WASHINGTON — The U.S. Army is testing whether technologies developed in a lab to defend the tactical network and ensure safe data transfer can survive real-world conditions.
These tools differ from traditional cyber defense methods given the makeup of the Army’s tactical network. Unlike a static enterprise network where servers sit in air-conditioned buildings and have near-constant connectivity, the tactical network must be mobile and distributed. This would complement the Army’s goal that formations be able to more frequently change locations, sometimes more than once an hour, in response to new tracking techniques from adversaries.
Thus, the tactical network must involve easy assembly and disassembly. It also won’t have the same access to bandwidth, connectivity and cloud capabilities of enterprise networks.
The tools being tested at Network Modernization Experiment, or NetModX, include technology that can autonomously detecting anomalies on a network, aid network defenders, and assure the viability of information and data passed from one user to another.
NetModX is focused on maturing these science and technology efforts for Program Executive Office Command, Control and Communications-Tactical for use in its tactical network modernization efforts, mostly focused on echelons from the brigade to battalion level and below in the command post. The experiment will help procurement officials determine what architectures and systems to buy.
One of the technologies undergoing testing is autonomous cyber, said Frank Geck, autonomous cyber lead for the Combat Capabilities Development Command’s Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance, and Reconnaissance Center.
“A couple of main objectives of autonomous cyber is to proactively defend the network at machine speed against advanced cyber, near-peer adversaries and also help secure autonomous decision-making systems, i.e., meaning our [artificial intelligence] and machine learning,” Geck told C4ISRNET in an Aug. 19 interview.
As part of this effort, Geck said the C5ISR Center is examining and demonstrating machine learning at the tactical edge.
“Generally, as you’ll see in an enterprise environment, that is usually done [in] more of a ‘bring all of your data into a cloud-computing’ environment,” he said. “In our particular case, because the network wouldn’t support something like that because bandwidth, we’re trying to do machine learning at the tactical edge and prove that out here.”
Geck characterized some of these efforts as human-machine teaming because developers are including humans in the decision-making process, though machine-learning capabilities are designed to aide network defenders at the tactical tip of the spear.
Another key technology being tested at NetModX is called information trust. This is a system of software capabilities that seek to improve the fidelity of data.
In other words, it creates enhanced awareness of information from its creation to when it reaches the consumer, according to Wendy Choi, the information trust lead at the C5ISR Center, who also spoke to C4ISRNET. This allows users and consumers to track changes in that data and see where such changes occur.
This is particularly important, as adversary’s have demonstrated their penchant for not just pilfering and deleting data when gaining access to networks, but altering data to blunt effective decision-making. After all, commanders must be able to trust the data they are getting across the network.
Choi added that at NetModX, the Army is also testing commercial block chain technologies to evaluate their applicability in this tactical, degraded environment.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.