digital birth certificate’. This would allow a part or system to be tracked throughout its lifecycle, including the history of new parts being introduced, and make that full lifecycle data available to the maintainer so they can quickly find and solve problems.
This animation illustrates the concept of a connected base. Image: Honeywell
The full base picture
Looking at the full ecosystem of the future base, at its top lies the digital depot, the tracking of parts and seamless connectivity of information. Built on the base of this are monitoring and control, voice solutions, energy management, airfield ramp management, asset and worker tracking.
The benefits of this approach are obvious: connecting people, assets, sensors and security; in essence, making all operations more straightforward and easy to manage – from helping a mechanic find a part to managing power consumption and keeping systems online.
This network could be extended from the base to the acquisition system and to the wider fleet and the individual warfighter. This would allow for all parts of the system to be monitored and problems to be flagged up and solved before a small fault can cause a larger system to go out of service.
Cloud computing is central to such an approach. Governments and militaries are now “rapidly introducing their acceptance and trust of cloud solutions”, Balchunas said. He added that Honeywell’s customers are also quickly becoming more aware and accepting of cloud solutions already in place in a number of industries, including aerospace.
“Data and its efficient and effective use will become a critical function of future military bases.”
Honeywell is applying this concept to defence in the form of its Forge platform. “What Honeywell Forge for defence is doing is being able to come into the government’s acceptance of cloud as being secure, as being safe, and as being essential to them to be able to take advantage of the data that is being produced across many platforms,” Balchunas explained. “Being able to pull that in through a data lake through secure connectivity, and being able to do the processing and the development of the analytics, tailored to directly support them for both Honeywell and non-Honeywell components.”
The next level of this is to build it into the application layer, plug it into other military systems and have a user interface that makes access to all the information clear at the personnel level and take advantage of all of the information and systems. This application would take account of each user’s needs, and help them develop solutions.
Data and its efficient and effective use will become a critical function of future military bases. As we transition to network-enabled wars, with decision-making supplemented by data and artificial intelligence, the foundations for such systems will need to be laid at every level of operations and, crucially, in every military base. (Source: army-technology.com)
10 Jun 20. ThreatQuotient Granted DoDIN-Level Authority to Operate. ThreatQ is the first threat-centric security operations platform to be approved for a DoD-wide ATO.
ThreatQuotient™, a leading security operations platform innovator, today announced that the ThreatQ™ platform has been granted Authority to Operate (ATO) by the Defense Information Systems Agency (DISA) at the Department of Defense Information Network (DoDIN) level. Authority to Operate as part of the Host Based Security System (HBSS) Infrastructure allows the ThreatQ platform to be deployed more swiftly by the DoD to meet their cybersecurity challenges.
ThreatQ, the first threat-centric security operations platform to be granted a DoD-wide ATO, supports multiple use cases including incident response, threat hunting, spear phishing, alert triage, vulnerability management and serving as a threat intelligence platform. The platform also supports future use cases by adapting to changing business needs. Security operations teams are using ThreatQ to apply customer-defined scoring of threat intelligence, quickly deploy threat data to existing sensor grids, and focus workflows on time to detect (TTD) and time to respond (TTR).
“ThreatQuotient is proud to be granted a DoD-wide ATO, and we appreciate the opportunity to continue serving the global infrastructure that carries information for the DoD, national security and related intelligence community,” says Gigi Schumm, SVP of Worldwide Sales. “Government agencies are considered critical infrastructure and are under constant attack from hackers, political activists and foreign state-sponsored actors. Approval for ThreatQ at the DoDIN level demonstrates ThreatQuotient’s credibility, commitment to innovating for the Federal market, and our commitment to meeting and exceeding industry standards.”
ThreatQ’s open and extensible architecture was built on APIs to allow for deep integrations and bi-directional data sharing, enabling the orchestration, automation and synchronization of cyber threat intelligence across systems and teams. The ThreatQ platform has the most in-depth set of integrations in the industry, working seamlessly with and complementing a wide range of solutions, including enrichment and analysis tools, orchestration, sensors, SIEM and log management, ticketing and intelligence feeds.
As part of the HBSS architecture, ThreatQ is verified and available to the Federal market quickly and efficiently to be used to monitor, detect, and defend DoD computer networks and systems. The DoD ATO process follows the NIST Risk Management Framework (RMF), which integrates security and risk management activities into the system development life cycle. The risk-based approach to security control selection and specification considers effectiveness, efficiency, and constraints due to applicable laws, directives, Executive Orders, policies, standards, or regulations. (Source: BUSINESS WIRE)
08 Jun 20. DARPA Announces First Bug Bounty Program to Hack SSITH Hardware Defenses. FETT Bug Bounty to put SSITH hardware defenses in the hands of hundreds of ethical hackers to uncover flaws and strengthen electronic system protections.
Electronic systems – from the processors powering smartphones to the embedded devices keeping the Internet of Things humming – have become a critical part of daily life. The security of these systems is of paramount importance to the Department of Defense (DoD), commercial industry, and beyond. To help protect these systems from common means of exploitation, DARPA launched the System Security Integration Through Hardware and Firmware (SSITH) program in 2017. Instead of relying on patches to ensure the safety of our software applications, SSITH seeks to address the underlying hardware vulnerabilities at the source. Research teams are developing hardware security architectures and tools that protect electronic systems against common classes of hardware vulnerabilities exploited through software.
To help harden the SSITH hardware security protections in development, DARPA today announced its first ever bug bounty program called, the Finding Exploits to Thwart Tampering (FETT) Bug Bounty. FETT aims to utilize hundreds of ethical researchers, analysts, and reverse engineers to deep dive into the hardware architectures in development and uncover potential vulnerabilities or flaws that could weaken their defenses. DARPA is partnering with the DoD’s Defense Digital Service (DDS) and Synack, a trusted crowdsourced security company on this effort. In particular, FETT will utilize Synack’s existing community of vetted, ethical researchers as well as artificial intelligence (AI) and machine learning (ML) enabled technology along with their established vulnerability disclosure process to execute the crowdsourced security engagement.
Bug bounty programs are commonly used to assess and verify the security of a given technology, leveraging monetary rewards to encourage hackers to report potential weaknesses, flaws, or bugs in the technology. This form of public Red Teaming allows organizations or individual developers to address the disclosed issues, potentially before they become significant security challenges.
“The FETT Bug Bounty is a unique take on DARPA’s more traditional program evaluation efforts,” said Keith Rebello, the DARPA program manager leading SSITH and FETT. “FETT will open SSITH’s hardware security protections to a global community of ethical researchers with expertise in hardware reserve engineering to detect potential vulnerabilities, strengthen the technologies, and provide a clear path to disclosure.”
While most bug bounty programs focus on software evaluation, FETT is unique in making hardware instances available for Red Teaming. Security researchers will be given access to emulated systems running in the Amazon Web Services (AWS) EC2 F1 cloud. Each emulated system is FPGA-based and includes a RISC-V processor core, modified to include the hardware security protections developed under SSITH. The software stack on each emulated system is expected to contain known vulnerabilities, with the SSITH hardware security protections intended to prevent exploitation of these vulnerabilities. These vulnerabilities will be based on common classes of security weaknesses as identified by the MITRE Common Weakness Enumeration Specification (CWE) and NIST, including buffer errors, information leakage, resource management, numeric errors, etc. Security researchers will be tasked with devising novel exploit mechanisms to bypass the hardware security protections and sharing their findings through the established disclosure process.
“There is a lot of complexity associated with hardware architectures, which is why we wanted to provide ample time for interested researchers to understand, explore, and evaluate the SSITH protections,” noted Rebello. While most of Synack’s crowdsourced security engagements run for two weeks or continuous year round, FETT is expected to run from July to September 2020 to allow for extensive analysis and testing of the hardware.
SSITH hardware security protections developed by researchers at SRI International and the University of Cambridge, the Massachusetts Institute of Technology (MIT), University of Michigan, and Lockheed Martin will be available for evaluation. Over the past two years, these research teams have explored a number of different design approaches and their techniques generally involve providing the hardware with more information about what the software is trying to do. With this insight, the hardware can become a more active participant in defense and guard against accidental or malicious transgressions. The research teams are working closely with Galois, a computer science research and development company, to transition the emulated systems to the cloud and support ongoing evaluation efforts.
To help demonstrate the pervasiveness of electronic systems and criticality of their security, researchers will see SSITH defenses used within a number of electronic system application frameworks. This will include a medical records database system, a password authentication system for personal computers, and several additional computer software programs that are utilizing SSITH’s protections.
“Among the vulnerable applications found in FETT is a web-based voter registration system. Successful integration of the SSITH hardware protection technologies aims to ultimately protect the underlying voter information from manipulation or disclosure, even in the presence of vulnerabilities in the system’s software. The goal with this demonstrator, as well as the other application systems, is to show how SSITH technologies could help protect critical infrastructure, and potentially prevent the erosion of trust in things like our election process or healthcare systems,” said Rebello.
Prior to the start of FETT, Synack is running a Capture-the-Flag (CTF) qualifier for any hacker, reverse engineer, or cybersecurity enthusiast interested in gaining access to the SSITH defenses. Security researchers that are not currently Synack Red Team (SRT) members will be provided an opportunity to earn a Technical Assessment ‘Fast Pass’ to join SRT (legal verification steps still required) through the CTF event. Current SRT members that meet the skills criteria will be granted access to the program throughout the life of the engagement. The CTF event is expected to run from June 15-29, 2020. Additional information is available at https://go.synack.com/darpa-ctf-registration-page.html.
The FETT Bug Bounty will be open to Technical Assessment ‘Fast Pass’ holders as well as verified SRT members in July 2020. Additional information is available at FETT.darpa.mil. (Source: ASD Network)
10 Jun 20. Cyber Command creates new malware sharing portal with National Guard. A new portal created by U.S. Cyber Command and the National Guard provides a two-way interface for sharing malware and gain better insights into cyber threats facing the nation, according to a June 9 release from the command.
This portal, called Cyber 9-Line, allows participating Guard units from their perspective states to quickly share incidents with Cyber Command. Cyber Command’s elite Cyber National Mission Force, which conducts operations aimed at disrupting specific nation state actors, is then able to provide analysis on the malware and offer feedback to the states to help redress the incident.
“This level of cooperation and feedback provides local, state and Department on Defense partners with a holistic view of threats occurring in the United States and abroad,” said Brig. Gen. William Hartman, commander of the Cyber National Mission Force and the lead for Cyber Command’s election security group. “Dealing with a significant cyber incident requires a whole-of-government defense, bidirectional lines on communication and data sharing enables the collective effort to defend elections.”
In recent years, the Department of Defense has been working to determine how to use its full time cyber force within Cyber Command to protect the nation from pervasive cyber threats.
The command has followed a new paradigm called defend forward that seeks to preempt threats before they reach the United States. Through daily operations and other actions known as “hunt forward,” in which U.S. cyber operators deploy to other nations on their networks, Cyber Command is able to use its unique authorities to gain insights on adversary activity. Those insights can either be shared or used to take some type of action.
The Cyber 9-Line is the first step within the information exchange program set up in 2019 by the Joint Cyber Command and Control program office, under the direction the National Guard adviser to Cyber Command, leaders said.
Thus far, 12 states have completed the registration process and can benefit from DoD resources. This includes tools such as Cyber Command’s Big Data Platform, which synchronizes information and correlates it allowing forces to act on available information collected from sensors and operations.
The Big Data Platform also provides information and reports from previous threats and malware samples.
“The CNMF, via the National Guard, may enable states to quickly identify additional indicators of threats, which then states can then implement and defend themselves quicker than ever before,” Col. Samuel Kinch, the National Guard Advisor to Cyber Command, said. “That’s going to be a huge collective win for us all.”
Cyber Command said this portal was already used during an incident in Dorchester County, Maryland, which reported a ransomware attack in January.
“These relationships have been cultivated for many years via personal connections made by our Citizen-Airmen, which allows us to respond quickly,” Col. Reid Novotny, Maryland National Guard J6, said. “Knowing that the Maryland Department of IT was handling restoration and the FBI was doing investigation, the 175th Cyber Operations Group provided the connectivity to the national resources located in our backyard at USCYBERCOM through a Cyber 9-line.”
While still in its infancy, officials explained the Cyber 9-Line has already made an impact.
States in recent months have fallen victim to costly ransomware attacks in which Guard units have had to respond.
The National Guard is considered a critical resource for the DoD’s cyber bench considering many personnel serve as cyber or IT professionals in their day jobs. (Source: Fifth Domain)
09 Jun 20. PacStar Launches Modular Radio Center to Enhance DoD Communications Interoperability. Modular, tactical radio, voice and IP integrated solution breaks down communications barriers between new and legacy radio technologies. PacStar®, a leading developer and supplier of advanced communications solutions for the U.S. Department of Defense (DoD), today announced the PacStar Modular Radio Center (MRC) – a COTS-based, modular, tactical and expeditionary, rugged radio, voice and IP integrated solution that addresses communications interoperability challenges faced by military, law enforcement and public safety organizations.
DoD organizations rely on a large and diverse set of radio equipment (handheld radios, desktop phones, laptops, and intercom systems), waveforms, frequencies and channels that can’t communicate with each other. A warfighter or operator in the field might not be able to talk with someone in a command post, on a vehicle, or in a headquarters unless they have the same radio equipment. PacStar MRC delivers unmatched situational awareness by bridging disparate radio waveforms into a single communication network on the PacStar 400-Series platform.
The core technology in PacStar MRC is provided by PacStar 463, an SCI TOCNET-G4-based Radio-over-IP (RoIP) / Voice module. PacStar 463 is a software-defined solution that provides RoIP, VoIP and voice management capabilities in a single solution. PacStar 463 ensures compatibility and support for all major tactical radio types and VoIP protocols.
Key PacStar MRC Benefits:
- Enhances Radio Interoperability. Organizations have fielded systems providing radio interoperability and RoIP in the past – many of which were large, not rugged, and poorly integrated. PacStar MRC solves these communications challenges in the smallest available form factor, adapting popular radio types, phones, and intercom systems into a common communications format – Internet Protocol (IP).
- Flexible and Scalable Deployment. PacStar MRC is a modular system that can be optimized for program requirements, scaling from small, soldier carry solutions to multi-radio network deployments across Forward Operating Bases, command posts, ground vehicles and aircraft.
- Unlocks Innovation. The speed at which technology can reach warfighters is critical to mission success. However, frequent fielding of new communications hardware and software can be expensive. By enabling interoperability between new and legacy radio technologies, PacStar MRC ensures organizations can fully leverage innovation without requiring all communications users to upgrade at the same time or to the same equipment.
- Based on Proven Technology. PacStar MRC uses proven TOCNET RoIP and voice management technology deployed in more than 50 programs and 100,000 end units, along with networking and server modules and radio adapter sleds. PacStar MRC is based on PacStar 400-Series small form factor modular platform with industry leading reduction in Size, Weight and Power (SWaP). IP communications capabilities in PacStar MRC are based on Cisco networking and Intel processors and are compatible with many large tactical networking programs.
“Interoperability has long challenged DoD and other organizations who rely on a diverse range of equipment, waveforms and frequencies to communicate reliably and securely,” said Charlie Kawasaki, chief technical officer, PacStar. “PacStar MRC is based on technology that has been battle tested across DoD programs, delivering a smaller, more modular, more complete and more mobile solution than previously available.” (Source: BUSINESS WIRE)
09 Jun 20. Cyber Command is getting a new deputy commander. Air Force Maj. Gen. Charles Moore will be the next No. 2 at U.S. Cyber Command, according to a June 9 announcement from the Department of Defense.
Moore, who will also receive his third star, is expected to take the reins from Vice. Adm. Ross Myers, the deputy commander who assumed the position in May 2019.
In his current role as the director of operations, J-3 at Cyber Command, Moore has helped bring the command’s strategy of persistent engagement to operations, which is how the organizations seeks to implement the DoD’s 2018 cyber strategy’s call to “defend forward.”
The defend forward policy is best described as DoD working on foreign networks to prevent attacks before they happen. The way Cyber Command meets those goals is through persistent engagement, which means challenging adversary activities wherever they operate.
Defending forward, “helps us better protect ourselves,” Moore told reporters last year. “When we do this, we can observe enemy techniques and procedures and their tactics as well as potentially uncover any tools or weapons that they might be utilizing.”
Moore oversees operations across the world and helps to coordinate offensive and defensive forces.
“Our job is now to provide the global view and to make global command and control decisions or to provide the data so that Gen. [Paul] Nakasone can make those global decisions,” Moore told reporters at the Integrated Cyber Center/Joint Operations Center (ICC/JOC) in May 2019.
The ICC/JOC is Cyber Command’s first dedicated facility and doubles as the U.S. government’s first truly integrated cyber center. It became operational in August 2018.
“We have to be able to look globally at the picture that we’re seeing, we have to be able to see what the enemy is doing, we have to know where our forces are positioned and then obviously we want to be able to put our forces in the best position so that we can drive enemy activity as opposed to being in reactive mode,” Moore added.
It is not immediately clear where Myers is headed.
Cyber Command is seeing additional changes to its leadership. Army Maj. Gen. David Isaacson currently the director of architecture, operations, networks and space in the Office of the Chief Information Officer/G-6, will be the next chief of staff, according to an April notice from the Pentagon. He’ll replace Army Maj. Gen. John Morrison.
DoD also announced June 9 that Marine Corps Master Gunnery Sgt. Scott Stalker, the command’s senior enlisted leader, will depart to become the command senior enlisted leader for U.S. Space Command. (Source: Fifth Domain)
09 Jun 20. Sonardyne’s BlueComm underwater communications selected by Australian Defence Science and Technology Group. Australia’s Defence Science and Technology Group (DST) has acquired a BlueComm undersea communications system from Sonardyne International Ltd. as part of its ongoing program in maritime autonomous systems (MAS).
BlueComm is the only commercial-off-the-shelf (COTS) technology that enables wireless transmission of high bandwidth tactical data, including video, over ranges of a few tens or even hundreds of metres, at rates of up to 10 megabits per second.
With it, forces can vastly increase the communications capability of their underwater systems to drive faster, safer and better-informed decision making in theatres of operation. It could be considered for use with swarms of autonomous vehicles mapping areas for mine-like objects, for USVs acting as surface communication gateways or as part of emerging MAS networks.
Because they use light to transmit and receive data instead of the acoustics traditionally used for communications underwater, BlueComm modems can deliver higher data rates with lower latency. They’re also undetectable by sonar listening devices, making them highly suitable for covert, secure communications. Configurations are available for all operating environments, including shallow waters with high levels of ambient light, and installation on underwater vehicles equipped with powerful lighting.
For DST, the objective of the acquisition is to understand the operational implications of optical data transmission and its dependence on water clarity, geometry and ambient illumination.
DST is the Australian government’s lead agency responsible for applying science and technology to safeguard Australia and its national interests, delivering expert, impartial advice and innovative solutions for defence and national security.
It has been instrumental in driving the adoption of unmanned/uninhabited systems in the Pacific region through exercises such as Australia’s Autonomous Warrior, which saw the co-ordinated use of unmanned/uninhabited air, land, sea surface and underwater systems.
Ioseba Tena, Global Business Manager – Defence – at Sonardyne, says, “BlueComm is a game changer for underwater operations, enabling autonomous and unmanned underwater vehicles (AUV/UUVs) and unmanned and manned vessels to communicate, without compromising their position. As we envision new concepts of operation which require interaction between different off-board assets subsea, the ability to share data covertly and securely cannot be underestimated.”
08 Jun 20. USAF awards multimillion-dollar secure communications contract. The Air Force awarded a contract potentially worth $35m to Wickr, a secure communications platform provider, the Defense Department announced June 1.
Under the two-year contract, the Air Force will use Wickr’s secure recall, alert and messaging services. The cloud-based application suite will provide end-to-end encrypted file, video, chat, text and voice services for end users.
The Air Force is obligating $7.7m in fiscal 2020 funds at the time of the award, according to the contract announcement. The award was made by the Air Force Installation Contracting Center at Hurlburt Field in Florida.
Joel Wallenstrom, CEO of Wickr, told C4ISRNET in a June 4 interview that the award was the largest contract his company has won.
The San Francisco-based company has already established a relationship with the Air Force through the service’s Strategic Financing program, which includes several internal innovation and small business outreach hubs. In April, Wickr announced the program had awarded his company a contract as part of $550m in awards it gave out to 21 companies.
According to Wallenstrom, Wickr’s platform includes a federated network capability that allows a network administrator to create temporary environments for users to communicate with allies or family members without increasing risk.
The platform “not only secures things on a day-to-day basis, but in very special circumstances you can create temporary secure operating environments with people of choice, but that doesn’t mean you bring them into … your environment permanently,” Wallenstrom said. (Source: C4ISR & Networks)
04 Jun 20. Watchdog discovers problems with Navy jammer. Congress’ watchdog agency, the Government Accountability Office, found that the Navy has yet to fully demonstrate critical technologies in the mid-band portion of the service’s future airborne electronic jamming system. In its annual report on defense acquisitions, the GAO pointed to technology maturity, design stability and software and cybersecurity problems with the Next Generation Jammer-mid band pod.
The Navy’s plan to replace the ALQ-99 jamming pod has been broken up into three pods covering three portions of the electromagnetic spectrum: mid, low and high.
The pods will be outfitted to EA-18G Growlers. The Navy awarded the mid band pod to Raytheon in 2016. Bids are out for the low band pod. The timeline for high band is unclear at this time.
The GAO found that the mid band program had yet to fully demonstrate the maturity of its critical technologies or stability of its design, which is inconsistent with best practices.
“Until the program fully matures its critical technologies – by demonstrating each in a final form, fit, and function within a realistic environment – the program’s design faces risk of change,” GAO said.
However, the program plans to demonstrate this technology ahead of its planned production decision in September. That milestone is for low rate initial production contract.
Despite entering system development in April 2016 with seven critical technologies and ground testing of the pod beginning in November 2019, the program office didn’t plan to have these critical technologies fully mature, integrated and flight tested until March.
GAO conducted its review in January.
A news release from Naval Air Systems Command in mid-March said the mid band pod completed a portion of developmental testing and that the pod was expected to enter flight testing this spring.
GAO also noted that in April 2017, the program discovered design deficiencies with the pod’s structure at critical design review. Those problems contributed to a one-year schedule delay and a more than $400m increase in development cost.
According to DoD budget documents released in February, the Navy planed to spend $176.6m in procurement dollars and $477.6m in research and development dollars for fiscal year 2021 for the mid band program.
GAO reported issues with the mid band pod’s software development, citing program officials identifying it a risk because the software effort was more difficult than expected. Those officials noted it has been difficult to find and hire government and contractor staff with necessary expertise to perform the work on time.
Moreover, since the pod is dependent upon the Growler’s software, which have evolved, the program has had to evolve in kind.
An evaluation for cybersecurity vulnerabilities was planned to be completed in April, the report said. NAVAIR told GAO that it plans to deliver a single software product to the fleet, though, that process takes 13 months to develop. (Source: C4ISR & Networks)
04 Jun 20. British Army launches its first cyberwar regiment. Britain’s first dedicated cyber regiment has been officially established as part of the Army’s drive to modernize its response to the growing digital threat posed by potential adversaries.
Creation of the unit, the 13th Signals Regiment, is part of an ongoing restructuring of the British Army, known as Army 2020 Refine, which includes the creation of a division conducting cyber, electronic warfare, intelligence, information operations and unconventional warfare.
The cyber regiment is built around a core of about 250 specialists and is tasked with combating threats to Army operations overseas and domestically. The new unit will also provide technical support for a hub being set up to test and implement next-generation information capabilities.
Announcing the formation of the new unit. Defense Secretary Ben Wallace said the move was “a step-change in the modernization of the UK armed forces for information warfare. Cyber attacks are every bit as deadly as those faced on the physical battlefield, so we must prepare to defend ourselves from all those who would do us harm, and 13th Signal Regiment is a vital addition to that defense.”
The new unit is based at Blanford, southwest England, the home of Britain’s Royal Signals.
“13th Signals will provide the basis of the new Army Cyber Information Security Operations Centre, focusing on the protection of Defence’s cyber domain, and it will work with the Royal Navy and Royal Air Force to provide secure networks for all military communications,” the MoD said in a statement released June 4.
Creation of the security operation centre was announced by the MoD in May 2019. Over £22m ($28m) was pledged by the MoD for investment in the new centre. Operations were expected to commence in the early 2020, the MoD said at the time of the announcement last year.
The new centre will, among other things, be responsible for providing round-the-clock information and analysis, as well as having an offensive capability.
The cyber regiment is part of the British Army’s 1st (UK) Signal Brigade, which under the command of 6th (UK) Division, is responsible for conducting information maneuver and unconventional warfare in support of the Armed Forces.
The 77th brigade, a unit made up of regular troops and reservists tasked with conducting psyops and information warfare, is also part of the 6th Division lineup. (Source: Defense News)
04 Jun 20. Major Cyber Command program will cost more than first thought. One of U.S. Cyber Command’s major programs, Unified Platform, is expected to cost five times more than military officials originally estimated, according to a report from Congress’ watchdog agency.
Unified Platform will consolidate and standardize the variety of big data tools used by Cyber Command and its subordinate commands to allow forces to share information more easily, build common tools and conduct mission planning and analysis.
To date, few details have been available regarding the program’s history, scope, contracting strategy and progress.
According to the Government Accountability Office report, published June 3, the Unified Platform program was missing an approved cost estimate informed by independent analysis and a formal schedule risk assessment in August 2018. This year’s report marked the first time Unified Platform was included in GAO’s annual review of major defense acquisition programs.
“Our prior work has shown that this type of information is important to help decision makers make well-informed decisions about middle-tier program” initiation, the report said.
Cyber Command, however, has since approved requirements and the Air Force Cost Analysis Agency independently assessed its cost estimate.
That cost estimate, GAO found, was five times greater than when the program first began. This new estimate includes costs beyond completion of the current middle-tier acquisition effort and is attributed to new requirements from Cyber Command.
Software factory
Part of Unified Platform’s development has included the creation of a software factory. This involves “containerizing” applications as a means of providing a more flexible platform and infrastructure with a set of standards.
The GAO found that Unified Platform’s approach for DevSecOps software development differs from industry best practices, which seeks delivery of software to users on a continuing basis as frequently as every one to six weeks. Currently, the program fields new features at the end of every three month increment.
Thus far, the program has delivered 32 features through the first four increments with the first prototype – increment 1 – accepted by Cyber Command in April 2019.
Cyber Command officials determine if the software is ready for operational deployment once it is completed.
At the time of the assessment, GAO also found that the program had yet to complete its cybersecurity strategy. Program officials told the agency that it anticipates approval of this strategy by August.
“Not addressing cybersecurity issues sooner may increase risk to the program,” GAO said. “Our past work has shown that not focusing on cybersecurity until late in the development cycle or after a system has been deployed is more difficult and costly than designing it in from the beginning.”
Additionally, the program office was slated to conduct its annual authority to proceed to review in April 2020, a full year after delivery of increment 1.
Those briefs, provided to the Assistant Secretary of the Air Force (Acquisition, Technology, and Logistics), allow him to determine if funding needs increase or decrease by 25 percent each year or if the number of development teams for accomplishing requirements increase or decrease by 25 percent. (Source: Fifth Domain)
————————————————————————-
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.
————————————————————————-