Back to news

September 26, 2018 | International, Naval, C4ISR

On the new battlefield, the Navy has to get software updates to the fleet within days, acquisition boss says

By:

The Navy has to get software updates and patches to the fleet within days if it's going to win in the future, the Department of the Navy's acquisition boss said Sept. 25 at Modern Day Marine.

James Geurts, assistant secretary of the Navy for research, acquisition and development, said the fleet has been working on the rapid development of software to get needed upgrades to the ships ahead of pier-side availabilities, a pace he said was too slow for the modern battlefield.

“We recently did one of our proof-of-principles to say: ‘How do you take ... software, get it system certified, get it cyber certified then get it out over the airwaves, uploaded on to a ship and into the combat system in 24 hours,” Geurts said.

“My view is unless we get to the point where I can identify a software requirement, whether it's an [artificial intelligence] algorithm or something, find the solution, get it checked out on the network, give it whatever cyber-proofing it needs and get it into the fight in less than a week, we are not going to be successful in the long run.”

The Navy has increasingly found that its current systems are capable of adjusting to new threats through software upgrades rather than buying new systems and installing them, a time-consuming and cripplingly expensive process that has been the norm in years past.

Geurts said the Navy had to have a software architecture that was amenable to rapid upgrades so that developers would not need to re-test the underlying architecture each time a patch or fix is uploaded.

Furthermore, the service also has to develop cyber security standards that don't just weigh whether or not something can be compromised but begin to think of it more in terms of risks associated.

“The answer isn't yes or no, it's ‘Commander here is your risk.' And then weigh the risk of doing that [upgrade] versus a potential cyber impact so that commanders can make reasonable command decisions. Because there is always a risk to not doing something. We often talk about the risk of doing something, we don't often talk about the risk of not doing it.”

Geurts told a gaggle with reporters after the talk that he was not talking about uploading whole new programs that sailors might be unfamiliar with but more iterative upgrades.

"Don't take that to an extreme to where we will load on something that nobody has ever seen before, but it could be that there is a particular issue or new need, and you can envision us testing and training that shore-side, making sure it's right – we don't want to wait for the ship to come home we could potentially blast that out [to the fleet.]"

The Navy is also working more with having digital doppelgangers of its combat system on board its ships so that new technologies can be tested by the crew and commanders before its uploaded into the main combat system, a hedge against reaping unintended consequences by uploading a feature or patch without knowing exactly how it will fit into the ship's systems.

"The other thing we are doing a lot with is digital twins, where [the ship] might have the combat system that it's fighting with as well as a digital twin,” Geurts explained. “So you might be able to upload that new feature in the digital twin so you could have both, then it's up to the commander whether it's something you adopt or not.”

https://www.c4isrnet.com/digital-show-dailies/modern-day-marine/2018/09/25/on-the-new-battlefield-the-navy-has-to-get-software-updates-to-the-fleet-within-days-acquisition-boss-says

On the same subject

  • Italy’s Leonardo to list DRS subsidiary on New York Stock Exchange

    March 3, 2021 | International, C4ISR, Security

    Italy’s Leonardo to list DRS subsidiary on New York Stock Exchange

    Italian state-controlled defense company Leonardo has confirmed plans to list U.S. subsidiary DRS on the New York Stock Exchange.

  • Leonardo CEO is bullish on Europe's defense market

    April 14, 2022 | International, Aerospace

    Leonardo CEO is bullish on Europe's defense market

    '€œIt's a process, it won't happen immediately, but there is a deep willingness by political and defense players for big opportunities of this kind in Europe,'€ Alessandro Profumo told reporters in Rome.

  • Four big questions for cybersecurity in 2019

    January 2, 2019 | International, C4ISR

    Four big questions for cybersecurity in 2019

    By: Justin Lynch How will cybersecurity experts remember 2018? In the past year, the Trump administration announced it would take more offensive hacking operations against foreign countries, the Department of Justice announcedsweeping indictments against Chinese hackers and the U.S. intelligence community reported that foreign countries continued to interfere in American elections. So what comes next? Here are four overarching questions for the cybersecurity community in 2019: What will the new Pentagon chief do with expanded cyber powers? In August, the president gave the secretary of Defense the ability to conduct cyberattacks against foreign countries so long as they do not interfere with the national interest of the United States, according to four current and former White House and intelligence officials. But the resignation of Jim Mattis, the Defense secretary, means the next Pentagon chief will have a broad arsenal of cyber authorities. For the cyber community, Patrick Shanahan, the current acting secretary, is a relative unknown. He has not given significant insight into how he views the role of offensive cyberattacks for the Pentagon, and his scheduled Jan. 1 elevation comes as some in the Trump administration and U.S. Cyber Command have pushed for even more authorities. However, he has spoken at length about the need for the defense industry to bolster its own cyber practices. Although the appointment of Shanahan as acting Pentagon chief is temporary, he is on the short list of officials who may take on the job full time. The new Pentagon chief may also have to decide when the National Security Agency and U.S. Cyber Command should split. Both bodies are led by Gen. Paul Nakasone, but that may change. Cyber Command is in the process of gaining its own infrastructure to conduct offensive cyberattacks, and a Pentagon official told Fifth Domain in November that it appeared the split was all but certain to happen in the coming years, although no formal decision as been made. What comes next in the U.S.-China cyber relationship? The Department of Justice released a flurry of indictments against Chinese hackers in 2018, accusing Beijing's cyber sleuths of infiltrating American government agencies and defense contractors. The most recent round of allegations came Dec. 18, and the legal action could continue in 2019. While announcing the most recent indictments, Deputy Attorney General Rod Rosenstein accused China of breaking an agreement not to use hacked materials for commercial use, although he did not offer evidence. The hacking allegations come amid a broader trade war between the United States and China. Experts have told Fifth Domain a trade war could increase digital tension between the two nations. If the trade war continues, experts say they see little incentive for China to limit its cyberattacks. Will America suffer blowback for more offensive cyber operations? When the Trump administration announced the United States would take more offensive actions in cyberspace, some in the federal cybersecurity community criticized the plan as faulty. “The side effects of the strategy of ‘persistent engagement' and ‘defend forward' are still ill-understood,” Max Smeets and Herb Lin, experts at Stanford University wrote for Lawfare. “A United States that is more powerful in cyberspace does not necessarily mean one that is more stable or secure.” Experts also warn of making any rush judgments about the effectiveness of these offensive cyberattacks. Current and former intelligence officials worry that uncovering and attributing a hack can take more than a year, and, even then, that process is not perfect. One former official pointed to the leaked documents about Russian targeting of American election infrastructure in 2016 that was sent to the news organization the Intercept. It took months for the intelligence community to understand the full extent of the hack, the official said, an example of how long it takes to detect a cyberattack. However, all of that means it is reasonable to expect that the merits of the new offensive cyber operations may not be known publicly for years. Will Congress take action to streamline cybersecurity contracting and research? Yes, changing the way government does business is ambitious. But experts argue that if the United States wants to keep up with digital innovations from China and other countries it is necessary to change the American government's relationship with the private sector and academia. The effort to streamline cybersecurity funding and research will fall to the new Congress, in which Democrats will take over the House of Representatives. But when it comes to the U.S. government's relationship with the cyber industry, structural barriers to innovation remain. On average, it takes roughly seven years for an idea to get a contract inside the U.S. government. In that length of time, a product is already two generations old. Former Pentagon officials have used the digital fight against the Islamic State as an example of how long the process takes. It took roughly two years for Cyber Command to receive the proper equipment and training after the order to digitally defeat the Islamic State, officials told Fifth Domain. In addition, the cybersecurity industry is watching a series of bills in Congress. Sen. Mark Warner, D-Va., has pushed for a streamlined security clearance process, and industry officials told Fifth Domain they expect him to continue the effort in the new year. The bill could make it easier and cheaper to get a security clearance. And many in the federal cybersecurity community have called for a change in academia's relationship with cybersecurity. The universities and research institutions in the United States focusing on quantum computing are “subpar,” George Barnes, deputy director at the NSA said in June. Experts say that quantum computers will make traditional cybersecurity methods obsolete because of the expansive computing power. However, new investments in artificial intelligence and a new Solarium Commission, which was created to help contextualize cyber in the broader national and economic security discussion, may provide solutions to these problems. https://www.fifthdomain.com/industry/2018/12/31/four-big-questions-for-cybersecurity-in-2019

All news