32°23'27.9"N 84°48'41.3"W

If 20th century acquisitions were defined by machines, in the 21st century acquisitions will increasingly be about code. This is already an observable trend; we are, after all, almost a fifth of the way into this era, and while it is still airframes and ships and mechanical bodies that capture headlines, it is how those exoskeletons house code that drives new and research. Preparing for interstate conflict, and managing irregular warfare, are now as much about people and populations as they are about software and systems.

Complicating matters is that code itself transports incredibly easily. As free as information wants to be, that makes proprietary details hard, and it can make classification in particular vexing. Across the Pentagon, people are thinking of how to take advantage of the code that already exists, while adapting it to a military enterprise that centers on holding and exploiting secrets. How people find, harness, secure, and iterate code is not as flashy as jets roaring over head, but soon it will be impossible for jets to fly without it.

We think of war as the bright, chaotic moments, the kinetic outbursts and gunshots and explosions. Most of the enterprise of war, now and in the future, happens in the long lulls between sudden violence. Increasingly, what happens in those lulls shapes how the fighting actually plays out.

War is coding, as much as anything.

I’m Kelsey D. Atherton, reporting from Albuquerque, New Mexico, and this is the fifth installment of Tomorrow Wars.

This issue, I am taking a look at the code-centric enterprises that undergird everything from file-sharing to election security. Code is important to the conflicts of the now, and will only become more so into the future. Figuring out how to adopt it correctly in the present leads to far better futures down the line.

° 1. ENGINEERING ELECTION SECURITY.

Voting is a human activity, facilitated by technology. At the heart of it is a puzzle that has vexed humans for thousands of years: how to count every voter, and how to guarantee that voter anonymity while preserving trust in the voting system. Election security isn’t the typical place to find DARPA, the Pentagon’s blue skies projects wing, but if the whole of national security rests on the faith that elections are fair and legitimate, then ensuring the integrity of voting machines broadly falls under DARPA’s ambit. The agency participated in the voting village at the 2019 DEF CON hacker conference, bringing firmware and hardware tools designed to prevent the installation of malicious software on voting machines. The tools involved, weirdly, are named “System Security Integrated Through Hardware and Firmware,” or SSITH, an acronym that specifically references an autocratic cult from Star Wars. Beyond ballot boxes, the methods used by the SSITH could also protect other databases and computers from hostile exploit or data exfiltration.

° 2. SAFETY STANCE

Filesharing is as much a part of the modern military as PT and powerpoint. Making data work over distance at size is a particular task, and while there’s a world of commercial tools available, the specific nature of military information led to a proprietary tool, built with military security in mind. Dubbed Secure Access File Exchange, or (SAFE). The problem with the original, U.S. Army Aviation and Missile Research Development and Engineering Center (AMRDEC) produced, version of SAFE is that, following the discovery of a vulnerability, it went down for months, from November 2018 to February 2019, as my colleague Andrew Eversden wrote. A new version of SAFE launched August 15, and offers a greater file-sharing capacity.

With any proprietary software outage there are two fundamental questions to ask: can the job be done good enough by something already on the market? And how long before the vulnerability was found did the vulnerability persist?

Code is a fundamentally tricky enterprise to get right, and the question of finding vulnerability is a matter of when, not if. Open source and widely used tools have the benefit from as large a user base as possible. More eyes on the code means better odds of earlier discovery and disclosure of vulnerability. In building code-heavy tools in the future, designing for perfect security can hinder capacity in other ways. It’s a problem so big that the director of the Defense Intelligence Agency has called for an end to proprietary tools, as my colleague Nathan Strout reported.

° 3. BOT YOUR 01110011 01101001 01111000

Code isn’t all just databases and file-sharing. Where the code hits the road, as it were, will be in guiding autonomous systems and helping humans navigate and interact with machines as they move through dangerous territory. We’ve already discussed the work DARPA has done with the Marine Corps on Squad X, which integrates robots into squad tactics. The Army’s Maneuver Center for Excellence is working towards a similar goal, with a request for white papers posted August 5 at the National Advanced Mobility Consortium. The Center is seeking technologies that can help a robot-aided platoon tackle a force that is unaided by robots but ten times as large. To make this possible, the robots will need to have a high degree of autonomy, not just scouting and flying or driving on their own but also processing what they see and transmitting that into useful and ephemeral intelligence to the humans they are fighting alongside. The Center hopes to test the technologies in an exercise at Fort Benning in September 2020, which could foreshadow the squad and platoon tactics of the future.

° 4. 2-BACKRONYM-2-PALOOZA

Here at the Tomorrow Wars studio, we love acronyms warped backwards to sound like special features on a G.I. Joe playset. Have a favorite backronym? This fortnight, in addition to SSITH and SAFE above, we saw the All DIrections Flying Object, or ADIFO, a riff on UFO for a very clearly identified flying saucer. Maybe you know a secret FIND (Famous Idiom Named Doodad)? Email me at katherton@c4isrnet.com and I might include it in a future issue.

That’s all for this fortnight. Questions, comments, or debate points on tabs versus spaces as they pertain to national security, email me at katherton@c4isrnet.com.

Want this newsletter in your inbox as soon as it's sent out? Subscribe here.