The concept of operations for the future ADF is to fight in a networked battlespace where the knowledge edge will provide a decisive advantage.
In Air Force terms capabilities being introduced in the next couple of years, such as the Boeing EA-18G Growler airborne electronic attack capability and Lockheed Martin F-35A Joint Strike Fighter, will join the current F/A-18F, KC-30A and E-7A Wedgetail in that networked environment.
And this concept is not limited to Air Force of course, with capabilities such as Navy’s new LHDs now entering service and Air Warfare Destroyers on the horizon. Army’s new vehicles will be capable of being networked and Defence has several projects ongoing to ensure advantage is taken of the potential on offer.
But what if the networked strengths of these capabilities are their Achilles heel? How susceptible will they be to some form of cyber attack, and can effective operations be undertaken if the global positioning system (GPS) is degraded, not available altogether or, perhaps worse, corrupted?
The issue of specific vulnerability of platforms such as Growler and JSF is understandably very sensitive, with one leading person in the cyber intrusion space commenting to ADM that if such issues were completely understood, they would be highly classified.
Defence is also reluctant to discuss the specific measures it currently takes to counter cyber threats but it does say that the defence of its information and capabilities are taken very seriously.
“We have dedicated teams of highly specialised, well trained operators who monitor our cyber environment, conduct vulnerability scanning and assessments, and provide advice and assistance to our capability delivery areas to ensure that security is an essential element of everything we do,” a Defence spokesperson explained to ADM.
“Defence relies on its Information and Communications Technology (ICT) systems and networks, along with integrated ICT mission systems and devices on its ships, aircraft, land vehicles, headquarters and supporting elements, to conduct operations and business functions.”
But Australia continues to be the target of persistent and sophisticated cyber exploitation activity by malicious actors and this activity comes from a range of sources, including state-based or supported foreign groups, issue motivated groups, cyber criminals, organised crime, and malicious or careless trusted insiders.
Therefore the challenge facing Defence, couched in very broad terms, is to comprehensively protect its ICT and mission systems while assuring that they continue to operate effectively. Authorised access to the required information is another key challenge and Defence says it is implementing a number of strategies to ensure malicious cyber actors cannot cause significant affects on ADF operations and Defence business more broadly.
“Defence’s increasing levels of connectivity also brings with it associated cyber protection challenges. The future operating environment will be increasingly complex, with rapid production of high volumes of data and increasingly contested lines of communication,” the spokesperson detailed.
“New capabilities are addressing the need for ICT and information security to be an integral part of any capability solution.”
One of the first casualties of modern warfare is likely to be the guarantee of GPS integrity, certainly in terms of the civilian GPS system. But how secure are military GPS systems and, if the ADF had to carry out precision air strikes in a GPS degraded or denied environment, how would it operate effectively?
To begin with, Defence says that GPS considerations are made within an area generically known as Position, Navigation and Timing (PNT) or Navigation Warfare (NAVWAR) and that it has been aware of the GPS denial issues for ‘many years’ and has proactively considered, developed and implemented a range of measures to mitigate GPS denial or to counter the systems that seek to deny access to the GPS signals.
Inertial Navigation Systems (INS), which are self-contained and require no input from an external source is one example of such mitigation, are one example but tend to ‘drift’ over time and ideally require updating with accurate position data.
Other examples are passive radio navigation systems, electro-optic sensors, navigation radar, astronomical and terrestrial fixing, doppler navigation systems, and gyro and magnetic compasses, which, when combined, can provide redundancy to varying degrees.
Military GPS systems of course have a greater resistance to jamming or interference than their civil equivalents and also have a designed-in robustness to deal with degraded signals, including signal receivers and antennae.
“There are also other external sources of navigational data that come from terrestrial and space-based systems, some of which are complete alternatives to GPS and others augment GPS. Defence will continue exploring enhancements to its organic systems for mitigating and countering GPS denial events,” the Defence spokesperson said.
“Defence regularly incorporates space denied scenarios into our exercises and activities to build an awareness of the challenges associated with operating in a GPS denied environment and to refine operating procedures.”
A Geographic Information System (GIS) is a software system which captures, manages, analyses and displays geographically referenced information and can therefore build a comprehensive time-space picture which can be used to solve problems.
GIS can be used to manage operations which have been degraded either by a cyber attack or by some level of GPS denial, by fusing together information derived from unaffected sources or sensors.
Esri Australia has been working in the GIS space for almost 40 years and their regional industry lead for national security in Australia and South-East Asia, Simon Hill, says he treats cyber as just another domain to work in.
“Cyber from our perspective is simply another domain, like land, maritime or air, and we can use GIS technology to help manage a cyber event,” he explained to ADM. “Our perspective is to look at the other information available to you at the time and we say, okay, what disparate information do we have from other sensors? It could be blue force tracking, intelligence reporting or even weather information. We use geography to correlate this information in time and space to form a detailed and precise picture for a decision maker, whether in the field or in a headquarters.”
Given that Growler or JSF are not reliant on a single sensor or a single means of transferring data, the information not compromised can be combined with GIS to complete the picture. Information from other non-compromised sources such as an air picture from Wedgetail or an AWD are obvious candidates for fusion with GIS data and, in the battlespace of the future, this will occur anyway.
“The key point is not actually the occurrence of a cyber incident, but rather the ability to bring all relevant authoritative information together easily, assess what it means in context (space and time) and then make decisions,” Simon Hill continued.
“I think that’s where it becomes really important, when you have these very sophisticated platforms that are coming in to service, because they require that rapid decision-making.”
One recent example of how GIS has been used to rapidly build a cohesive picture of events by drawing on information from disparate sources (albeit not in a cyber attack context), was in response to the shooting down of Malaysia Airlines MH17 over Ukraine last year.
Simon Hill said that event occurred during an Esri international user conference in the US, whose attendees included the Malaysian military as well as entities such as Airbus Defence and Space.
“We got together in one room and we literally stood up a capability on-line with all the available sources of information we could get,” he detailed. “Airbus began tasking satellites, we derived information through government channels and we created a series of web maps that were used by the Malaysian officials. The first maps were being created within an hour and there was a very robust capability in place within four hours.”
To return to the cyber attack context, GIS of course does not make an attack any less likely to happen, but it will assist in managing the event once it has occurred.
“It can assist in putting people in a stronger position to then deal with the situation and determine what to do next,” Hill said. “To return to my earlier point, by simply treating cyber as another domain that we are managing, then we can look at that cyber event in context and quickly make some decisions about it.”
Plans for operations in the networked battlespace of the future such as the RAAF’s Plan Jericho take into account the fact that operations may be degraded by some form of attack or intrusion by an enemy and, as Defence notes, exercises are already conducted using this assumption.
As the networked nature of operations permeates throughout the ADF, more capabilities and organisations are likely to be harnessed to counter the cyber threat.
One such example is the recent approval to stand up the Joint Air Warfare Battle Lab (JAWBL) at Williamtown, which ADM understands is to be administered by the Defence Science and Technology Organisation on behalf of Defence.
One of the purposes of JAWBL will be to develop tactics and procedures for the future of air combat and it will also be capable of being networked with the ranges. As such it has the potential to become an important tool in the analysis of operations in a cyber-threat environment.
This article first appeared in Australian Defence Magazine VOL.23 No.5, May 2015