Software-defined networking could get Army’s data moving faster
by John Shotwell and Amy Walker
As part of its tactical network modernization strategy, the Army has begun development, integration and Soldier-driven assessments to determine whether work integrating commercial off-the-shelf solutions could support the potential use of software-defined networking in tactical military environments. Similar to the way cloud computing improves capability by moving data storage from a device to a centralized data storage facility, software-defined networking is a network modernization approach that relocates and centralizes local network routing control functions at a secure remote location.
The Army’s software-defined networking goals include:
- Reducing complexity for the tactical user while simplifying network management for communications officers.
- The ability to rapidly provision (load software) and re-provision network nodes based on mission to prepare them for operational use on the network.
- Improving network resilience, including an automated primary, alternate, contingency and emergency routing plan.
- Increasing network security.
A software defined networking architecture is a more dynamic design that could make network management, administration and signal prioritization easier, more flexible and effective.
WHAT IS SOFTWARE-DEFINED NETWORKING?
As part of the basic networking, before information is transmitted, it is broken up into smaller digital data packets. The network then chooses the best path, or route, to send each data packet, and once they reach their destination, the network reassembles them. The network performs two basic processes on the data packets—one process focuses on forwarding the packets to their destination and is referred to as the “data plane,” and the other process focuses on routing the packets and is referred to as the “control plane.” In the Army’s current traditional network, these two process planes are located and implemented together at a local level by a tactical network node’s hardware and proprietary networking operating systems. On the other hand, in a software-defined networking design, these two process planes are separated. The forwarding functions (the data plane) remain with the local network device, but the routing control functions (the control plane) are extracted, turned into more dynamic software, and centralized at a network operations facility, or in a campus network environment, where they can be managed collectively by experienced signal Soldiers.
The remote routing controller knows all of the nodes that it can manage, and it can sense when there is congestion in the network or when there are dropped data packets, due to things like bad satellite connections or even enemy jamming. Through metrics embedded in the software, this intelligent controller can sense the most efficient path available and tell the nodes in the network to route around the issues. The Army’s current software-defined networking efforts are setting the stage to optimize routing even further by leveraging machine learning in the future, when the required technology becomes available.
RAPID TASK REORGANIZATION AND CYBER OPERATIONS
To accomplish certain missions in today’s fight, commanders may need to reassign certain units, such as moving a company, to a different battalion. Unfortunately, such a move requires signal Soldiers to re-provision the unit’s vast number of network systems with new data and software, including new applications, firewall configurations and initialization data products. Initialization data products are assigned to each unit before deployment or training events to enable the systems to run on the network, but when a unit is reassigned, new data products are needed to support the new assignment. These products include unique identifiers, roles and Internet Protocol addresses, taking into account a unit’s specific mission, personnel footprint and mix of networked mission command systems. The Army refers this process as unit task reorganization.
In the face of potential peer and near-peer threats, the Army needs dynamic and flexible network re-provisioning capabilities to reflect changes in mission and assigned units. In the past, signal Soldiers manually conducted the provisioning and re-provisioning process one device at a time, with physical cables connecting each node to the network, which took many weeks, depending on the equipment and size of the unit. More recently, new Army capabilities are enabling over-the-air provisioning and security patching, which could, for example, speed the time it takes to provision a brigade’s worth of on-the-move, network-equipped vehicles from two weeks to three days, without having to take the entire system offline in the process. The implementation of an Army software-defined networking design could speed that process even further, cutting the time down to hours.
In a similar respect, the Army is also looking to leverage software-defined networking to increase security in the tactical network by enabling rapid response through centralized changes to security policy, patching and configurations in support of offensive and defensive cyber operations. This would enable the Army to defend itself against enemy cyber threats across the network and push security updates to units all over the world, simultaneously, from the remote centralized network operations center.
OVERCOMING A DEGRADED NETWORK ENVIRONMENT
A software-defined networking design could enhance system and network simplicity for tactical users, since it moves some of that network complexity to a centralized network operations center. However, the Army will have to leave enough of the routing control functions locally, within the tactical device, to get through network challenges found in degraded signal environments. These degraded network challenges include network transport environments that are highly latent (slow), disconnected, intermittent and with low bandwidth, which the Army refers to as DIL environments.
The tactical network is an interconnected mesh design, with different sized line-of-sight and beyond-line-of-sight systems that exchange data over different frequencies and multiple transmission paths. Together these unified systems enable secure network connectivity and data exchange across the force, from a large command post down to the Soldier on the ground with a handheld device. Unfortunately, degraded network challenges are inherent in the Army’s tactical network, and not just because of its size, breadth and complexity. Connectivity issues can also be caused by topography like mountains or buildings that block signals; on-the-move communications; or, more increasingly, enemy jamming.
In recent pilot efforts with operational units, the Army has been experimenting with both software-defined networking and software-defined wide area networking. These laboratory experiments and operational unit pilots are underscoring the need for solutions to detect and route around network interference and congestion, and to load-balance flows across multiple transmission paths, to increase network speed, performance and reliability.
If the Army switches to a software-defined wide area network design, the remote centralized network controller will need to include software that implements a strong and automated primary, alternate, contingency and emergency routing plan, so that it can automatically route and reroute signals over multiple transmissions paths, choosing the strongest available paths for optimal connectivity and resilience. The Army wants to ensure continuity of operations, to enable network routing to be seamless and transparent to the tactical user, so Soldiers can focus on the mission and not the network.
Additionally, the network will need to have a fallback to compensate for degraded network emergencies, when the tactical network systems on the battlefield can’t “talk” to the remote network routing controller. To offset these scenarios, software-defined networking solutions will need to incorporate capabilities such as initialization data products and basic router configurations that reside locally, which the tactical network system can leverage until stronger network connections to the remote intelligent routing controller are restored.
THE SEARCH FOR TAILORED SOLUTIONS
Under an other-transaction authority rapid acquisition process, which leverages Soldier feedback, experimentation and prototyping, the Program Executive Office for Command, Control and Communications – Tactical (PEO C3T) is experimenting with commercial software-defined networking technologies at its integration facilities at Aberdeen Proving Ground, Maryland. Additionally, in late September 2019, supported by the 1st Armored Brigade Combat Team, 3rd Infantry, the Army assessed prototype software-defined networking and software-defined wide area networking software loaded onto the unit’s new at-the-halt tactical network hardware (fifth-generation technical insertion prototypes that the unit is currently piloting), at Fort Stewart, Georgia. Results from this experimentation effort are helping to inform software-defined networking design decisions and use cases—a set of possible sequences reflecting how users will employ the capabilities.
As the efforts evolve, PEO C3T plans to leverage an open-standard design for easy integration—and to avoid proprietary designs or commitment to particular vendors—to spur innovation while keeping costs down through increased competition. System developers from the Army acquisition and research communities are working closely with industry to ensure they understand the degraded signal challenges in the Army’s network, which are much greater than in commercial networks, as well as other specific objectives so that they can provide us with more tailored solutions. These objectives include:
- Assisting the Army in rapidly provisioning tactical network nodes. Software-defined networking experimentation has shown decreased provisioning time, especially when paired with virtualization and containerization, which further reduces the overall data size and speed of provisioning.
- Supporting rapid unit task reorganization. The Army needs dynamic, flexible re-provisioning to reflect changes in mission and assigned units. This functional gap extends beyond the traditional software-defined networking capabilities and needs to allow for the tailoring of each tactical network device.
- Optimizing routing in the tactical network. There is a need for software-defined networking to behave opportunistically. Because of the Army’s degraded network challenges, software-defined wide area networking solutions must enhance the network when the remote network controller is available, and enable nodes to operate independently when it is not available.
- Simplifying network management. Experimentation reveals that centralizing and automating network configuration changes makes it easier for the network node operators on the ground. However, network management, including configurations changes, can still be quite complex for the centralized signal Soldier team to execute. There is opportunity to automate many of these functions.
- Increasing security in the tactical network. The Army is looking at software-defined networking to assist in rapid cyber response through centralizing the ability to conduct changes to security policy, patching and configurations to support defensive cyber operations. This would enable Soldiers at the remote centralized controller location to send out patches or updates throughout the entire network.
The Army understands that to receive better, more tailored solutions from industry, it needs to share open application programming interfaces and use cases in areas that could potentially be supported by commercial off-the-shelf products. These include interfaces for accessing initialization data; integrating to network operations tools; accessing network health information; application-aware routing that allows applications to respond to the network’s availability; and application self-provisioning.
PEO C3T is educating industry whenever possible on the tactical network environment and its challenges, as well as software-defined networking business opportunities. Working together with modular, open-system architectures and application programming interfaces, the Army and industry partners have the potential to make a real impact in network modernization, reducing complexity for users at the tactical edge and arming them with the network capabilities they need to defeat increasingly advanced adversaries.
JOHN SHOTWELL is the director of technology management/chief engineer for PEO C3T. Since 2003, he has supported PEO C3T in various engineering capacities as a subject-matter expert in Army tactical networks and served as lead systems engineer for multiple projects. He graduated from the Naval Postgraduate School with an M.S. in systems engineering and the New Jersey Institute of Technology with a B.S. in mechanical engineering. He is a member of the Army Acquisition Corps and Level III certified in engineering.
AMY WALKER has been the public affairs lead at Project Manager Tactical Network for the last nine years, and was the public affairs lead at PEO C3T for the previous two. She has covered a majority of the Army’s major tactical network transport modernization efforts, including Army, joint and coalition fielding and training events worldwide. She holds a B.A. in psychology, with emphasis in marketing and English, from the College of New Jersey.
This article is published in the Winter 2020 issue of Army AL&T magazine.
Subscribe to Army AL&T News – the premier online news source for the Army Acquisition Workforce.