Jul 12, 2007

A New GIG In Town


The Global Information Grid (GIG), an open-yet-secure mega-Internet in which all soldiers may have their own IPv6 address, is moving from the concept phase and into the hardware/software development phase (see the figure). In a sense, it's ironic that the defense and intelligence establishment is reinventing what it helped to create in the first place, but the commercial Internet is too vulnerable to be a military asset.

The Internet itself is the offspring of the military's ARPANET. FidoNet, UUCP, and other networks soon followed. Over time, TCP/IP made all of these systems interoperable. That ad-hoc development allowed for too many weakpoints and hidey-holes in the Internet and the World Wide Web, making it unacceptable for battlefield command and control operations. So, it was back to the drawing board.

GENESIS
GIG was born on Sept. 19, 2002 when a directive from the Deputy Secretary of Defense titled "Global Information Grid Overarching Policy" spelled out its definition: "The globally interconnected, end-to-end set of information capabilities, associated processes, and personnel for collecting, processing, storing, disseminating and managing information on demand to warfighters, policy makers, and support personnel."

The paper mandated that the GIG include all owned and leased communications and computing systems and services, software, applications, data, security services, and other associated services like National Security Systems.

Its purpose would be to support all Department of Defense (DoD), national security, and related intelligence community missions and functions—"in war and in peace"—from any operating location: bases, posts, camps, stations, etc. Additionally, it would provide interfaces to coalition, allied, and non-DoD users and systems.

That's the top-level definition from a long document, so naturally, it's nebulous. To brief Congress, the General Accounting office published an assessment, The Global Information Grid and Challenges Facing Its Implementation. Running only 37 pages, it's one of the clearest overviews, summarizing how the GIG is intended to upgrade military operations (see the table). If you download it, scroll down to page 31 for a bibliography of relevant documents (see "Use The Net To Learn More About The Grid,").

The GIG has its roots in the concept of network-centric warfare, which is now more often called network-centric operations. Sources on the Web point to Admiral William Owens' description of a "system of systems" in a 1996 paper for the Institute of National Security Studies as a seminal event. Owens wrote of a potential system of intelligence sensors, command and control systems, and precision weapons for enhanced situational awareness, rapid target assessment, and distributed weapon assignment.

Also in 1996, the Joint Chiefs of Staff released a paper on "full-spectrum dominance." Subsequently, John Gartska, David Alberts, and Fred Stein wrote a book called Network Centric Warfare for the Command and Control Research Program (CCRP) that related a number of business case studies to a new theory of warfare based on a military network.

Toward the end of 2003, John Osterholz, the Pentagon's director of architecture and interoperability, addressed the top Internet hardware companies at an IPv6 Summit. (The GIG was going to use version 6 of the Internet Protocol, with its vastly larger capacity for IP addresses and improved security over IPv4, by sometime this year.) Osterholz said the military wanted to digitize every individual soldier and push data to the "very edges of the network," including sensors, remote platforms, and mobile force structures."

In support of the Pentagon's efforts, the North American IPv6 Task Force announced in October the launch of North America's largest IPv6 pilot network. Known as Moonv6 and taking place across the U.S. at multiple locations, the project is the largest permanently deployed multivendor IPv6 network in the world. The next Moonv6 Project will get under way the week of June 18, focusing on end-to-end secure network demonstrations, including rich media, voice, and software applications. This will hopefully validate real peer-to-peer applications without the need of a central authority.

COMING TO GRIPS WITH REALITY
The early days of the GIG were all about how the grid would transform military operations and make information instantly available across the battlefield. But now, as it gains traction, recent documents freely available on the Web deal with more practical issues.

In 2006, the GAO published DOD Management Approach and Processes Not Well Suited To Support Development of Global Information Grid. The report found DoD's management approaches too decentralized for an effort like the GIG, which depends on a high degree of coordination and cooperation.

The document recommended that DoD rework its leadership, investment decisions, accountability, and interorganization interaction policies. The DoD ultimately concurred.

Keeping the foxes out of the henhouse is another issue. Thomas Reardon, chief of the Intelligence Division for the Army Network Enterprise Technology Command/9th Army Signal Command, presented "Threats And Risks In Information Technology (IT) Acquisition And Software Assurance" at the 2006 LandWarNet Conference in Fort Lauderdale last August. Much of his talk focused on the "insider threat."

Compromised insiders could be acquisition officials, contracting officials, vendor-selection officials, or program managers. He pointed in particular to potential security problems with the commercial-off-the-shelf (COTS) components of network-centric operations systems. COTS has been a byword in military procurement since Defense Secretary William Perry's memorandum in 1994.

Reardon quoted a 2005 Defense Intelligence Agency report—Asian Telecommunications Companies Pose Potential Threat to US C4I Interests— which warned that foreign ownership of communications infrastructure can create vulnerabilities if the foreign company "can be influenced through direct ties to a potentially adversarial or economically competitive government." Systems administrators control priority information exchange and have the power to "monitor, disrupt, delay, exploit, and deny transit of communications on their networks."

The problem, as he put it, is that DoD policy does not preclude use of foreign commercial vendors. In fact, U.S. companies are becoming increasingly multinational and rely on foreign components and labor for IT products and services.

WHAT ABOUT IRAQ?
But how well can a military network deal with a guerrilla insurgency? The pieces of the military's data network that were in place for Operation Iraqi Freedom in the spring of 2003 successfully directed the almost 300,000 troops engaged in the "shock and awe" assault. From Afghanistan came success stories of drone-directed airstrikes in support of troops involved in skirmishes and against truck convoys.

But does the GIG have anything to do with improvised explosive devices and suicide bombers? Those questions fall under the subject of counter-insurgency, which has been a problem for conventional military forces since biblical times.

The GIG is only a partial bulwark against insurgents. "The people are like water and the army is like fish," Mao Zedong once said in reference to Chinese guerrilla tactics against their Japanese invaders. However, today's insurgents swim in the sea of the Internet. The military hopes the GIG will be a better and more private Internet.
-Excerpt From Electronic Design

No comments: