Red Sky at Morning, Sailor Take Warning
The Navy pioneered global communications, developed the Global Positioning System that led to revolutions in precision targeting and commercial transportation, and advanced software engineering that fundamentally changed ballistics and the industrial software industry. But today, in terms of networking and IT, the service is lagging in state-of-the-art operational capacity. At one time the Navy led the development of IT, but today it is just a unit steaming in formation under the guide of a global industry driven largely by consumer demands. As dawn breaks on the new cyberspace domain, we are at a “red sky” moment.
We face 25 percent across-the-board reductions in IT spending and continued delays in IT modernization. As we strive to produce one enterprise—a global network—our Fleet’s operators and acquisition community are relearning the lesson that simply procuring commercial technology does not lead to interoperability. Without establishing a well-developed, enforceable framework to guide technology insertion, we are not adequately addressing the complexity of these networks and the burden placed on sailors to operate and maintain them. Somewhere along the line in working IT from an enterprise viewpoint, we have forgotten what the Navy’s raison d’être is. The Fleet is the real Navy enterprise. It is our main thing. Without an operationally effective Fleet, there is no need for a Navy.
Our networking and IT capabilities are just as core to an operationally effective Fleet as are new aircraft platforms, future nuclear-powered aircraft carriers, or new surface combatants and submarines. None of these traditional platforms is effective without secure and resilient software, networking, and IT.
In recent years we have seen that the network has taken on a more visible role in strike operations, ballistic-missile defense, command and control, and ship machinery and propulsion plant control. We have proliferated embedded systems into these shipboard functions, which are integral to the basic operations of our vessels, without fully understanding the impact on manpower or holistically assessing the effects on shipboard reliability. This approach increases our cyber vulnerability and operational risk due to ungraceful systems failure, which brings unpredictable behavior such as loss of steering control in a restricted maneuvering situation, failure to communicate when trying to execute tactical orders, or loss of situational awareness when defending the ship from attack. If technologies do not behave in a graceful, predictable manner when they fail, we face greater risks of loss of life or combat power.
So what are we to do? The answer is simple but difficult to accept. It is a matter of priorities. Storm clouds are building dead ahead, but we still have time to tack on to a more favorable course. A good navigational track will allow us to weather these challenging times.
Prioritize the Fleet
In the cyber and net-centric domain, the Fleet must take precedence over Navy support communities and be resourced as the top tier of the service’s enterprise when it comes to network capabilities. As their primary platform for planning and command-and-control functions, Fleet units are using decade-old commercial operating systems that are no longer commercially supported and five times more vulnerable than current versions. Expensive smartphones are deployed widely across the Navy–Marine Corps Intranet and One-Net, yet shipboard computer systems are expected to operate eight years or more before being upgraded.
Fleet units rely on network-based machinery and shipboard control systems that are overly complex, not resourced for on-board technicians, and connected to networks with limited resiliency. These capabilities are engineered so that interoperability “work-arounds”—additional manual procedures that sailors must take to compensate for system flaws—are assumed to be acceptable common practice.
The training pipeline is allowed to generate only apprentice-level technicians, and the logistics pipeline provides only critical spares just in time. Commanding officers are not provided the tools they need to maintain the readiness and trustworthiness of their shipboard networks. We are growing a new generation of sailors who cannot operate these networks in their degraded condition caused by battle damage (whether cyber or kinetic) without waiting for shore distance support. Instead of the expertise that was once maintained on board each ship, today we rely on “distance support.” Just as civilians must call a technician in India for assistance, sailors are expected to fix things by chatting over the phone or Internet. In an age of Stuxnet, other computer malware, and Wikileaks, these are not acceptable conditions to ensure mission success for the Fleet.
Our core competency of providing a navy to defend the nation requires that IT and cyber capabilities give precedence to the operational force and those directly coordinating it such as the Maritime Operation Centers. Ships, squadrons, expeditionary forces, operational headquarters, and key telecommunications hubs should be resourced as a priority tier and be considered first among equals.
This view runs counter to the single-enterprise perspective, which advocates an equal implementation across Navy operational and support communities, ashore and afloat. But we can no longer afford to provide a single-enterprise capability that meets all the needs of the operating Fleet as well as those of the service’s support infrastructure. Resourcing the Fleet as a priority tier will allow for more rapid modernization and currency of software and IT, thus improving performance and resiliency and reducing our exposed cyber-attack surface.
Ships First, Then Support
The Navy’s configuration-management process (its method to maintain control over which specific software versions or hardware variants are installed on a ship or shore station) is coupled with an information-assurance process to assess the system for any vulnerability it may introduce to the network. Because a vulnerability to one system can lead to widespread failure or exploitation, we must streamline the two processes to facilitate a higher speed to capability. If we use technologies like cloud computing and software virtualization, these processes will be more efficient and better able to rapidly deliver needed capability to the warfighter.
For the Fleet, a new technology framework must be established to provide the flexibility to rapidly modernize shipboard systems without lengthy processes. This will also standardize systems administration and operation, lower cyber-security risk, and enhance the Naval Network’s resiliency. It should not take seven to ten years to modernize shipboard IT capabilities, then an additional five to develop sufficiently trained and experienced sailors to use them.
The tiered approach to network capability must be operationally responsive to the needs of the combatant commander and the fleet commander. While strategic cyber capabilities and priorities remain, the vast majority of network operations in the Fleet relate to activities at the operational and tactical levels of war. Through strong coordination linkages and awareness of theater threats and challenges, Fleet Cyber Command and Navy Cyber Forces must build a structure that is receptive and tuned to deliver capabilities complementary to and supporting of traditional kinetic naval warfare, and that meets the requirements of fleet commanders and forward-deployed warfighters.
Maximize the Information Dominance Corps
Great strides were made under Admiral Gary Roughead’s information-dominance vision, including the establishment of an organization dedicated to this mission, the Information Dominance Corps. The IDC has the preeminent expertise in all things cyber, and now it is time to take it to the next level of professionalization. In the aviation community, this would mean differentiating between specialties such as tactical strike, maritime patrol, electronic warfare, force defense, and logistics.
The IDC net should be cast wider, to incorporate skills that work at C4I-, network-, and cyber-related tasks. For example, it should make use of engineering duty officers who specialize in C4I systems, sailors with electronics and interior-communications skills, and those in the civilian IT community who have expertise in acquisition. A holistic perspective of community competencies and career development is essential to maintaining the vitality of the Navy’s resident cyber expertise and to supporting retention. The available pool of qualified cyber and IT experts is shrinking, and the Navy must articulate and execute a strategy that encourages preserving IDC skills and sends a positive message about the value of service to attract new personnel into this community.
Training and education of the IDC is recognized as a vital element of the overall strategy, and there have been successful pilot programs such as the use of cognitive tutors in Navy IT training, additional top-tier graduate opportunities, and more emphasis on IDC and Information Assurance Workforce qualifications. But a more comprehensive strategy needs to be developed and enacted.
The same skills that the Navy requires to realize IDC capabilities are also in very high demand globally. The service must develop creative mechanisms to attract this talent. The Department of Defense’s Critical Code report reinforces the need to find ways to improve the Navy’s abilities in systems architecture, software development, and cyber-security. Currently these are all deficient in the DOD. 1
At the same time, we must make sure shipboard operators do not lose sight of the basics of planned and corrective maintenance and the fundamentals of our systems that tie the underway unit to the outside world. Skilled operations of shipboard network and combat systems are vital to the mission accomplishment of each ship. IT touches not just command-and-control and information systems, but also everything from steering control to machinery monitoring, damage-control response, navigation, and even shipboard fire-main and waste services. Much of the IDC has focused on the basics of network operations and emerging cyber-warfare functions. But our Fleet’s dependencies on networks are more far-reaching than just these two areas.
The time is also right for the IDC to have a seat at the warfare commander’s table in strike groups. By aligning afloat staff billets, the IDC should establish the Information Dominance Warfare Commander to coordinate the tactical-level aspects of cyber, electronic warfare, and other information-operations capabilities.
The Navy has always been an expeditionary force that operates under the doctrine “You fight with only what you bring.” But now we’ve placed fiscal efficiency above operational self-sufficiency, and many of our skills and capabilities have atrophied. The demands to deploy the Fleet are not decreasing, even though the size of the Fleet is. To meet this challenge, ships will expect to see longer deployments forward. Given this dynamic, it is even more critical that we regain many of our Cold War abilities.
A large part of this issue is cultural. At one time, for chiefs and leading technicians it was a matter of personal pride to fix their gear and maintain their systems at top readiness. They were expert in the foundational principals of how to troubleshoot a system. They knew theirs forward and backward, and they maintained the shipboard system as if it had been their own sports car. Today we have created an approach in which the technician must rely on an onboard tech rep or call distance support; there is no sense of ownership of the system’s readiness. This cultural shift, due to many factors, will not work in major combat operations.
Contributing to the situation are reduced training for A- and C-school technical ratings; the inability to maintain pace with technology in the schoolhouse; assumptions that all IT is alike, so one technician can be an expert in multiple systems; and commanding officers who do not challenge the material and personnel shortfalls.
This is not a generational problem: today’s sailors are extremely bright and motivated. It is an issue of leadership. We need to make self-sufficiency once again the metric by which we measure a successful, combat-ready ship or squadron. As a prime directive, the acquisition community must acquire interoperable shipboard systems that have a robust integrated logistics train (meaning the complementary spare parts, documentation, and training needed to properly maintain the systems). The model of what is acceptable to maintain a combat-ready Fleet must be restructured. In the days of self-sufficiency, if no one in the ship knew how to fix the problem, referral went right to the systems expert. There were no delays while a generalist was sought to assist.
Which path should we take—increase the competency of our technicians, or rely more heavily on tech reps? Should we enhance the C4I and combat-systems skills in our Regional Maintenance Centers, or accept the current preference for generalist expertise? This model needs a hard look.
In the days of a downsized Fleet, any single-systems casualty has far greater operational impact across the theater. With ships more dispersed, it will be increasingly difficult for the rear-echelon-support model to succeed, especially in the face of area denial by an adversary. We must ensure that the Navy’s network, combat systems, and cyber capabilities are ready to weather major conflict.
Get Ready for Heavy Weather
Our networks are almost exclusively built on technologies derived from the original Internet design, in a cyber world where neighbors were trusted and security was an afterthought. Cyberspace is now filled with countless untrustworthy groups who aim to do economic, intellectual, political, or military harm to our nation. We must recognize this Achilles’ heel and seek alternative designs to counter these vulnerabilities.
The National Science Foundation chartered a Future Internet Architecture Project to meet this exact challenge. 2 The Navy should become an early adopter of these emerging technologies to build a more resilient, defensible network. Likewise, we must develop the capacity to train sailors on their network systems with the same rigor and currency as we train engineering, navigation, and combat-systems operators to deal with on-board casualties. They must be able to “fight the network hurt”: execute core warfighting functions in the face of degraded system performance.
Just as we instituted a national interstate highway system to expand military and economic capacity, so too Navy network planners must now build capacity and alternative routes to support the free flow of information across the globe. Getting the right intelligence to the appropriate decision-maker when that person needs it will allow a smaller Fleet to remain operationally effective on a worldwide scale.
The flood of data is rising faster than our systems and networks can handle without significant investments. A recent study of the Navy’s intelligence, surveillance, and reconnaissance architecture shows that we are rapidly approaching an inflection point at which tactical systems will not be able to transmit, let alone store, the influx. 3 The remedy is not the common mantra “We need more bandwidth.” Rather, what we need is a solution that taps into the power of cloud computing and virtualization technologies to fuse the information so that it is relevant and available to the decision-maker.
We have to face facts. Fiscal constraints will drive us to a smaller Navy. This does not necessarily mean we will be less powerful. When we have harnessed disruptive advances in technology such as air power from the sea, the reach of nuclear-powered ships, or the effectiveness of precision-guided weapons, we’ve realized improvements to our operational flexibility and effectiveness that are on orders of magnitude. Key factors in past successes were based on providing top-tier schoolhouse training, qualification programs on board ship focusing on self-sufficiency expertise, development of robust operating and casualty procedures and planned maintenance systems, and continuous drilling of these skills in combat-relevant scenarios. Keeping the information power edge is just as critical as making a disruptive technology advance.
We must invest the right level of leadership and funding into raising operational C4I and combat-systems efficiency. By returning to basics in their sustainment, training, and capability-delivery processes, we can get enough wind in our sails to chart a course that ensures the Fleet, even though smaller, is empowered by top-tier networks that allow for rich, well-understood collaboration among warfare commanders, real-time integration of persistent sensing into the commander’s situational awareness, and greater agility in meeting operational demands. With the proper leadership, setting of priorities, and process discipline, we can come about and turn this situation into a “red sky at night, sailor’s delight” advantage.
2. National Science Foundation, NSF Future Internet Architecture Project , Washington, DC, 2011, www.nets-fia.net/ .
3. Department of the Navy, Research, Development & Acqusition (ASN RDA), Maritime Intelligence, Surveillance, and Reconnaissance Enterprise Architecture Study , Washington, DC, 2010.
Captain Adams is former commanding officer of the USS Pittsburgh (SSN-720), Enterprise Battle Group Command and Control Warfare Commander and Strike Operations, U.S. 2nd Fleet director for C4I, and Deputy Director for C5I, U.S. Fleet Forces Command. He is currently Director of Tidewater Operations at DELTA Resources, Inc.