Home' Defence Technology Review : DTR JUN 2015 Contents 47
DEFENCE TECHNOLOGY REVIEW | ISSUE 10 | Jun 2015
warfare a focus for US
LEFT: Released in February this year, the Cyber Materiel
Development Strategy is the US Army’s blueprint for cyber
warfare as it applies to tactical operations. Images: US Army
ABOVE: The US Army has a strengthened focus on cyber
warfare at the tactical level.
THE US ARMY is analysing cyberspace requirements and out-
lining potential technical investments based on its Cyber Materiel
Development Strategy [CMDS], released in February 2015.
Doctrinal, operational, acquisition and research and devel-
opment communities, for Army materiel development, worked
together for more than two years on the strategy, which looks at
where Army cyberspace capabilities are and what lies ahead.
“The Army must be prepared to operate and fight within the
cyberspace domain,” said Assistant Secretary of the Army for Ac-
quisition, Logistics and Technology Heidi Shyu. “It is essential...
that we use our limited acquisition and science and technology
resources to identify and address critical Army specific problem
sets and capability gaps. Where possible, we must leverage the
best solutions and ideas available through our partnerships and
collaboration within the Department of Defense [DoD], other
government agencies, industry and academia.”
Shyu appointed Henry Muller, director of the US Army Com-
munications-Electronics Research, Development and Engineering
Center (CERDEC), as the Army Cyber Task Force lead.
“In less than two decades, cyberspace has radically transformed
how the Army operates and wages war,” Muller said. “Unlike the
other physical domains, cyberspace will continue to grow and is
projected to reach over 100 billion connected devices within just
the next 10 years.”
“These monetary and technological investments may determine
how dominant the Army will remain in the future,” Muller said.
The DoD has identified cyber as an operational domain much
like air, land, maritime and space; however, no military service
has been assigned the cyber domain. Additionally, the Army still
operates in a fiscally-constrained environment, where spending
and allocation of resources cannot address all aspects of cyber,
said Giorgio Bertoli, CERDEC Intelligence and Information
Warfare Directorate, acting chief scientist and lead action officer
for the strategy.
“Cyber is hard to predict,” Bertoli said. “One of the challenges is
up to this higher authority,” Lucas said. “Because of our envi-
ronment, that connection between the authority and the actual
detector may not always be there.”
If the intrusion detection sensor spots potential malicious code
on a handheld device, it might limit data transmission capabilities
but still allow the soldier to use the voice capabilities. The intru-
sion detection software would continue to monitor the device
before determining if it needs to come off the network.
Another aspect of defending the network includes software
assurance. Typically, one vendor does not develop code for single
software application, but rather multiple vendors contribute to the
code and then integrate it into one package.
CERDEC and the US Army Research Laboratory have devel-
oped various techniques, such as fuzzing, to analyse binary code
to identify potential holes in the software.
“Fuzzing is where you throw garbage at the executable code and
try to get the software to do something that it wasn’t designed to
do,” Lucas said. “ Then through analysis, you can see if there was a
buffer overflow or a memory leak where now it opens a potentially
exploitable window into that software.”
From the research and development side, CERDEC wants to
perform the majority of software analysis upfront before the
system is fielded. Not only will it protect Soldiers from using vul-
nerable software, but it will also save the Army time and money
in development and sustainment.
“Software analysis is a continuous process you need to do, and
then we also have developed capabilities to where ultimately we
don’t want to wait to the very end just before the application goes
out to the field,” Lucas said. “Do it up front, do it during the actual
coded development and writing, where you can ultimately save.”
Based on a calculation done on a mission command applica-
tion, if a vulnerability in a system was found during the develop-
ment cycle instead of the pre-deployment phase, the government
could save roughly US$30 million over the entire program life
cycle, he said.
ACCESS CONTROL AND IDENTITY MANAGEMENT
An additional tactical concern is access control and identity man-
agement at all levels across the network, as there may be a mixture
of cleared and uncleared users.
Most employees associated with the government are familiar
with the common access card, or CAC, which allows two-factor
identification to gain access to government-issued computers.
This form of two-factor identification works adequately for sta-
tionary systems in an enterprise and non-dynamic environment,
such as an office cubicle; however, a CAC is not the most practical
access control and identity management tool for many environ-
ments, Lucas said.
“Ultimately how you come up with or maintain that trust
consistently across the network is very hard to do. From a device
perspective, the user needs to have trust in the device, which
provides the information to them to make decisions. You want
to ensure that nobody can just add a device of their own, like an
enemy laptop, to the network. You want the devices themselves to
CERDEC is working with project managers and the chief
information officer/G6 to research, design, develop, and test state-
of-the-art identity management systems which will work in the
unique tactical environment.
OFFENSIVE CYBER OPERATIONS
The Army’s CMDS calls for the continued effort to further protect
its tactical networks, but it also calls for research and development
on how to leverage its own sensors and exploit enemy capabilities.
“Offensive cyberspace operations provide a military command-
er a non-kinetic capability option that eliminates or minimises
the physical damage caused by other traditional forms of military
engagement,” Bertoli said.
“One of the key things we’ve been pushing for a while now is
that we need to do a better job of leveraging our tactical assets
to improve CEMA [cyber electromagnetic activities] situational
awareness,” he continued.
As part of the CMDS, the Army will continue to determine
how it can best leverage sensors that are already in the field to
enable such cyber capabilities.
To make these offensive and defensive advances, the Army
needs to base its development on a modular and flexible archi-
tecture to ensure it can keep up with the continually increasing
advancements in cyberspace.
It is impractical for the Army to chase after every new tech-
nology to defeat it; however, it is possible and fundamentally
important to further develop architecture frameworks, which
will minimise the amount of new code needed to deal with new
technologies, according to Bertoli.
“In order to achieve this, you need to have some pretty exten-
sive laboratory infrastructure like we have here at APG [Aberdeen
Proving Ground], and those labs have to be constantly updated to
keep up with the churn of technology,” he said.
“ Though a great first step, the Army is still working at defining
its role and doctrine as related to cyberspace operations. This,
coupled with the rapid pace of technical innovation within the
domain will require the S&T [science and technology], oper-
ational, doctrinal and acquisition communities to maintain
close working relationships and to ensure this strategy remains
current,” Bertoli said.
This article sourced from the US Army’s Communications-Electronics Re-
search, Development and Engineering Center.
the technology turnover rate is very high. Adoption for new tech-
nology is also increasing as the public becomes more and more
comfortable embracing new technological advancements.”
“You can predict that processing power is going to keep in-
creasing; you can keep predicting bandwidth wired and wireless,
is going to keep going up; you can predict new technologies like
quantum computing will eventually come to pass,” Bertoli said.
“The hard part to predict is how are they going to be used? What
are the new applications these technical advances are going to
CYBER FOR TACTICAL OPERATIONS
The Army identified that it needs to make advances in several
Army-unique problem sets. One such area is its tactical opera-
tions center, where military specific operations occur. While its
enterprise level network is similar to commercial businesses, the
tactical network faces military-unique defensive and offensive
Tactical networks have limited bandwidth with high-bit error
rates, high latency, intermittent connectivity and roaming infra-
structure and users.
“On top of that, you have other related data like mission com-
mand data that are passing over these very limited bandwidth
channels to begin with. Any security you pass over these channels
degrades what other traffic they can send,” said Steven Lucas,
chief engineer, CERDEC Space and Terrestrial Communications
Directorate, Cyber Security and Information Assurance Division.
The Army is unique in that it operates for extended periods
within adversarial environments.
“We’re highly reliant on distributed communications systems,
which are more prone to interception because you are in close
proximity to the enemy within radio line-of-sight range,” Bertoli
INTRUSION DETECTION AND NETWORK DEFENCE
One aspect of defending the tactical network includes intrusion
“Intrusion detection allows a sensor to detect potentially ma-
licious activity on a specific node, such as a handheld device or a
laptop, and limit the user’s capabilities,” Lucas said.
“With respect to intrusion detection, you have sensors that are
doing the detection of malicious activity, either on the network or
at the host level, and whenever they detect something they feed it
Links Archive DTR MAY 2015 DTR JUL 2015 Navigation Previous Page Next Page