After an exhaustive, months-long review, the Army has arrived at a seven-point plan to fix its tactical IT network, with focus areas ranging from better policing of requirements, to a more coordinated oversight process, to enforcing Army-wide technology standards and a rapid “adapt and buy” approach to acquiring new equipment.
In many cases, the technology the Army has been fielding to its combat formations of late is based on requirements from more than 10 years ago, when the military was heavily engaged in fights with low-tech adversaries, and considerations about interoperability, enemy electronic attacks and the vulnerability of command posts because of their prominent electromagnetic signatures weren’t seen as of much consequence.
But the network review, presided over by Gen. Mark Milley, the Army chief of staff, put into stark relief the degree to which the world has changed in the intervening decade. When it comes to cyber and electronic warfare, the Army no longer talks about potential fights against “near peers.” It’s subtracted the word “near” from the conversation about some of its potential adversaries, who in some ways already outmatch its own capabilities and defenses.
“We’ve concluded that our tactical network, in its current state, will not work in a highly mobile, contested fight against a peer adversary,” Lt. Gen. Bruce Crawford, the Army’s chief information officer, told reporters at the Association of the U.S. Army’s annual conference in Washington this week. “And strategically, my greater concern is our inability to capitalize on technical advancements in our current processes. Addressing this issue cannot wait. The urgency of now is upon us.”
In that spirit, the Army is hoping for at least a few “quick wins” over the next 12 months while it lays the foundation for what a more secure and sustainable network architecture might actually look like. Crawford calls it a 16-year problem in need of a one-year solution.
For instance, the service plans to focus heavily on reducing its reliance on satellite communications that a sophisticated enemy could jam, including by “thickening” its terrestrial network with more land-based radios, replacing some of the communications equipment that makes up the Army’s WIN-T program with smaller, much more mobile versions of equivalently-capable hardware, and consolidating dozens of different versions of hardware and software used in Army command posts to one single baseline: a vision the Army has been pursuing for years as part of a notion called the “common operating environment.”
“If you go inside a command post today, every one of the warfighting functions — fires, intel, maneuver — they all have their own mapping solution, they all have their own software infrastructure,” said Gary Martin, the Army’s program executive officer for tactical command, control and communications. “They’re all going to use the same mapping, security, login infrastructure, and the first version will go to operational testing in 2018. It will eliminate four of our legacy capabilities.”
By March of next year, the Army also says it will have implemented a new, common, IP-based standard for all of its networks to use when transporting information across networks, something it’s never had before. The new transport layer will apply to both tactical systems and garrison-based ones, and officials argue it will let network defenders do a far better job of fighting off cyber attacks, since they’ll be able to see all of the Army’s networks all at once.
Brig. Gen. James Mingus, the director of the Army’s Mission Command Center of Excellence, said the Army’s network study revealed a spaghetti bowl of disparate networks. At the enterprise level, there were 15 aligned to specific organizations and five more designed for specific functions. At the tactical level, the study found at least 17 more.
“We came up with ways to make that all work because we were in a static environment in Afghanistan and Iraq, but none of it was designed [for interoperability],” he said. “As we go to the future, this is going to let us converge our networks and data centers, go to identity management and a true unified common operating environment.”
Now that the Army is in the process of converging its IT capabilities, it also wants to ensure its networks don’t reblossom with more non-interoperable systems that can’t communicate with one another.
So, effective immediately, the Army has placed severe restrictions on which organizations are allowed to create new requirements for new network capabilities. Going forward, all of those requirements will have to be funneled through the Army Cyber Center of Excellence with an additional sign-off by the Mission Command Center of Excellence.
Above that, the Army has set up a new IT Oversight Council, a new organization chaired by the Army’s vice chief of staff and its undersecretary.
But in the interest of rapid decision making, Crawford said the ITOC would supplant some of the other decision authorities the Army already has in place, rather than simply adding another oversight layer on top of them.
“You need one lead integrator, and we’ve had multiple integrators,” he said. “You’ve got to remember that the warfighting mission area is only one of the four in the Army network. The business, intelligence, and enterprise areas are still work we need to do in the future, and the reason we need one oversight council is that we have a lot of work to do to integrate the other three. It’s about horizontal integration, it’s about one group of decision makers on all things that have to do with the network: resourcing, prioritization and strategy. Right now, there are multiple governance strategies that are going to have to be folded into the ITOC.”
Over the longer term, the Army and the vendors from whom it buys products need to do all they possibly can to shift their thinking away from “programs of record” like WIN-T, the $4.6 billion program that the Army plans to cease spending money on by the end of next year, officials said.
Instead, the mentality should be “standards of record,” a clearly-communicated body of requirements that systems need to meet before they’re allowed to do business on the Army’s network.
“We’re going to halt programs that can’t be sufficiently remedied, we’re going to fix the programs we absolutely have to have in order to be able to fight tonight, and then we’re going to pivot to an adapt-and-buy approach,” Mingus said. “The commercial sector surpassed us a long time ago, and we will never keep up. There’s either joint, commercial or (special operations forces) solutions that are out there and probably meet the majority of our needs. So after you’ve identified a gap, let’s go find it, adapt it and buy it, instead of us going through these long developmental and linear programs.”
If any of the themes involved in the Army’s latest network plan seem familiar, they should.
Many of them, such as promises to bring an enterprise-wide coherence to the service’s requirements process, implement the Common Operating Environment and rely more on commercial technology, have been consistent features of the Army’s public descriptions of its network modernization initiatives since at least 2011.
Asked why those promises are any more believable or achievable now, officials said the Army simply has no option but to adapt.
“I acknowledge many of the basic tenets are exactly the same,” said Maj. Gen. John Morrison, the director of the Cyber Center of Excellence. “But that picture was not threat-informed. We were still trying to bring together all of our programs of record to figure out exactly what it was that we had in our network. There was a point in time where the Army was not even interoperable with itself. That problem is going to get fixed it the next 18 months.”
Right now, the symptoms of the Army’s network dysfunction make the systems it’s been buying obnoxiously difficult for soldiers to use. But the study illuminated for leaders that the same problems could wind up getting a lot of those soldiers killed if the U.S. winds up in a conflict with a nation-state with sophisticated network warfare capabilities, or a proxy that’s enabled and supplied by one.
Some of those realizations were born from a close study of Russia’s capabilities during its incursion into Ukraine.
“When you start to see this kind of threat, it’s a new thing,” Crawford said. “Not only can a peer find you, they can immediately connect that information to a shooter who can destroy you. That’s a game changer on the battlefield. We’ve made some moderate improvements over the years, but they’re not acceptable. It is completely unacceptable based on the threat we currently have and the capability our warfighters deserve today.”