«DEFENSE SCIENCE BOARD SUMMER STUDY TASK FORCE ON INFORMATION ARCHITECTURE FOR THE BATTLEFIELD DTlC OCTOBER 1994 S ELECTE APR I 0 1995' G i 95-01137 I ...»
" Develop tools and techniques for validating the integrity of the data held in a data base.
Develop tools to aid in the detection of malicious software code and aid in the repair of damaged code.
* Train and exercise DoD information workers in all functional areas on the expected symptoms of an information attack and what steps they should take upon detection.
To ensure effective response to active threats to the DII, DoD should:
Provide the DII security control center(s) robust computing and communications " capability such that it can perform triage functions and manage the restoration of operations in the DII without being dependent upon the infrastructure that it is monitoring.
Train and exercise DoD information workers in all functional areas on the expected " symptoms of an information attack and what steps they should take to support services restoration.
Develop a plan for the reallocation of information utility services (computing and " communications) to support priority defense functions, in accordance with the dynamic priorities established by the JCS.
Conduct "live" exercises of the reallocation of information utility services.
"* Develop a listing of reserve computing and communications capacity (including "* personnel with technical skills) in the commercial, educational, and industrial sectors that can be used in times of national emergency, including restoral of critical defense support activities in the commercial sector.
Develop a plan and procedure, to include legislative initiatives if required, to "• preposition software and data bases at industrial/commercial reserve sites.
8.0 REFERENCES 1. Joint Security Commission Report, "Redefining Security," 28 February 1994 (Chapter 8) 2. Draft Presidential Review Directive (TS/NF), Subject: "Policy on 1W for Presidential Decision Directive (PDD)" 3. DoDD Directive TS 3600.1, 'Information Warfare," 21 December 1992 4. Joint Pub 3-13, 'Joint Command and Control Warfare Operations" 5. Joint Pub 6-02, "Joint Doctrine for Employment of Operational Tactical Command, Control, Communications and Computer Systems" (Draft) 6. JCS Memorandum of Policy (MOP) 6, "EW," 3 March 1993 B-16 JCS Memorandum of Policy (MOP) 30, "Command and Control Warfare," May 1993 7.
8. CJCSI 6212.01, "Compatibility, Interoperability, and Integration of Command, Control, Communication, Computers (C4) and Intelligence Systems," 30 July 1993
9. CJCSI 3211.01, "Joint Military Deception," 1 June 1993
10. ASD (C3I) Information Warfare Security Guidance, 11 May 1993
11. FY-96 POM Issue Paper, "Defense Information Systems Security Program" (DISA)
Figure C-1. Recommended Management Concept
Figure C-2. Recommendations for Strengthening our Warfighter Information Infrastructure Management
Figure C-3. C41 Responsibilities and Authorities
Figure C-4. Responsiveness to the Warfighter Requires Three Kinds of Reconfigurability
A Candidate Process to Produce Rapidly Reconfigurable C4I Systems........... C-14 Figure C-5.
Rapidly Evolving Commercial Information Systems Technology Figure C-6.
Must be Infused into DoD Systems
Figure C-7. Assessing Our Information Systems Posture
The Task Force convened three times as a group during the early summer to receive briefings on relevant Government initiatives and programs, and to plan its approach to the
Summer Study. The Task Force created four Panels as follows:
"" Warfighters Panel to address Information in Warfare "* Information Warfare Panel to address Information Warfare "" Management Panel to address Business Practices "• Technology Panel to address the Underlying Technology Base This appendix is the final report of the Management Panel, which was charged with dealing with the management and business practices aspects of the Terms of Reference. These aspects
generally fell into five major areas:
"" Proposing a constructive and viable information architectural process that is congruent with the Roles and Responsibilities of the DoD organizations charged with oversight of battlefield information systems;
i•Proposing organizational adjustments and processes to increase the influence of the warfighter on battlefield information systems;
* Suggesting improvements to the acquisition process for the procurement of battlefield information systems;
| Proposing the conduct of a broad net assessment of our current battlefield information systems posture; and * Establishing a "Red Team" process for the on-going identification of potential vulnerabilities in our information systems.
Prior to the August 1994 Summer Study session in Irvine, California, the Management Panel conducted a series of interviews with senior DoD executives and other DoD personnel involved in the use and management of battlefield information systems. The interviewees
Panel members, with the assistance of their Government Advisors, also conducted a review of the statutory assignment of responsibilities, authorities, and accountabilities in the information systems area, and considered current DoD Directives and organizational structures associated with the management and operations of battlefield information systems.
Management Panel Membership And Participation 1.2 Members of the Management Panel were assigned by the Task Force Co-Chairs as
"* Mr. Howard K. Schue - Chair "" Dr. John S. Foster "* Mr. Jerry King "* Mr. Robert N. Parker "* MG Cloyd H. "Mike" Pfister, USA (Ret.)
Administrative support to the Panel was provided by Strategic Analysis Inc., through the efforts of.
"* Mr. Brad Smith "* Mr. Fred Karkalik Management issues were also identified and addressed by the other panels participacing in this Task Force and were shared with the Management Panel. In particular, the Panel wishes to recognize the Warfighters Panel for its work on the Battlefield Information Task Force; the Information Warfare Panel for its emphasis on the importance of Net Assessment, and the Red Team; and the Technology Panel for its detailed thoughts on improving the Acquisition Process.
The Panel is grateful for the advice and assistance provided by all who contributed. This report represents the judgments, conclusions, and recommendations of the Management Panel.
The Status Ouo 2.1 Our battlefield information systems have grown increasingly complex as our weapons systems technologies have become more sophisticated, threats to our national security more varied, and the range of potential military operations more diverse. Because battlefield information systems can provide the military commander with the capability to understand the situation he faces and employ his forces effectively against opposing forces, they can provide the commander with enormous leverage in combat, or they can render him ineffective against a sophisticated adversary. Thus the parallel tasks of providing capable, fully functioning battlefield information systems to our combat forces, and ensuring their effective use by our forces in military operations are of critical importance to our national security.
However, in reviewing our battlefield information systems, the task force concluded that we have built a system of systems that collectively still does not adequately support warfighters' joint and combined operational requirements. We found shortfalls in information dissemination, interoperability, and in the rapid reconfigurability of our battlefield C4I systems.
For example, we encountered difficulties in preparing, coordinating, and disseminating the Air Tasking Order during Desert Storm; we had problems in disseminating imagery to tactical users in Desert Storm, especially national imagery; and we encounter chronic problems when we try to equip an ad hoc Joint Task Force with appropriate C41 capabilities. While advanced technology can materially assist in dealing with these shortfalls, they can be attributed primarily to management and organizational limitations, and consequently, will be amenable to improvement through management and organizational improvements.
The panel found that the DoD has recently established a number of management process initiatives designed to produce major improvements in these shortfalls. These initiatives
"* The C4I for the Warrior Vision;
"• The implementation of the Global Command and Control System;
"* Admiral Owens' expanded JROC Joint Capabilities Assessment, and the more vigorous roles he plans for the JROC in articulating military requirements;
Interoperability initiatives within the Defense Information Systems Agency, including the "• Technical Architecture Framework for Information Management, the DoD Data Model, the Defense Information Infrastructure, the Joint Interoperability Test Center and others;
The DEPSECDEF's initiative to establish an Enterprise Integration Board and an "* Enterprise Integration Council to oversee the interoperability and cross-functional management of DoD's Corporate Information Management initiatives;
Information system architecture initiatives that are underway in each of the services (e.g., "* the Army's Digitized Battlefield; the Navy's Joint Maritime Command Information System (JMCIS), and the Air Force's C4I Horizon);
The DoD Acquisition Reform initiative, and the initiative to use commercial hardware "* and software which are already underway; and finally, The USD (A&T) and ASC (C31) MOU to establish a jointly chaired review board process "* to identify the best software practices.
C-3 However, even taking into account these constructive initiatives, the task force feels some major concerns and opportunities remain.
First, we observed that the roles and responsibilities assigned in the oversight of our warfighter information systems are more diffuse than the roles and responsibilities assigned for our functional component information systems, such as logistics, health and finance. Second, the Panel found that there is no single authority or process for establishing, implementing, and enforcing an architectural process for our battlefield information systems. Consequently, system developers are faced with resolving incomplete and conflicting architectural standards in a dynamically changing field of technology and operational requirements. Third, the Panel found instances where the Services and agencies initiate aggressive "bottom-up" activities which address their own information system needs; but there is little evidence that these various architectures and systems play together operationally in top-down joint operations. Fourth, some programs still in development and some just starting do not have the proper C41 interfaces to other systems (jointness & interoperability). Fifth, some C4I issues are falling "between the cracks" of the various functional organizations.
Finally, and perhaps most significant, we found that the mechanisms which produce both our information architectures and our information system acquisition processes suffer from a lack of adequate input from the joint warfighter community. Conversely, the CINCs do not seem to have the technical and analytical capabilities necessary to address their C41 issues in a timely way, while working in conjunction with the design and acquisition communities.
The pacing problem seems to be the lack of a "top down" warfighter driven process to oversee C41 operations, and the reconfiguration, migration, evolution, design, acquisition, test, and maintenance of our battlefield information systems. This process must both recognize the existing statutory and delegated roles and responsibilities within the Department, and be dynamic enough to ensure that U.S. forces are able to achieve and maintain information dominance on the battlefields where they will be called to fight.
Alternative Structural Concepts For Improving Our Warfighter Information 2.2 Infrastructure Aeseses In seeking constructive and viable management structure changes to improve our warfighter information infrastructure and processes, the task force first reviewed the existing authorities and responsibilities of the major DoD entities who oversee our warfighter information systems. We included statutory responsibilities and examined the initiatives the DoD currently has underway to deal with the concerns identified in the previous section.
In examining alternate organizational approaches for improving management of our battlefield information systems, the Panel concluded that, given the span of responsibility, the proposed manager (architect) must report directly to either the SECDEF or DEPSECDEF and be authorized to speak with their authority. Organizational options for this manager/architect which the Panel considered included the following and combinations thereof
Briefly, the Panel's evaluation of these organization options for the battlefield information
architect led to the following observations:
" Assigning the responsibility solely to ASD (C31) with an expanded charter has the benefit of recognizing that the ASD (C3I) currently has responsibilities and functions in many of the needed capacities, especially in the area of battlefield support systems. However, his responsibilities currently do not encompass all warfighting information functions, and stop short of complete oversight of architectures encompassing weapon systems and platforms. He does not have direct control over the acquisition of major warfighter information systems, especially those embedded in weapons systems and platforms. He must gain USD (A&T) support and act through that office to influence the acquisition of battlefield information systems. Finally, there is some concern in the Services and agencies that the ASD (C31)'s authorities in the information systems policy arena represent a potential conflict of interest with expanded responsibilities in the architectural, design, and acquisition arenas.
"* Creating a new ASD or Assistant to SECDEF charged with this oversight would have the advantage of linking closely to SECDEF-level support, and it provides dedicated attention to this important problem, but it has the disadvantage of greatly overlapping both ASD (C31) and USD(A&T) functions.