Back to news

December 19, 2018 | International, C4ISR

DoD IG: Military networks are exposed to ‘unnecessary’ cyber risks

By:

The military services are exposing networks to “unnecessary cybersecurity risks” thanks in part to a lack of visibility over software application inventories, according to a Department of Defense Inspector General report.

The IG investigated whether DoD components rationalized their software applications by identifying and eliminating any duplicative or obsolete applications. Rationalizing software applications seeks to improve enterprise IT by identifying all software applications on the network; determining if existing applications are needed, duplicative or obsolete; and determining if applications already existing within the network prior to purchasing new ones.

The audit — which focused on Marine Corps, Navy and Air Force commands and divisions — found that the groups examined did not consistently perform this rationalization process. By not having visibility into software application inventories, these organizations were unable to identify the extent of existing vulnerabilities within their applications, the report found.

Moreover, such a process could lead to cost savings associated with eliminating duplicative and obsolete applications.

Fleet Forces Command was the only command the IG reviewed that had a process in place for eliminating duplicative or obsolete applications. The Air Force did not have a process in place to prevent duplication when purchasing new applications.

The report placed blame on the DoD chief information officer for not implementing a solution for software rationalization in response to Federal Information Technology Acquisition Reform Act requirements.

The IG made three recommendations for the CIO, who did not provide a response to draft recommendations:

  • Develop an enterprisewide process for conduction software application rationalization throughout DoD;
  • Establish guidance requiring DoD components to conduct rationalization and require DoD component CIOs to develop implementation guidance outlining responsibilities for rationalization. Such a policy should also require components on at least an annual basis to validate the accuracy of their owned and in use software applications inventory; and
  • Conduct periodic review to ensure components are regularly validating the accuracy of their inventory and they are eliminating duplicative and obsolete applications.

https://www.fifthdomain.com/dod/2018/12/18/dod-ig-military-networks-are-exposed-to-unnecessary-cyber-risks

On the same subject

  • Boeing says it will shun fixed-price contracts for drone wingmen

    July 23, 2024 | International, Aerospace, C4ISR

    Boeing says it will shun fixed-price contracts for drone wingmen

    "That is a recipe for failure," Boeing Defense, Space and Security president Ted Colbert told reporters at the Farnborough Air Show.

  • Government watchdog finds more problems with F-35’s spare parts pipeline

    April 26, 2019 | International, Aerospace

    Government watchdog finds more problems with F-35’s spare parts pipeline

    By: Valerie Insinna WASHINGTON — Only about half of the F-35s worldwide were ready to flyduring an eight-month period in 2018, with the wait for spare parts keeping jets on the ground nearly 30 percent of the time, according to a new report by the Government Accountability Office. Over the past several years, the Defense Department has sought to improve mission capable rates by making improvements to the way it and F-35 contractor Lockheed Martin order, stockpile and repair spare parts. However, GAO's findings imply that the situation may have gotten worse. The GAO's report, released April 25, investigated how spare parts shortages impacted F-35 availability and mission capable rates in 2018, with most data gathered between a May and November sustainment contract period. “In 2017, we reported that DOD was experiencing sustainment challenges that were reducing warfighter readiness, including delays of 6 years in standing up repair capabilities for F-35 parts at its depots and significant spare parts shortages that were preventing the F-35 fleet from flying about 20 percent of the time,” GAO said in the report. “According to prime contractor data, from May through November 2018, F-35 aircraft across the fleet were unable to fly 29.7 percent of the time due to spare parts shortages,” it said. “Specifically, the F-35 supply chain does not have enough spare parts available to keep aircraft flying enough of the time necessary to meet warfighter requirements.” That lack of improvement may make it more difficult for the U.S. Air Force, Navy and Marine Corps to hit an 80 percent mission capable rate by the end of fiscal year 2019, as mandated by then-Defense Secretary Jim Mattis last fall. The military services stopped providing mission capable rates for aircraft last year, citing operational sensitivities. However, the data put forth by the GAO indicates that progress stagnated in the lead up to Mattis' order. From May to November 2018, mission capable rates — which measure how many planes possessed by a squadron can perform at least one of its missions — hovered around 50 percent for all versions of the F-35. But when GAO assessed how many planes were fully mission capable — meaning that they were ready to fulfill all of their mission sets — all variants were far from meeting the 60 percent target. Only 2 percent of F-35C carrier takeoff and landing versions hit the fully mission capable mark, with the F-35Bs slightly better at 16 percent and the F-35A at 34 percent. The GAO is skeptical that the services will be able to hit the 80 percent mission capable rate goal this year, and it is even more critical of the Defense Department's plans to fund spares in future years. The department intends to buy “only enough parts to enable about 80 percent of its aircraft to be mission-capable based on the availability of parts.” However, that planning construct will likely only yield a 70 percent mission capable rate at best, the GAO said, because it only accounts for the aircraft on the flight line and not jets that are in the depot for longer term maintenance. No silver bullet for parts shortage issues Like all complicated problems, there is no single solution for the F-35 spare parts shortage, which is driven by a number of factors. GAO indicated that the Defense Department still has “a limited capacity” to repair broken parts, creating a backlog of 4,300 parts still needing to be addressed. Between September and November, it took more than six months to fix parts that should have been repaired in a window of two to three months. The F-35's much-maligned Autonomic Logistics Information System (ALIS) was designed to be able to track parts and automate the process of generating and expediting work orders, however, GAO notes that the system still requires manual workarounds from users in order to accomplish tasks. Supply and maintenance personnel cited challenges such as “missing or corrupted electronic spare parts data,” limited automation and problems caused by ALIS's subsystems not communicating with each other properly, it said. As the F-35 is still a relatively new platform, it has taken time for the program to assess which parts have been failing more often than previously estimated — but that is an area where the Defense Department is making progress, the GAO stated. “DOD has identified specific parts shortages that are causing the greatest aircraft capability degradation, and it is developing short-term and long-term mitigation strategies to increase the quantity and reliability of these parts,” the report said. One such component is a coating used on the F-35's canopy to help it maintain its stealth characteristics, which has been found to peel off at an unexpected rate, creating a heightened demand for canopies. “To address these challenges, the program is looking for additional manufacturing sources for the canopy and is considering design changes,” the GAO stated. But — somewhat paradoxically — the F-35 has been flying for a long enough time that there is significant parts differences between the first jets that rolled off the production line to the most recently manufactured planes. The GAO found “at least 39 different part combinations across the fleet” on top of variations in software. “According to the program office, DOD spent more than $15 billion to purchase F-35 aircraft from the earliest lots of production, specifically lots 2 through 5 ... but it faces challenges in providing enough spare parts for these aircraft,” the report stated. One problem — the cannibalization of F-35 aircraft for parts — is partially user-inflicted. “From May through November 2018, F-35 squadrons cannibalized (that is, took) parts from other aircraft at rates that were more than six times greater than the services' objective,” the GAO stated. “These high rates of cannibalization mask even greater parts shortages, because personnel at F-35 squadrons are pulling parts off of other aircraft that are already unable to fly instead of waiting for new parts to be delivered through the supply chain.” During an interview this February, Lt. Col. Toby Walker, deputy commander of the 33rd Maintenance Group, told Defense News that F-35 maintainers at Eglin Air Force Base, Fla., had stopped pulling parts off a cannibalized F-35 and had seen some improvements to mission capable rates as a result. “We're not continually moving parts from one aircraft to another. We're relying on the program to provide our parts,” he said. “It was a very strategic plan to do that to increase aircraft availability by not sitting an aircraft down.” In a statement, Lockheed Martin said that it had taken key steps to improve parts availability, such as transitioning some suppliers to performance based logistics contracts that incentivize companies to meet certain targets, as well as “master repair agreements” that will allow other suppliers to make longer term investments in their production capability. “These actions are beginning to deliver results and we're forecasting additional improvement. Newer production aircraft are averaging greater than 60 percent mission capable rates, with some operational squadrons consistently at 70 percent,” the company said. “From a cost perspective, Lockheed Martin has reduced its portion of cost per aircraft per year by 15 percent since 2015. Our goal is to further reduce costs to $25,000 cost per flight hour by 2025, which is comparable to legacy aircraft while providing a generational leap in capability.” https://www.defensenews.com/air/2019/04/25/government-watchdog-finds-more-problems-with-f-35s-spare-parts-pipeline

  • Rafale, Neuron, Falcon : la famille Dassault Aviation réunie

    January 21, 2019 | International, Aerospace

    Rafale, Neuron, Falcon : la famille Dassault Aviation réunie

    SYLVAIN ARNULF Le drone Neuron en formation avec un avion de combat Rafale et un avion d'affaires Falcon 8X : voici l'étonnant ballet des trois avions phares de Dassault Aviation, capturé en une image. https://www.usinenouvelle.com/article/vu-du-ciel-rafale-neuron-falcon-la-famille-dassault-aviation-reunie.N790429

All news