WASHINGTON — The Army is maturing technologies aimed at providing soldiers in tactical environments assurance in their networks and information they receive.
Unlike networks in garrison, the tactical network must be dynamic in that it has to be able to be set up and torn down rapidly while also withstanding probes from adversary capabilities, such as cyber exploits and electromagnetic jamming.
As such, the Army is developing tools to ensure the information soldiers receive is trustworthy and suggests the right courses of action to defend the network.
The Army is testing the tools at its Network Modernization Experiment at Joint Base McGuire-Dix-Lakehurst in New Jersey that started in May and runs until July 30. NetModX is primarily for the test and science community to get their systems into an operational environment and tweak their technologies on the fly when probed by a real-world threat emulation cell, before giving it to soldiers to test. It provides a risk-reduction opportunity before technologies are transferred for soldier input and use.
“With the expectation of military networks to operate in a heavily contested environment, whether it’s denied, interrupted … the adversary continues to infiltrate and attack our friendly networks and IT systems. Therefore, human cyber defenders will need assistance to proactively defend the network at machine speed,” Joseph Chen, computer engineer at the Army C5ISR Center, told reporters. “NetModX promotes field-based risk-reduction experiments in support of the research community.”
One technology is called information trust, which seeks to provide soldiers with assurance that the information they’re receiving, such as a call for fires, GPS location or messages, are trustworthy and free from adversary tampering.
The event tested three aspects, including an authentication service focused on insider threats and modeled after the zero trust architecture, a component focused on data provenance and a aspect using machine learning to detect anomalies to ensure data integrity.
Another technology tested is called autonomous cyber, which detects cyber anomalies on the tactical network and provides potential actions to cyber operators.
While NetModX included both technologies last year, officials said the tools matured this year and introduced enhanced capabilities.
The information trust tool was just getting off the ground last year and was still in the process of awarding a vendor.
Autonomous cyber this year moved beyond just detecting and blocking a malicious cyber event to providing courses of actions to tactical cyber operators.
“The mitigation this year is totally different than last year. Last year was blocking a bad actor or something like that. This year, it’s more of a course of action, and it’s not just one course of action, it’s multiple courses of action, and the cyber defender will have the choice which way they want to go,” Sanae Benchaaboun, computer engineer at the C5ISR Center and lead for autonomous cyber at NetModX 2021, told reporters. “It’s up to the defender or the operator to choose if they want to run it automatically or just take some actions and recommendations and go from there and execute them.”
Officials said the idea is to promote greater human-machine teaming in which the machine suggests options for the soldiers who can let the machine block intrusions or take action themselves.
The next step for these technologies is to transfer them to events such as Cyber Quest, which kicks off later this summer, and future iterations of the Army’s Project Convergence where soldiers will have an opportunity to test them and suggest improvements.
The Army is also using NetModX to conduct risk reduction for operational threads on Project Convergence 2021 and emerging technologies for Project Convergence 2022.
Eventually the plan is for these technologies to become applications in the Command Post Computing Environment, a web-enabled system that will consolidate current mission systems and programs into a single-user interface.
Officials said the Army is likely aiming to fold these technologies into Capability Set ’27 or possibly Capability Set ’25, the Army’s approach to modernize its tactical network with incremental deliveries of technology improvements every two years.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.