Back to news

November 26, 2024 | International, C4ISR, Security

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

CISA flags Array Networks flaw CVE-2023-28461 for active exploitation; agencies urged to patch by December 16.

https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html

On the same subject

  • How One Component Improved U.S. Navy F/A-18 Fleet Readiness

    July 28, 2020 | International, Aerospace, Naval

    How One Component Improved U.S. Navy F/A-18 Fleet Readiness

    The U.S. Navy's F/A-18 and EA-18G fleets have experienced a dramatic turnaround. In 2017, less than half of the Navy's Boeing F/A-18 Super Hornets were able to fly. Now, 80% of its carrier-based fighters are ready for missions. The solution involved fixing a single component within the General Electric F414 engine. The Navy faulted constrained spending following the 2008 financial crisis and increased demand from the wars in the Middle East as reasons for the fleet's lack of readiness. More specifically, those conditions exacerbated an issue embedded in the military's vast supply chain. For 20 years, the Super Hornets and EA-18G Growlers have continually had electronic systems and new sensors added that placed greater and greater demand for power from its General Electric engine. That demand taxed a key component of the F414's electrical power generation system—its generator control unit (GCU), which keeps the generator output within a specified range. Initial attempts to address the GCU's issues through “component-level reliability improvements were not sustainable,” Navy spokeswoman Gulianna Dunn tells Aviation Week. Eventually, the GCU, already in short supply, failed to keep pace, causing a cascading effect on the availability of the carrier-based fighters. In the words of a Navy program official, the GCU was the “top platform degrader for all naval aviation.” When sequestration-era spending limits were imposed on the Pentagon in 2013, the entire military faced across-the-board funding cuts, including the operations and maintenance accounts. The Navy had to make tough choices about what bills it would pay and what to defer. At the same time, flight hours for the Super Hornet and Growler in the Middle East increased to meet the high operational tempos of Operation Enduring Freedom and Operation Inherent Resolve. As the Navy reduced aviation sustainment budgets, the program office did not have sufficient funding to purchase spare parts. From fiscal years 2013-16, the program office requested between $193.6-311.5 million and received between $85.2-136.3 million, according to a 2019 Defense Department Inspector General report. To compensate, Navy officials cannibalized aircraft to obtain the required spare parts. Maintainers removed working parts from an aircraft and installed them on a second jet to make that aircraft operational. A backlog of spare parts exacerbated fleet readiness and availability rates—an issue that affected the GCU acutely. New mission payloads created new types of electrical load, straining the aircraft's electronics, and wearing out the GCU at a faster rate. The second-generation (G2) and G3 GCU models that equipped the fleet could handle only about 150 flight hours. To increase reliability General Electric Aviation Systems, in consultation with the Navy, began working to redesign the GCU. A G3-to-G4 conversion kit could reach up to 532 flight hours. A G4 GCU was even better—sustaining 1,220 flight hours. Naval Air Systems Command (Navair) flight-tested the G4 in August 2015, and GE started production in mid-2016, Joe Krisciunas, general manager and president of GE Aviation Electrical Power Systems, tells Aviation Week. But the part was still only being manufactured at a minimal rate. The matter came to a head in October 2018, when then-Defense Secretary Jim Mattis set an 80% mission-capable readiness goal. At the time, only 260 F/A-18 and EA-18G aircraft were capable of flying missions—approximately 60%, far short of the mandate. In response, the Navy convened a Reliability Control Board (RCB) in 2019 to improve the F/A-18 and EA-18G mission-capable rate. The board pinpointed the main problem—insufficient production of the F414's GCU. The Navy had 200 of the units on back order. Navair worked with GE to ramp up GCU production, according to Lt. Cmdr. Jason Shaw, power and propulsion lead at the F/A-18 and EA-18G program office. The RCB determined GE was producing roughly six GCUs per month that would funnel into the program office, Boeing or Naval Supply Systems Command (Navsup). The program and Boeing had predictable delivery schedules, but Navsup would only receive GCUs that were produced beyond what the other two contracts required. “It created a hole on the supply shelf,” Shaw says. “When a jet would lose a GCU, there was no other one to replace it from supply.” The team brainstormed and decided GE would increase production to about 21 GCUs each month, while Navair would defer a contract for 320 GCU conversion kits to 2021. Pushing the contract would leave room for Navsup to acquire a more predictable delivery schedule. The company doubled its GCU production rate from 2018 to 2019, and almost doubled it again in 2020 to reach the 21 units per month rate, Krisciunas says. These courses of action resulted in zero GCU back orders by mid-June 2020. Additionally, the team is working with GE to resolve production issues related to GCU testing capacity. The plan is to purchase new, larger test stands and upgrade software on existing test equipment. This would allow the company to conduct more tests and further increase production. The test stand is a large electric motor that simulates the engine spinning the gearbox, and it has a pad that duplicates the GCU interface. A test stand costs approximately $1.5-2 million and typically takes 15-18 months to get up and running, Krisciunas says. Still, more improvements are being made: The program office is now assessing wiring issues that may have also contributed to low GCU reliability. The service awarded a $17 million contract to purchase additional software and cables for Automated Wiring Test Sets, which will allow aircraft mechanics to identify system faults. “The U.S. Navy is the only [Pentagon] military branch to have met and sustained the 80% readiness call that Mattis put out, and that is largely associated with resolving the issues with GCUs,” Shaw says. https://aviationweek.com/defense-space/aircraft-propulsion/how-one-component-improved-us-navy-fa-18-fleet-readiness

  • Pakistan hires Leonardo, Paramount Group for aircraft conversion program

    July 9, 2021 | International, Aerospace

    Pakistan hires Leonardo, Paramount Group for aircraft conversion program

    Follow-on contracts are expected to bring Pakistan's total number of Sea Sultan aircraft to 10, replacing the country’s long-serving P-3C Orion fleet.

  • Pentagon re-awards multibillion-dollar office tools contract to CSRA

    November 2, 2020 | International, C4ISR

    Pentagon re-awards multibillion-dollar office tools contract to CSRA

    Andrew Eversden WASHINGTON ― The Pentagon re-awarded its Defense Enterprise Office Solutions contract to CSRA on Friday, nearly 14 months after it awarded it to the General Dynamics Information Technology subsidiary last year. The award to CSRA was delayed several times after the General Services Administration twice took corrective action after protests by Perspecta, the other contractor in the competition. According to the announcement from the General Services Administration and Department of Defense, the blanket purchasing agreement is estimated to be worth $4.4 billion over a decade, with a five-year base. The contract was estimated to be worth $7.6 billion when the award was made last year. The DEOS contract will provide the DoD with productivity tools such as word processing and spreadsheets, email, collaboration, file sharing, and storage across the enterprise. “DEOS is a key part of the Department's Digital Modernization Strategy and its fit-for-purpose cloud offering will streamline our use of cloud email and collaborative tools while enhancing cybersecurity and information sharing based on standardized needs and market offerings,” DoD Chief Information Officer Dana Deasy said in a statement. “The last six months have put enormous pressure on the Department to move faster with cloud adoption. All across the Department there are demand signals for enterprise wide collaboration and ubiquitous access to information.” The DEOS environment is intended to meet DoD Impact Level 5 and Impact Level 6 cloud security standards that allow access to unclassified and classified work, respectively. "“We were determined that the Department could achieve faster department-wide adoption of cloud collaboration capabilities by moving forward in a federated manner to the DoD 365 (IL 5) cloud environment while ensuring the individual components efforts work together to create an enterprise capability,” Deasy added. “This approach required the government team to assume a greater responsibility up front to shape the enterprise standards. With the award of DEOS, the Department will be able to transfer a significant part of the ongoing technical and management load to the integrator and free up strained resources to execute other priority missions.” The DEOS contract award was marred by several errors, detailed by NextGov, including issues with the statement of work, requirements and a subsequent incident in which proprietary information about Perspecta's bid was shared with GDIT. CSRA is partnered with Dell Marketing and Minburn Technology Group for the DEOS contract. DoD components have waited a long time for delivery of the DEOS solution. When the original award was made last year, the Marine Corps deputy director of command, control, communications and computers, Kenneth Bible, said the service was looking forward to the “promise and substantial benefits” of DEOS capabilities in “disconnected, degraded, intermittent and low bandwidth [DDIL] environments that are anticipated in 21st century conflicts.” The DEOS re-award comes nearly two months after the department confirmed its other long-delayed enterprise cloud, the Joint Enterprise Defense Infrastructure, to its original winner, Microsoft. That contract has a $10 billion ceiling. https://www.c4isrnet.com/it-networks/2020/10/30/pentagon-re-awards-multibillion-dollar-office-tools-contract-to-csra/

All news