network centric warfare (c2era & cii) - the open group · network centric warfare (c2era &...
TRANSCRIPT
Network Centric Warfare(C2ERA & CII)
Barry D. SmithThe MITRE Corporation
January 2003
DIIDII--AFAF
Thanks to George Huff, Jason Mathews, Kevin Miller, Tom Powis, Maj. Jim Raulerson, Shaan Razvi, Tom Reale, Jay Scarano, Ron Schaefer
2
DIIDII--AF AF Outline
lNetwork Centric Warfare (NCW)
lC2 Enterprise Reference Architecture (C2ERA)
lCommon Integrated Infrastructure (CII)
lThe Enterprise Network Time Service
3
DIIDII--AF AF Net-Centric WarfarelSeamless interoperability
– The network is onlythe beginning!
lPermits sharing of– Information– Situational awareness– Commander’s intent
lLeading to– Speed of command– Self-synchronization– Enemy lock-out
lProducing increased combat power
Network-Centric Warfare
TheTheEmergingEmerging
TheoryTheoryofof
WarWar
Assume NCW is going to happen.What reasonable predictions can we make?
4
DIIDII--AF AF lSeamless network connectivity
lVery many network participants
lBandwidth limits at the user end
l Information assurance still crucial
lAdvantage comes from best use of IT
lFlexibility essential for quick co-evolution
Six 15-Year Predictions
1
2
3
4
5
6
5
DIIDII--AF AF
The Fortune Teller: Six 15-Year Predictions
Space
Air
Terrestrial
l Seamless network connectivity
1
l Expect the Global Communication Grid will succeed
l Everything will have a network address
l Data will be able to get to/from anyplace
l Complexity will be hidden behind a network service interface
6
DIIDII--AF AF
The Fortune Teller: Six 15-Year Predictions
l Seamless network connectivity
l Many network participants
Expeditionary Sensor Grid>10K distributed, networked
sensors
l VERY many participants
l Order of 106 not unreasonable
1
2
7
DIIDII--AF AF
The Fortune Teller: Six 15-Year Predictions
JV2010/2020
l Seamless network connectivity
l Many network participants
l Bandwidth limits at the user end
l We will be able to get some data to any participant
l But not always as much data as we might like
l Need to be smart about how we disseminate data
3
1
2
8
DIIDII--AF AF
The Fortune Teller: Six 15-Year Predictions
l Seamless network connectivity
l Many network participants
l Bandwidth limits at the user end
l Information assurance more crucial than ever
1
2
3
4
l If we build integrated C2 for NCW, our adversary will certainly try to attack it
l If we cannot make it sturdy, we should not build it at all
9
DIIDII--AF AF
The Fortune Teller: Six 15-Year Predictions
l Seamless network connectivity
l Many network participants
l Bandwidth limits at the user end
l Information assurance more crucial than ever
l Advantage comesfrom best use of IT
1
2
3
4
5
People Process
Tech-nology
SmartCheap
l IT will become cheap and available to everyone, including our adversaries
l Competitive advantage will come from making the best use of the IT that everyone will have
10
DIIDII--AF AF
The Fortune Teller: Six 15-Year Predictions
l Seamless network connectivity
l Many network participants
l Bandwidth limits at the user end
l Information assurance more crucial than ever
l Advantage comesfrom best use of IT
l Flexibility essential for quick co-evolution
1
2
3
4
5
6
requirements
capabilities
feedback
Architecture
l Change is the constant
l Learn the best ways to employ IT through an iterative process
l Make that iterative process go quickly to maximize our advantage
l Co-evolution of technology, doctrine, and organization
11
DIIDII--AF AF Risks to Achieving NCW
l Costs and complexity will grow exponentially
l N2 independent interfaces
l Tech insertion and flexibility will be inhibited by monolithic infrastructure
l Myriad security vulnerabilities will be created by differing participants’ implementations
We need to approach NCW from a different perspective…
12
DIIDII--AF AF
C2 EnterpriseReferenceArchitecture(C2ERA)
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
DoD Enterprise
CoalitionEnterprise
InfoAssuranceServices
Info MgmtServices
Info Transport Services
EnterpriseInformation
Services
CoalitionEnterpriseOther US
Enterprises Guard
Guard
Land Based
Mission Apps
Maritime
Mission Apps
Air Based
Mission AppsCmd/Intel Ctrs
Mission Apps
Mobile
Mission Apps
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
DoD Enterprise
CoalitionEnterprise
InfoAssuranceServices
Info MgmtServices
Info Transport Services
EnterpriseInformation
Services
InfoAssuranceServices
Info MgmtServices
Info Transport Services
EnterpriseInformation
Services
CoalitionEnterpriseOther US
Enterprises GuardGuard
GuardGuard
Land Based
Mission Apps
Land Based
Mission Apps
Maritime
Mission Apps
Air Based
Mission Apps
Air Based
Mission AppsCmd/Intel Ctrs
Mission Apps
Cmd/Intel Ctrs
Mission Apps
Mobile
Mission Apps
Mobile
Mission Apps
How Do We Address These Predictions?
l Seamless network connectivity
l Very many network participants
l Bandwidth limits at the user end
l Information assurance still crucial
l Advantage comesfrom best use of IT
l Flexibility essential for quick co-evolution
1
2
3
4
5
6
13
DIIDII--AF AF The Past Compromise
l We organized the world into program offices that built separate C2 systems
l A program built a system for its usersF
UNCTION
INFRASTRUCTURE
– All the infrastructure they needed
network
DBMS
directory
– All the mission functionality they wanted
14
DIIDII--AF AF The Past Compromise
l We organized the world into program offices that built separate C2 systems
l A program built a system for its users– All the mission
functionality they wanted– All the infrastructure they
needed– Delivered as a single
amalgamation
l Other programs built other systems for other users...
Hundreds of C2 systems...
15
DIIDII--AF AF The C2 Enterprise Integration Problem
It’s difficult for these peopleto work together
Because it’s hard to make the systems they useinteract with each other
l Hard to connect separate C2 systems
l Hard to make systems exchange C2 information
l Hard to administer groups of C2 systems
l Hard to manage change in C2 systems and functions
16
DIIDII--AF AF The C2 ERA Solution
lChange how we organize C2 enterprise acquisition– Manage programs and systems as components
of C2 Nodes
lChange how we build the individual C2 applications – Don’t build separate infrastructure for each
system– Deliver applications that share a C2 Node
Platform and a Common Integrated Infrastructure
Two transformations… both built around the same C2 Node concept
17
DIIDII--AF AF Organize Enterprise into Nodes
Begin with users who must cooperate closely
C2 Node Managerensures that those applications are seamlessly integrated
Program offices build the applications thatthose users need
18
DIIDII--AF AF
Deliver C2 Nodes as Cohesive Weapon Systems
C2 Node(Weapon System)
Begin with users who must cooperate closely
Program offices build the applications thatthose users need
C2 Node Managerensures that those applications are seamlessly integratedAnd delivers integratedapplications as a cohesive C2 weapon system
C2 Node(Weapon System)
19
DIIDII--AF AF
Operational/Domain
No
de 1
No
de 2
No
de 3
No
de k
Capability 1
Capability 2
Capability 3
Capability n
...
Focused
Systems/Business Focused
ip ip
ip
ip
ip ip
ip ip ip
ipip
. ..
C2ERA Integration Problem10s of Operational Capabilities (n)10s of Nodes (k)100s (n*k) of Integration Points
ip
C2 Node Impact on Enterprise Integration
System
1
System
m
Capability 1Capability 2Capability 3
Capability n
...
Operational/Domain Focused
Systems/Technology Focused
ip
ip
ip
ip
ip
ip ip
ip
. ..
10s of Operational Capabilities (n) 1000s of Systems (m)10,000s (n*m) of Integration Points
Today’s Integration Problem
20
DIIDII--AF AF Enterprise Architecture Diagram
NodePlatform
NodePlatform
APP
APP
APP
APP
APP
APP
C2 Node C2 Node
Common Integrated Infrastructure
l Three technical components– Mission Applications– C2 Node Platform (local
infrastructure)–– Common Integrated Common Integrated
Infrastructure (CII)Infrastructure (CII)l Two management elements
– Independent acquisition management for each technical component
– Enterprise integration guidelines between the technical components
l Enterprise-imposed guidelines may exist for each technical component for consistent behavior
21
DIIDII--AF AF Result of Adopting the C2 Node Concept
l Gather together (within each C2 Node) applications, which formerly were separate and independent
l Separate each application from its infrastructure… things which formerly were combined together
l Improved cohesion between things that should work together
l Reduced coupling between things that should change independently
l Better functionality and flexibility
A technical approach to
achieving NCW
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
Service Enterprise
DoD Enterprise
CoalitionEnterprise
InfoAssuranceServices
Info MgmtServices
Info Transport Services
EnterpriseInformation
Services
CoalitionEnterpriseOther US
Enterprises Guard
Guard
Land Based
Mission Apps
Maritime
Mission Apps
Air Based
Mission AppsCmd/Intel Ctrs
Mission Apps
Mobile
Mission Apps
Service Enterprise
Service Enterprise
Service Enterprise
Service EnterpriseService
Enterprise
Service EnterpriseService
Enterprise
Service EnterpriseService
Enterprise
Service EnterpriseService
Enterprise
Service EnterpriseService
Enterprise
Service EnterpriseService
Enterprise
DoD Enterprise
CoalitionEnterprise
InfoAssuranceServices
Info MgmtServices
Info Transport Services
EnterpriseInformation
Services
InfoAssuranceServices
Info MgmtServices
Info Transport Services
EnterpriseInformation
Services
CoalitionEnterpriseOther US
Enterprises GuardGuard
GuardGuard
Land Based
Mission Apps
Land Based
Mission Apps
Maritime
Mission Apps
Air Based
Mission Apps
Air Based
Mission AppsCmd/Intel Ctrs
Mission Apps
Cmd/Intel Ctrs
Mission Apps
Mobile
Mission Apps
Mobile
Mission Apps
22
DIIDII--AF AF An Approach for Building Infrastructure
l Split the infrastructure into two parts
l One part is different for each node– The C2 Node Platform
is chosen by eachNode Manager
l One part is the same for the entire C2 Enterprise– The Common Integrated
Infrastructure is managed “like a node”
l The C2 Enterprise Reference Architecture describes the services in each part
NodePlatform
NodePlatform
APP
APP
APP
APP
APP
APP
C2 Node C2 Node
Common Integrated Infrastructure
23
DIIDII--AF AF
Some Near-Term Infrastructure Technologies
NodePlatform
CII
Application server
l Component frameworks –a way to build apps
l Global Communication Grid – seamless, enterprise network
Network
XML
l XML Web Services – how C2 Nodes interact
l Enterprise directory of people, services, etc.
Directory
l Enterprise info assurance services
Security
APP
APP
APP
APP
APP
APP
C2 Node
NetworkTime
C2 Node
l Info Assurance constraints across the architecture
Info Assurance
24
DIIDII--AF AF
Common Integrated Infrastructure (CII) Definition
l Operational Sense: Single, Joint/Coalition, secure, and seamless set of infrastructure capabilities for all warfighting, national security, and support users
l Technical Sense:Common/shared Enterprise Services, implemented in hardware and/or software, that allow multiple applications to simultaneously process, store, and transfer information in secure manner
25
DIIDII--AF AF CII Service Definition
l Common utility (“service”) essential for enabling operational capability across Enterprise
– Enterprise user can rely upon Service being available
– Node and mission application developers do not build
– Users and node platform administrators may help to operate/maintain/supply content
l Enterprise control– Implies CII responsibility and management
l Enterprise scale
l Enterprise content, consistency, or connect
l Single service specification– Goal: least common denominator interface available to all
users
26
DIIDII--AF AF
An Initial Set of CII Services Has Been Defined:l Network Time
l Domain Name Service
l Communications Transport
l Privilege Management Infrastructure
l Authentication
l Key Management Infrastructure
l Directory Services
l Information/Service Broker
l Messaging Services
l Connecting Links to Network
l Voice and Voice over IP
l Enterprise Security/System/Network Management Services
27
DIIDII--AF AF
Enterprise Service Attributes(Not just COTS)l Usable by Programs
– APIs, behaviors– SDKs, development tools
l Available Across Enterprise– Fixed base & deployed– CONUS & OCONUS– C4ISP, CTO, CON, etc.
l Single service specification– Least common
denominator interface
l Quality of Service (QoS)– Response times– “ilities”lReliabilitylSecuritylAvailability
l Managed (24x365) – Subscriber model– Service level agreements– On-going O&M commitment– Help Desk, user support and
admin– Developer support– Cost, resource, licensing model
l Multiple Service/Business models– Commercial business models– Outsourcing specific Services– Partnerships with industry,
Command/Service/Agency, or non-DoD government
– Extend network management approach (e.g., AFNOC, NOSC…)
28
DIIDII--AF AF
The Enterprise Network Time Service Introduction to NTP
l Network Time Protocol (NTP) synchronizes clocks of hosts and routers in the Internet
l Well over 100,000 NTP peers deployed in the Internet and its tributaries all over the world
l Provides nominal accuracies of low tens of milliseconds on WANs, submilliseconds on LANs, and submicroseconds using a precision time source such as a cesium oscillator or GPS receiver
l Unix NTP daemon ported to almost every workstation and server platform available today - from PCs to Crays - Unix, Windows, VMS and embedded systems
l The NTP architecture, protocol and algorithms have been evolved over the last twenty years to the latest NTP Version 4
l Simple Network Time Protocol (SNTP) uses the same format as NTP but doesn’t provide security or filtering.
29
DIIDII--AF AF
The Enterprise Network Time Service Shortcomings of NTP
l Requires extensive network connectivity– Unconnected nodes must have accurate clocks onboard
l Requires IP-based network– Airborne assets use Tactical Data Links such as Link16
which are not IP-based– A Link16-IP interface is being developed
l Limitations on accuracy/precision– Some communities require accuracies of 1nslUSNO can provide this using dedicated 2-way SATCOM
(not IP-based)
l Organizations must participate across the enterprise– NTP is hierarchically-based
l NTP has some security but it must be extended– Bad timing information can cause a ripple effect across
the enterprise as critical information is distributedlTime propagation doesn’t follow the same paths as
information interoperability
30
DIIDII--AF AF
US Air Force Network Time Service VisionUSNO
AFSPC ACC AMC
MWC
DeployedAOC(s)
AWC
WOC(s)
Andrews AFB Scott AFB
McGuire AFBTravis AFB
Hickam AFB
Osan
Elmendorf AFB
PACAF
Link16
ACCBases
Other AMCBases
Other PACAFBases
SATCOM NTP
CMOC PAFB
NOC SPOCSCC
N-SP/CCSBMC
CIWCAB
SC
USAFE
High BandwidthSATCOM
NCA
NBMC
DeployedAOC(s)
WOC(s)
AFMC
GPS
Airborne
Other ServicesAnd Coalition
NTPStratum 3+
NTPStratum 1
NTPStratum 2
AFSOC
NTP requiresLink16-IP I/F
WPAFB
Other AFMCBases
NIST
RF
31
DIIDII--AF AF Conclusion
l The US Air Force is moving out on enterprise architecture
l C2ERA has been mandated across ESC
l C2ERA defines a 3-tiered architecture that divides the enterprise into nodes that reside on a common infrastructure
l The common integrated infrastructure (CII) has undergone initial definition and a list of potential services has been drafted
l One of these enterprise services, Network Time, is reasonably well defined at this time