MARINE CORPS BASE QUANTICO, Va. — The U.S. Navy must receive software updates and patches for the fleet within days if it’s going to win in the future, the Department of the Navy’s acquisition boss said Sept. 25 at Modern Day Marine.
James Geurts, assistant secretary of the Navy for research, acquisition and development, said the fleet has been working on the rapid development of software to get needed upgrades to the ships ahead of pierside availabilities, a pace he said was too slow for the modern battlefield.
“We recently did one of our proof-of-principles to say: ‘How do you take ... software, get it system certified, get it cyber certified then get it out over the airwaves, uploaded on to a ship and into the combat system in 24 hours,” Geurts said.
“My view is unless we get to the point where I can identify a software requirement, whether it’s an [artificial intelligence] algorithm or something, find the solution, get it checked out on the network, give it whatever cyber-proofing it needs and get it into the fight in less than a week, we are not going to be successful in the long run.”
The Navy doesn't need more authorities from Congress to rapidly procure. It just needs to figure out how to use what powers it already has.
The Navy has increasingly found that its current systems are capable of adjusting to new threats through software upgrades rather than buying new systems and installing them, a time-consuming and cripplingly expensive process that has been the norm in years past.
Geurts said the Navy had to have a software architecture that was amenable to rapid upgrades so that developers would not need to re-test the underlying architecture each time a patch or fix is uploaded.
Furthermore, the service also has to develop cyber security standards that don't just weigh whether or not something can be compromised but begin to think of it more in terms of risks associated.
“The answer isn't yes or no, it’s ‘Commander here is your risk.’ And then weigh the risk of doing that [upgrade] versus a potential cyber impact so that commanders can make reasonable command decisions. Because there is always a risk to not doing something. We often talk about the risk of doing something, we don't often talk about the risk of not doing it.”
Geurts told a gaggle with reporters after the talk that he was not talking about uploading whole new programs that sailors might be unfamiliar with but more iterative upgrades.
"Don't take that to an extreme to where we will load on something that nobody has ever seen before, but it could be that there is a particular issue or new need, and you can envision us testing and training that shore-side, making sure it’s right – we don't want to wait for the ship to come home we could potentially blast that out [to the fleet.]"
The Navy is also working more with having digital doppelgangers of its combat system on board its ships so that new technologies can be tested by the crew and commanders before its uploaded into the main combat system, a hedge against reaping unintended consequences by uploading a feature or patch without knowing exactly how it will fit into the ship’s systems.
"The other thing we are doing a lot with is digital twins, where [the ship] might have the combat system that it’s fighting with as well as a digital twin,” Geurts explained. “So you might be able to upload that new feature in the digital twin so you could have both, then it’s up to the commander whether it’s something you adopt or not.”