Systems that can evolve

Defence & Security Systems International: What drove the development of this vision and the related research?

Timothy Carlton: The UK military is embracing the information age, as highlighted by former Commander Joint Forces Command General Sir Richard Barrons in 2015. Subsequent research has reconfirmed the need for command and control (C2) agility, so that individuals and organisations can integrate and maximise their resources and activities to achieve desired outcomes. This requires agility from the human component of a force as well as their communications, computers and information systems (C2IS). In turn, these are driven by the rapidly changing and varied situations faced by the UK military.

The UK and other nations are looking to improve their C2IS agility through the development of modular-composable C2IS with autonomous subsystems that can be reconfigured ‘on-the-fly’ using policy controls and orchestration, and that the C2IS can evolve long term by incorporating new technology.

Can you tell us more about C2IS agility?

Agility is ‘the capability to successfully effect, cope with, and/or exploit changes in circumstances’. Research has shown that, for C2IS, this is principally about making the right, appropriate and proportional modifications in response to external changes, such as missions, threats and environmental stressors, in a timely manner on demand.

Please can you explain what the agile C2IS enablers are?

Updating or adding functionality through hardware changes is costly from a security accreditation, commercial and time perspective. The ability to reconfigure or add functionality ‘over-the-air’ or ‘on-the-fly’ using software-defined and data-controlled systems aligns well with the information age.

From a C2 perspective, the C2WWIS needs to support information superiority by getting the right information and services at the right time, and to the right place in a form that is suitable for rapid use through a single information environment (SIE).

The UK deploys its forces to achieve a set of operational goals – can others use these to shape their C2IS?

One approach is to define the mission or operational goals and a set of policies to design the system. The design is represented as an interrelated set of goals, tasks, services, assets and resources that is refined until an acceptable solution has been identified.

Once deployed and in use, its performance is measured, driving revisions of the trade-off across the goals, policies and design.

This overall process is captured in the graphic (above, right), and would be integrated into the overall operational planning processes.

Planning is complex and any additional activities must minimise the training requirements and maintain planning tempo. Unambiguous English could be used to represent the goals and the trade-off decisions associated with a design that is generated by a machine-reasoning engine to permit, in non-real time, human review.

Pre-assessed design patterns could further simplify this process. Design and decision support tools that also use constrained natural language would allow the influence of constraints, policy limitations, and the loss of resources to be examined for different designs and courses of action. Further concept research is required and should focus on how to harmonise goals, policies and design development with downstream orchestration.

How are the data-defined policies and design patterns used?

Policies and design patterns drive the orchestration processes that automatically build and configure each system, as well as its inter-connectivity with other systems, including the interoperability gateways, the information and network routing, which relates to content and software-defined networking. The use of pre-approved design patterns and policies enable changes, while preserving a degree of known assurance and making accreditation easier.

With an approach to establishing a goal-based design and data-defined behaviour-shaping policies, can clients use this in their ‘software-defined data-controlled everything’ C2IS?

The UK’s Ministry of Defence (MOD) has developed a set of requirements for future C2IS architectures raised within defence as a platform (DaaP) and new style of IT (NSoIT).

Research established a MOD-owned accreditable architecture using virtualised systems and services that were designed to meet the size, weight, power (SWaP) and agility requirements.

The architecture was proved through a scalable build that demonstrated five security domains with C2 applications, message transformation, and connectivity through data and communications links. Information exchange between security domains was enabled through cross-domain guards and was complemented with a secure browse-down capability.

Agility was directly enabled through software-defined and data-controlled everything, including the dynamic reallocation of C2IS resources that were enabled by the virtualisation, adaptive information routing, based on its content and automatic service prioritisation when network resources were constrained.

The automated build and orchestration de-risking showed that such a deployed C2IS could be rapidly built using fewer resources while maintaining, or improving, the security and robustness.

SDNs are an agile method of making the network layer completely programmable with the network control implemented in software, and separated from the network hardware. Traffic traverses the network with routing, prioritisation and load balancing that occur dynamically. Cloud and virtualisation technologies can be harmonised with SDNs for the benefit of HQs and fixed installations.

So linking this back into the vision – the software build of the systems, the configuration of applications, user accounts, the information services and key networks could all be goal-driven, data/ policy controlled and software defined.

Can you tell us more about follow-on challenges, including how to assure useful dynamically composed sets of information services, and ensuring the company’s tactical radios and low bandwidth networks actively extend C2IS agility through into the tactical domain?

Identity and access management (IdAM) can be used to establish the identity of an individual, role, service or process and their access rights. If combined with object-level information security, as per the information based security approach (IBSA), fine-grained information availability and access control will enable a SIE across defence by helping to break down security stove-piped systems.

Reliable and fast-key distribution at scale and assurance strategies for ‘over-the- air’ or ‘over-the-wire’ dynamic recomposition require further research.

Can clients trust a dynamically composable system to be available and reliable?

The pre-deployment verification of all combinations of services and processes will not be possible, given their number and rate of change. The systems will perform runtime assurance and verification-detecting deviations from ‘good’ behaviour, and will then autonomously reconfigure themselves.

If dynamically composed process chains within national and coalition federated systems manipulate information, how would an autonomous system judge that the output was fit for purpose? This requires knowledge of what ‘good’ behaviour looks like and what processes do; key compositions need to be assessed and autonomous systems trained under controlled conditions; for example, in simulated environments that are configured with captured-run-time data.

No current accredited-communications system supports such large-scale real-time changes, so this poses a key challenge for a whole C2IS.

How could agile networks and radios dynamically adapt to meet changing circumstances and contribute to C2IS agility?

Agility, when focused on the radio, requires that it can sense the electromagnetic environment (EME) and share that view, and as a network collectively decide on a suitable response and act upon it. Many radios adapt through changing transmission power levels and modulation schemes.

Future radios need to handle a congested and contested EME. An agile radio will be able to autonomously change waveforms and its dynamic spectrum management strategy, based on its radio network’s capabilities and the information services that it needs to support. This information, the user-defined policy – which includes the communications and spectrum management plan – and the state of other radio nodes, in that net are used to collectively decide how to adapt via the inter-node agility control, with the reconfiguration achieved by passing information back into the stack.

The key intra-node control is managed by the spectrum sensing and shared spectrum scanning modules that capture the sensed EME data and, together with the mission and environment assessor and the threat assessor, help to determine the changes necessary to meet mission goals.

This includes the negotiation of radio net reconfiguration via the inter-node agility control and warning the operator via the HMI and decision support service, if goals cannot be achieved. To allow the agile radio to make best use of the EME, appropriately sharing the information it senses with other EME users will allow de-confliction and cooperation.

What changes should be made to antennas?

Today’s military platforms require multiple different antennas for communication, navigation and sensor subsystems. As a result, this raises platform integration challenges in terms of co-site interference, location and SWaP.

Future antenna designs need to address this and more research is required into many areas, including how an intelligent adaptive antenna and configurable radio frequency elements in an agile radio could enhance its agility.

How can the interactions between agile radios and networks be enhanced?

The interactions between the agile radios and networks with the SIE and applications need development, in order to realise a tactical-deployed infrastructure that can dynamically adapt to meet users’ information needs through the cooperative trade-off of information service provision and network radio configuration. The C2IS design and configuration need to be goal-driven to manage the risks and effectively leverage orchestration across the C2IS.

Achieving this will include enabling the C2IS to ‘understand’ the military and system context, as well as establishing what ‘good’ behaviour looks like for a complex composable system with autonomous functions.

The realisation of this vision will ensure that the UK’s deployed C2IS will not limit C2 agility in any way; for this to succeed the MOD, coalition partners, academia and industry will have to work together to deliver this vision with the necessary levels of coalition interoperability.