The Joint Tactical Networking Center shares lessons learned in providing software-defined radio products to enable strategic acquisition.
by Lt. Col. Matthew A. “Matt” Jury
It is much easier to define the concepts of strategic acquisition—making it more efficient, more economical and more sensible throughout the life cycle—than to put them into practice for any given program. While the concepts make sense, executing truly strategic acquisition requires process improvements, culture changes, modifications to DOD issuances and reinforcement of strategic guidance, such as that in Better Buying Power (BBP) 3.0.
Since its establishment in 2012 to offer technical expertise on wireless communications, the Joint Tactical Networking Center (JTNC) has assisted program management offices with practical recommendations as they strategically plan software-defined radio (SDR) products. Simply put, today’s SDRs are communications devices analogous to smartphones, with common software (waveforms) that allows the devices to wirelessly transmit or receive information.
JTNC’s objectives for SDRs are to maximize reuse of waveform software code, refine DOD issuances to keep up with current technology and threats, and implement open-systems approaches. In the process, JTNC has observed certain trends in the acquisition and implementation of tactical waveforms that suggest possible areas for strategic improvement: in electronic protection, early consideration of exportability, open-systems approaches, security gaps, and waveform procurements and deliveries to the government.
FROM START TO FINISH
JTNC’s core functions are to manage and provide configuration control and technical analyses for its DOD Waveform IR products, providing waveform standards and software communications architecture, and serving as technical adviser to JTNC’s board of directors, co-chaired by the USD(AT&L) and the DOD CIO. (Graphic courtesy of JTNC)
ELECTRONIC PROTECTION
BBP 3.0 guidance to achieve “dominant capabilities” requires improvements to SDRs’ electronic protection, tailored to current threats. Electronic protection involves actions taken to protect personnel, facilities and equipment from any effects of friendly or enemy use of the electromagnetic spectrum that degrades, neutralizes or destroys friendly combat capability. To accomplish this, we need detailed current threat intelligence and testing that accurately simulates both the main threat and tactical circumstances and tactics. These improvements are necessary to evade interception, jamming and platform destruction, mitigate GPS denial or deception for network fragmentation, and mitigate the effects of friendly and adversarial jamming.
JTNC recommends changes in DOD issuances and procedures for design and testing of tactical radio systems and waveform components to enhance the reliability of communications when subjected to adversaries’ electronic warfare systems and tactics.
A recent JTNC white paper, “Electronic Protection (EP) of Tactical Radio Systems,” highlights specific electronic protection areas the acquisition community can address strategically. JTNC security analysis of waveforms includes examination of requirements for, and verification of, effective electronic protection against interception, GPS denial or deception, and jamming against electronic warfare capabilities of probable adversaries. Analyses to date consistently indicate that improvements are necessary in intelligence collection targeting, design and testing requirements, test execution, and tactics to enhance electronic protection of radio communications when subjected to our likely adversaries’ electronic warfare capabilities.
In the white paper, JTNC recommends quantifying performance thresholds for electronic protection. These quantified electronic protection requirements should be aimed at the threats the intelligence community identifies as most likely to be encountered. These include threats to waveform detection and identification, which allow the adversary to disrupt communication capabilities.
Associated with the development of waveform electronic protection requirements is the development of electronic protection test procedures and representative threat electronic warfare systems to quantify waveforms.
EXPORT CONSIDERATIONS
Integrating exportability considerations at the waveform source code level is more important than ever, given the current nondevelopmental item approach to acquisitions and the continued improvement of existing (and development of new) waveforms for SDR platforms. Developers obtaining waveforms from the DOD Waveform Information Repository (IR) need this exportability guidance early to fully consider acquisition decisions regarding SDR development and potential future sales.
In the past, when the U.S. exported communications equipment to our allies, it was often thought about in the form of a properly secured hardware platform (a radio). As SDRs continue to be developed worldwide, our allies are beginning to request SDR waveform source code to put on their national SDRs.
Accordingly, JTNC technical analysis of DOD Waveform IR products includes exportability. Several JTNC reviews to date indicate the program documentation needs to include consideration of waveform source code export. Unfortunately, in many cases, the documents and artifacts reviewed are vague and do not lend themselves to straightforward observations. To ensure that critical technologies are not inadvertently exported, while enabling allied interoperability by making prudent export decisions, a comprehensive internal analysis of the waveform is needed to develop exportability positions and gain an understanding of any potential vulnerabilities. (See Figure 1.)
STEP-BY-STEP ANALYSIS
JTNC security analysis examines effective EP against interception, GPS denial or deception, and jamming against electronic warfare capabilities of probable adversaries. (Graphic courtesy of JTNC)
OPEN SYSTEMS
Implementing open systems approaches requires persistence and effective dissemination of collaboratively generated standards. The culture shift to open systems approaches is challenging, but the benefits of implementing collectively developed and agreed-upon standards include reusability and interoperability. Open systems and architectures are DOD’s preferred path to reusability, interoperability and competition, as the April 2015 implementation directive for BBP 3.0 notes: “In accordance with DoDI 5000.02, PMs are responsible for applying open systems approaches in product designs wherever feasible and cost effective. Such approaches should be considered for enabling competition for upgrades, facilitating reuse across the joint force, easing technology insertion, and aiding adoption of incrementally upgraded software.”
The JTNC DOD Waveform Standards Directorate is proactively engaging with government and industry entities on the evolution of the software communications architecture and application program interfaces to enable alignment with industry standards and DOD acquisitions. To date, JTNC has 37 tactical radio standards registered in the DOD Information Technology Standards Registry (DISR). While the DISR hosts many standards, JTNC-developed standards originated in, and apply to, tactical SDRs.
JTNC recently developed an Open Systems Architecture Procurement Requirements Guide for Waveforms and Tactical Radios. The guidance is modeled after language from DOD Instruction (DODI) 5000.02, the BBP 3.0 implementation directive, DOD Open Systems Architecture Contract Guidebook for Program Managers version 1.1, and recently released DOD requests for information and proposals. The intent of the document is to increase DOD and industry adoption of open systems architecture. It is useful to program management offices procuring affordable SDR products and capabilities, providing recommendations for input to solicitations.
The JTNC DOD Waveforms Standards Directorate continues to lead the effort based on proactive implementation of BBP 3.0 through collaboration with the open systems community. In FY16, the directorate engaged with more than 20 PM offices (leaders and technical experts) across the services, eight other government organizations, 14 industry stakeholders, three standards organizations and two allies via working groups, meetings and training events. The collaborative effort and open systems approach enabled the development of Software Communications Architecture (SCA) Specification 4.1, the architecture framework that assists SDR development and meets military and commercial application requirements.
SECURITY GAPS
While SDRs offer substantial improvements in communication capabilities, PM offices should strategically address identified security gaps. The team analyzing waveform security has observed waveform security gaps that require strategic solutions.
The SDR development environment for security was created in 2005 based on National Security Agency Type 1 certification requirements to ensure trusted communication of classified information on radio platforms and pre-evaluation of waveform applications. Since SDRs are indeed software-based, the code is as potentially vulnerable as any other code. But because of the importance of this link in the digital chain, the security of the code is even more important. Cybersecurity threats and defensive techniques have both evolved to a new level of sophistication, increasing the risk of compromise to the current products as a result. Development efforts compliant with SCA 4.1 mitigate security risks based on incorporated architectural measures against more contemporary threats.
Coupled with outdated security controls is recognition that current DOD security reviews are too limited. The DOD information assurance certification and accreditation process and risk management framework (RMF) control application are not focused on software-level requirements. DOD needs to invest in the development of an expanded life cycle approach for waveform software based on the RMF controls.
To maximize the benefit to the government of funded software development, PMs should be specifying, at a minimum, government purpose rights software and appropriate waveform documentation. Over the course of five in-depth analyses, JTNC has developed an experience-derived checklist of waveform artifacts (including source code) that the team uses to make observations in the areas of interoperability, security, affordability and exportability. This list, referred to as entrance criteria for a JTNC waveform analysis, is a resource that PM offices can obtain by contacting JTNC and leverage during waveform procurement to improve the end product.
PROTECTION FROM ELECTRONIC WARFARE
Enhancing electronic protection of U.S. radio communications is critical for mission success. (Image by U.S. Army Acquisition Support Center)
CONCLUSION
JTNC will continue to execute its mission toward the vision assigned by the undersecretary of defense for acquisition, technology and logistics and the DOD chief information officer for “interoperable, secure, and affordable waveforms and wireless communications in support of service, multiservice and coalition forces.” With a uniquely interagency perspective, experience base from waveform analyses and recommended standards from an open systems approach, JTNC will continue to fulfill its role as technical adviser and share observed trends along with associated recommendations.
For more information or to request the white paper “Electronic Protection (EP) of Tactical Radio Systems,” contact the JTNC Public Affairs Office at JTNC.Public.Affairs@navy.mil. For CAC-enabled access, go to https://www.dodir.mil/jtnc_docs#.
LT. COL. MATTHEW A. “MATT” JURY is deputy director of JTNC, San Diego, California, responsible for providing oversight and management in the execution of tactical and strategic plans. He has a master’s degree in acquisition management from Florida Institute of Technology and a bachelor’s degree in environmental engineering from the U.S. Military Academy at West Point. He is Level III certified in program management and a member of the Army Acquisition Corps.
This article will be published in the January – March 2017 issue of Army AL&T Magazine.
Subscribe to Army AL&T News, the premier online news source for the Acquisition, Logistics, and Technology (AL&T) Workforce.
