In recent years, the U.S. Department of Defense has sought to transform into a data-centric enterprise. As part of the initiative, the Pentagon is firmly focused on what it calls “VAULTIS” goals, which state that data must be visible, accessible, understandable, linked, trustworthy, interoperable and secure.
“(It) is the responsibility of all DoD leaders to treat data as a weapon system and manage, secure and use data for operational effect,” according to the DoD Data Strategy, which introduced VAULTIS goals in 2020.
An Army-posted article elaborated upon these themes, stating that information dominance is the new arms race, and the data weapon system must enable readiness and dominance in the information and cyberspace domains. “It’s HOW the data is used that will decide who will win in the long-run,” according to the article.
Yet, in a recent interview, Rep. Mike Gallagher (R-Wis.), chairman of the House Armed Services Subcommittee on Cyber, Information Technologies and Innovation, said the Pentagon doesn’t treat data like it treats ammunition. Despite being a “massive emitter of data,” the DoD needs “a better system for capturing the data, analyzing it and then leveraging commercial AI to analyze the data and utilize the data,” said Gallagher, who is a Marine veteran with an intelligence background. “It would give us such a massive advantage, not only in terms of the pure military competition … but also in terms of our ability to find massive savings.”
The military would make profound advances in achieving those objectives if it would more effectively leverage a relatively untapped resource: the onboard data generated by weapon systems, aircraft, maritime vessels, ground vehicles and other fleet assets known as operational technology, or OT.
These assets produce tremendous volumes of valuable data that — when comprehensively captured, collected, monitored, translated, enriched, stored, and processed — can enable the observability required for actionable information and real-time decisions for predictive maintenance, fuel needs, cybersecurity threats, and mission objectives and requirements.
When data is emitted, it’s out there for anyone to acquire, including enemies. This means the U.S. can use it to its advantage, or risk having it used against it — there is no neutral state through inaction.
Here’s an illustration of the potential dangers of the latter situation: By abusing an aircraft’s legitimate data input channels, an adversary can corrupt sensor data in order to spoof the GPS system. Now deceived by bad data, the pilot approaches an airfield, surrounded by trees, for landing.
They believe they are 200 feet higher than they are, only realizing otherwise when making visual assessment on approach—a very risky turn of events. Poor visibility could easily have caused the aircraft to make contact with the treetops on approach, all because the data was manipulated in a way that maintained the pilot’s trust in the systems they’ve come to rely on.
So how can the military avoid such scenarios while maximizing the power of data to support a mission? By adopting the following best practices/recommendations:
Capture all the data
Incomplete data is one of the top detractors from effective decision making. A limited data set, stale data, and data without context all result in one-dimensional, fragmented insights, but complete data always tells the truth and is critical for a comprehensive understanding of what’s going on within an individual asset or an entire fleet.
Complete data is the foundational element of observability and enabling real-time decision intelligence at the edge. Further, the centralization of this data once captured and collected allows for deeper analysis and enrichment, and the ability to make comparisons against historical data sets for further insights, ultimately evolving the decision-making process from reactive to proactive.
You may, for example, examine communications/activity from more than 100 aircraft within the last three years. By digging in, you see that the same GPS spoofing attempt occurred on seven separate aircraft. Then you dig even deeper to discover that all seven incidents took place in a common geospatial reference. You have also captured the method being used to cause the erroneous GPS readings and can use this data to create deterministic detection methods in order to provide early warning to operators.
This is of critical importance as, unlike GPS jamming, in the case of subtle GPS spoofing, there must be a means of operator warning that their instrumentation cannot be trusted (other means of PNT reference exist which the pilot can fall back on). At this point, data is delivering highly actionable/useful intelligence because you are picking up on the adversary’s attack patterns.
Complete data shows the entire picture—both the frames of “good” data (i.e., data produced by the pilot’s input to the aircraft’s controls), as well as the frames of “bad” data (i.e., data that’s inserted with malicious intent by an adversary). In our plane illustration, there is intelligence to extract from the 200-foot gap between the instrument’s reading and reality.
From there, one can cross-check this spoofing technique with associated attack methods of various adversarial nation-states to build profiles that better inform crews in the immediate future. This allows not only for heat mapping of danger zones, but also for attribution of sources within those zones.
Make it accessible
A significant culture change must take place if the DoD is to realize data as a weapon system.
Too many agencies are determined to accumulate lots of data and then store and secure it in a place where it can’t be fully utilized. Such data holds tremendous value for countless different uses. It is far more beneficial to decisions makers, operators, and maintainers alike to have that data stored in an approved system of authority for decision intelligence and critical actions.
Make it understandable for humans and machines
For this to happen, we must ensure the data is multilingual, platform agnostic and machine readable, so any maintenance or security information and event management can ingest it. It must be understandable to all consumers, with a data catalogue that tells users everything they need to know, such as the format and what each data-element represents and that maps back to an actively maintained interface control document. As a result, users will not only get to the data, but they’ll also be provided context and understanding.
There is no doubt that data can be transformed into a weapon system, and a powerful one at that. But we aren’t there yet, in large part because the Pentagon isn’t getting the most out of all available assets. Once the valuable data contained within recordings and transmissions is recognized and made accessible, translatable and understandable, U.S. forces can ensure the information is working for us, and not our enemies.
Egon Rinderer is chief technology officer at Shift5, a supplier of onboard operational technology (OT) data observability solutions for the defense, aviation and rail transportation industries.