Realizing the Potential of C4I

Fundamental Challenges

Committee to Review DOD C4I Plans and Programs

Computer Science and Telecommunications Board

Commission on Physical Sciences, Mathematics, and Applications

National Research Council

NATIONAL ACADEMY PRESS
Washington, D.C.
1999



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page R1
--> Realizing the Potential of C4I Fundamental Challenges Committee to Review DOD C4I Plans and Programs Computer Science and Telecommunications Board Commission on Physical Sciences, Mathematics, and Applications National Research Council NATIONAL ACADEMY PRESS Washington, D.C. 1999

OCR for page R1
--> NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance. Support for this project was provided by the Department of Defense. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsor. Library of Congress Catalog Card Number 99-62272 International Standard Book Number 0-309-06485-6 Additional copies of this report are available from: National Academy Press 2101 Constitution Avenue, NW Box 285 Washington, DC 20055 800/624-6242 202/334-3313 (in the Washington Metropolitan Area) http://www.nap.edu Copyright 1999 by the National Academy of Sciences. All rights reserved. Printed in the United States of America

OCR for page R1
--> COMMITTEE TO REVIEW DOD C4I PLANS AND PROGRAMS JAMES C. McGRODDY, IBM (retired), Chair CHARLES HERZFELD, Private Consultant, Vice Chair NORMAN ABRAMSON, ALOHA Networks EDWARD BALKOVICH, Bell Atlantic JORDAN BARUCH, Jordan Baruch Associates RICHARD BASEIL, Telcordia Technologies (formerly Bellcore) THOMAS A. BERSON, Anagram Laboratories RICHARD KEMMERER, University of California at Santa Barbara BUTLER LAMPSON, Microsoft Corporation DAVID M. MADDOX, Gen USA (retired), Private Consultant PAUL D. MILLER, ADM USN (retired), Alliant Technology Systems CARL G. O'BERRY, Lt Gen USAF (retired) JOHN H. QUILTY, MITRE Corporation ROBERT H. REED, Gen USAF (retired), Lear Astronics Corporation H. GREGORY TORNATORE, Applied Physics Laboratory, Johns Hopkins University Staff HERBERT S. LIN, Senior Scientist and Study Director JON EISENBERG, Program Officer JULIE ESANU, Research Associate MARK BALKOVICH, Research Associate MICKELLE RODGERS, Project Assistant NICCI T. DOWD, Project Assistant DAVID PADGHAM, Project Assistant

OCR for page R1
--> COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD DAVID D. CLARK, Massachusetts Institute of Technology, Chair FRANCES E. ALLEN, IBM T.J. Watson Research Center JAMES CHIDDIX, Time Warner Cable JOHN M. CIOFFI, Stanford University W. BRUCE CROFT, University of Massachusetts at Amherst A.G. (SANDY) FRASER, AT&T SUSAN L. GRAHAM, University of California at Berkeley JAMES GRAY, Microsoft Corporation PATRICK M. HANRAHAN, Stanford University JUDITH HEMPEL, University of California at San Francisco BUTLER W. LAMPSON, Microsoft Corporation EDWARD D. LAZOWSKA, University of Washington DAVID LIDDLE, Interval Research JOHN MAJOR, Wireless Knowledge TOM M. MITCHELL, Carnegie Mellon University DONALD NORMAN, Nielsen Norman Group RAYMOND OZZIE, Groove Networks DAVID A. PATTERSON, University of California at Berkeley LEE SPROULL, Boston University LESLIE L. VADASZ, Intel Corporation Staff MARJORY S. BLUMENTHAL, Director HERBERT S. LIN, Senior Scientist JERRY R. SHEEHAN, Senior Program Officer ALAN S. INOUYE, Program Officer JON EISENBERG, Program Officer JANET D. BRISCOE, Administrative Associate RITA GASKINS, Project Assistant NICCI T. DOWD, Project Assistant DAVID PADGHAM, Project Assistant MARGARET MARSH, Project Assistant

OCR for page R1
--> COMMISSION ON PHYSICAL SCIENCES, MATHEMATICS, AND APPLICATIONS PETER M. BANKS, ERIM International, Inc., Co-chair W. CARL LINEBERGER, University of Colorado, Co-chair WILLIAM BROWDER, Princeton University LAWRENCE D. BROWN, University of Pennsylvania MARSHALL H. COHEN, California Institute of Technology RONALD G. DOUGLAS, Texas A&M University JOHN E. ESTES, University of California at Santa Barbara JERRY P. GOLLUB, Haverford College MARTHA P. HAYNES, Cornell University JOHN L. HENNESSY, Stanford University CAROL M. JANTZEN, Westinghouse Savannah River Company PAUL G. KAMINSKI, Technovation, Inc. KENNETH H. KELLER, University of Minnesota MARGARET G. KIVELSON, University of California at Los Angeles DANIEL KLEPPNER, Massachusetts Institute of Technology JOHN KREICK, Sanders, a Lockheed Martin Company MARSHA I. LESTER, University of Pennsylvania M. ELISABETH PATÉ-CORNELL, Stanford University NICHOLAS P. SAMIOS, Brookhaven National Laboratory CHANG-LIN TIEN, University of California at Berkeley NORMAN METZGER, Executive Director

OCR for page R1
--> The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce Alberts is president of the National Academy of Sciences. The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. William A. Wulf is president of the National Academy of Engineering. The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Kenneth I. Shine is president of the Institute of Medicine. The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy's purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce Alberts and Dr. William A. Wulf are chairman and vice chairman, respectively, of the National Research Council.

OCR for page R1
--> Preface The Defense Authorization Act for Fiscal Year 1996 requested that the National Research Council (NRC) undertake a review of current and planned service and defense-wide programs for command, control, communications, computers, and intelligence (C4I) with a special focus on cross-service and inter-service issues (Box P.1). Programs for C4I account for some of the most complex systems, technologies, and functions in the military. Expenditures on C4I represent a significant fraction of the defense budget. C4I programs provide an interrelated group of capabilities that are distributed horizontally across the military services and vertically within each defense function. Recognizing the potential leverage that enhanced C4I capabilities can provide to the various defense functions (e.g., battlespace situational awareness at all levels of the military command structure, tactical communications, target identification and acquisition, logistics, and so on), the Department of Defense (DOD) has begun major efforts to integrate the various C4I systems into a system of systems. This vision of a defense-wide rationalization of C4I architectures and systems—articulated in Joint Vision 20101—is highly ambitious, and one that will undoubtedly stress traditional DOD ways of doing business. In response to the legislative mandate, the Computer Science and Telecommunications Board (CSTB) of the NRC formed the Committee to 1.   Chairman of the Joint Chiefs of Staff. 1996. Joint Vision 2010, Joint Chiefs of Staff, Washington, D.C.

OCR for page R1
--> BOX P.1 Legislative Charge to the National Research Council Public Law 104-106 Defense Authorization Act for Fiscal Year 1996 SEC. 262. REVIEW OF C4I BY NATIONAL RESEARCH COUNCIL. (a)   Review by National Research Council—Not later than 90 days after the date of the enactment of this Act, the Secretary of Defense shall enter into a contract with the National Research Council of the National Academy of Sciences to conduct a comprehensive review of current and planned service and defense-wide programs for command, control, communications, computers, and intelligence (C4I) with a special focus on cross-service and inter-service issues. (b)   Matters To Be Assessed in Review—The review shall address the following: (1)   The match between the capabilities provided by current service and defense-wide C4I programs and the actual needs of users of these programs. (2)   The interoperability of service and defense-wide C4I systems that are planned to be operational in the future. (3)   The need for an overall defense-wide architecture for C4I. (4)   Proposed strategies for ensuring that future C4I acquisitions are compatible and interoperable with an overall architecture. (5)   Technological and administrative aspects of the C4I modernization effort to determine the soundness of the underlying plan and the extent to which it is consistent with concepts for joint military operations in the future. (c)   Two-Year Period for Conducting Review—The National Research Council shall conduct the review over the two-year period beginning upon completion of the performance of the contract described in subsection (a). (d)   Reports— (1)   The National Research Council shall submit to the Department of Defense and Congress interim reports and progress updates on a regular basis as the review proceeds A final report on the review shall set forth the findings, conclusions, and recommendations of the Council for defense-wide and service C4I programs and shall be submitted to the Committee on Armed Services of the Senate, the Committee on National Security of the House of Representatives, and the Secretary of Defense. (2)   To the maximum degree possible, the final report shall be submitted in unclassified form with classified annexes as necessary. (e)   Interagency Cooperation With Study—All military departments, defense agencies, and other components of the Department of Defense shall cooperate fully with the National Research Council in its activities in carrying out the review under this section. (f)   Expedited Processing of Security Clearances for Study—For the purpose of facilitating the commencement of the study under this section, the Secretary of Defense shall expedite to the fullest degree possible the processing of security clearances that are necessary for the National Research Council to conduct the study. (g)   Funding—Of the amount authorized to be appropriated in section 201 for defense-wide activities, $900,000 shall be available for the study under this section.

OCR for page R1
--> Review DOD C4I Plans and Programs. Unlike the groups responsible for many other studies of C4I (some of which are listed in Appendix B), the membership of the committee was about evenly divided between information technology experts from the commercial, non-defense sector and individuals with significant experience in military operations, either as senior commanders or as defense technologists (Appendix C). The motivation for this balance was that the civilian experts would bring perspective and insights from the commercial world that are relevant to the DOD, while the military experts would provide context and a sense of history and operational experience on what is, after all, a unique organization with a unique mission. In the course of its work, the committee received briefings from DOD officials and others and conducted a number of site visits (Appendix A provides a list), reviewed recent reports described in Appendix B, and met seven times to discuss the input from these sources as well as the independent observations and findings drawn from the experience of the committee members themselves. With the limited resources and time available, the committee chose an approach in which it examined selected field exercises and various C4I programs, rather than attempting to conduct an exhaustive review of all C4I programs within DOD. The committee selected the particular programs and exercises it visited, although its DOD liaisons provided valuable input on possible subjects for examination. As a result of this approach, the findings and conclusions in this report are based on judgments resulting from the "on the ground" sense the committee developed through its sampling process, as well as the experience and knowledge of committee members. Sampling is by definition not comprehensive. However, the sampled data points are most likely to reflect the modal state of practice, and thus conclusions drawn on the basis of sampling are likely to be valid in some "average" sense. One critical question faced by the committee during the course of its project was whether to interpret its legislative charge broadly or narrowly. The narrowest interpretation would have led to a detailed technical review of current DOD efforts in C4I architecture and standards to promote interoperability. The broadest interpretation would have led to an examination of all of the elements needed to sustain a revolution in military affairs based on C4I and information technology, including but not limited to technical considerations of interoperability. Taking the narrowest interpretation risked focusing only on the current state of affairs without taking into account future possibilities. Taking the broadest interpretation risked undertaking an assessment too large to be doable in any meaningful way given the time and resources available to the committee. After considerable discussion, the committee decided that a broad—but not the broadest—interpretation was appropriate. Interoperability would remain

OCR for page R1
--> a central part of the report, but other issues as they emerged in the context of the interoperability problem would also be addressed. Finally, it is appropriate to point out what this report does not cover:  The report accepts as a given the proposition that C4I and information technologies will be central to the vision for the nation's fighting forces in the future. The committee recognizes some controversy over the validity of this proposition but, given the legislative charge, believes that it was a reasonable presumption. The committee believes that C4I has been and will continue to be a critical factor in any imaginable evolutionary path for U.S. forces; the argument in this area is one of degree rather than kind.  The report focuses on three key areas—interoperability, information systems security, and DOD process and culture—that demand serious attention if the military promise of C4I is to be realized. Though issues in these areas were regarded as the most critical problems for DOD, this focus does not mean that other issues are not important as well. For example, issues related to data overload (a user of a C4I system being inundated with information that may be nice to have but is not critical) and data quality (knowing that the data entered into the system, such as a sensor input, is in fact valid) are acknowledged but not addressed explicitly, except as they interact with the critical issues of interoperability and information systems security.  The report does not evaluate specific C4I programs or systems. While such evaluations are useful from a programmatic standpoint, the enormous number of C4I programs within DOD made such a task impossible within the context of this study. Furthermore, agencies such as the General Accounting Office are better suited to undertaking the analysis of specific programs. In general, the committee did look at some programs and did discuss technology issues, but did not conduct a programmatic audit as GAO might do, believing that its primary efforts would be better spent on examining the overall systemic challenges in exploiting the leverage of C4I.  The report does not address the special issues related to the ''online war" in which traditional media such as CNN and emerging online media such as Web sites and Internet relay chats help to influence public opinion, either directly or indirectly. This phenomenon is likely to become more important in the future as the United States conducts military operations in non-traditional venues, but the committee did not have the expertise to address these matters.  The report does not address systems that are intended primarily to support strategic or national intelligence collection. The committee recognizes the fact that national intelligence assets may be used for tactical

OCR for page R1
--> purposes, and to the extent that this is true, the report's analysis, findings, and recommendations are relevant. Nevertheless, an examination of national intelligence programs was beyond the scope of the committee's primary focus. The committee wishes to thank the Department of Defense for providing liaison and logistical support. In particular, Mr. John Buchheister and Mr. Jack Zavin (both from the Office of the Assistant Secretary of Defense for C3I) were enormously helpful and provided valuable guidance in helping to find appropriate briefers and information the committee needed for its study. The committee also wishes to acknowledge the efforts of those listed in Appendix A. Those responsible for hosting the committee on its site visits provided access and support, while those presenting briefings to the committee answered a wide variety of questions. Finally, committee members spoke to a number of personnel on its site visits who were not part of any formal presentation. Nevertheless, these personnel helped to provide the committee with a measure of "ground truth" and in general impressed the committee with their dedication to duty and their technical sophistication. A special note of appreciation is due the NRC staff on this project. Without the insights and capable efforts of Dr. Herb Lin, it would have been impossible to assemble the team whose breadth of experience and knowledge were essential to the creation of this report. In addition, the committee would like to acknowledge Dr. Lin's expert support in developing an overall plan and specific agendas for its meetings and site visits. The NRC team of Lin and Dr. Jon Eisenberg, working together with Mr. Buchheister and Mr. Zavin, developed a plan of briefings with key people and effective site visits that enabled the committee to focus on the relevant issues and rapidly develop a base of common knowledge in the complex area of C4I. The committee received major and capable help and support from Lin and Eisenberg, in both developing an effective process for the writing effort and ensuring a consistent style and, more important, finding a reasonable consensus on key issues and recommendations without diluting the directness and forcefulness of the committee's sentiments. As always, the committee, in its collective authorship, is responsible for the analysis, findings, and recommendations of this report.

OCR for page R1
This page in the original is blank.

OCR for page R1
--> Acknowledgment of Reviewers This report was reviewed by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council's (NRC's) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the authors and the NRC in making the published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The contents of the review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their participation in the review of this report: W. Earl Boebert, Sandia National Laboratories, William Crowell, Cylink, Gerald Dinneen, Honeywell, Inc. (retired), Jack Donegan, San Diego Supercomputer Center, Robert Everett, MITRE Corporation, Louis Finch, STR, Mike Frankel, SRI International, Richard L. Hearney, The Boeing Company, David Heebner, Private Consultant, John C. Henderson, Boston University, Anita Jones, University of Virginia, Stephen Kent, BBN, John B. LaPlante, Burdeshaw Associates, Limited,

OCR for page R1
--> Stephen Lukasik, Independent Consultant, Larry Lynn, Private Consultant, Stuart E. Madnick, Massachusetts Institute of Technology, Noel D. Matchett, Information Security Incorporated, James McCarthy, United States Air Force Academy, Wesley L. McDonald, U.S. Navy (retired), Robert Nesbit, MITRE Corporation, Kumar Patel, University of California at Los Angeles, Stu Personick, Bell Laboratories, William H. Press, Harvard University, Jeff Rulifson, Sun Microsystems, Casmir S. Skrzypczak, Bellcore, Harry Train II, SAIC, Harry Van Trees, George Mason University, Andrew Viterbi, QUALCOMM, Willis H. Ware, RAND Corporation, Larry D. Welch, Institute for Defense Analyses, Albert D. Wheelon, Hughes Aircraft Company (retired), Sheila Widnall, Massachusetts Institute of Technology, Len Wishart, U.S. Army (retired), and John Yeosock, U.S. Army (retired). Although the individuals listed above provided many constructive comments and suggestions, responsibility for the final content of this report rests solely with the study committee and the NRC.

OCR for page R1
--> Contents NOTE TO THE READER: The executive summary is an essential component of this report. In addition to collecting the findings and recommendations presented in Chapters 2 through 4, the executive summary distills the goals and principles described in the main text of the report as informing the effective use of C4I systems and technology for military operations. This distillation is not to be found elsewhere in the report.     Executive Summary   1 1   Introduction   27     1.1 What Is C4I?   28     1.2 The Impact of C4I on Military Effectiveness   30     1.2.1 Evidence from Recent Experience   30     1.2.2 Potential Impact of C4I on Military Operations   36     1.3 The U.S. Military's Work in Exploiting Information Technology   43     1.4 The Role of C4I Systems in Future Military Environments   43     1.4.1 Likely Environments of Future Military Operations   43     1.4.2 Rapid Planning to Support Rapid Response   50     1.4.3 Support for Deployment of Forces in the Changing Environment   52

OCR for page R1
-->     1.4.4 Proliferation in the Use of the U.S. Military for Sustainment and Support Operations (Military Operations Other Than War)   53     1.4.5 Complexities of Exercising Command and Control of Forces in Regional Conflict Environments   56     1.4.6 Strategic Vulnerability of Infrastructure to Information Attack   56     1.5 Expected Information Technology Trends for C4I   57     1.5.1 Computers   58     1.5.2 Communications   58     1.5.3 Sensors   59     1.5.4 Weapons   59     1.6 DOD Budget and Organizational Structure for C4I   60     1.6.1 Budget   60     1.6.2 Organizational Structure for C4I   61     1.7 Challenges to the Exploitation of the Military Leverage of C4I   62 2   Interoperability   64     2.1 What Is Interoperability and Why Is It Important?   64     2.1.1 What Is Interoperability?   64     2.1.2 Why Interoperability Is Important   69     2.1.3 Dimensions of Technical Interoperability   72     2.2 Why Achieving Interoperability Is Difficult   73     2.2.1 Challenges Common to All Large Enterprises   73     2.2.2 Special Challenges Faced by the Department of Defense   80     2.3 Technical Approaches to Interoperability   84     2.3.1 Architecture   85     2.3.2 Interfaces, Layers, and Middleware   85     2.3.3 Standards   87     2.3.4 Data Interoperability   90     2.3.5 Developing and Implementing Architectures   92     2.4 Testing   96     2.5 DOD Interoperability Strategy   100     2.5.1 Overview   100     2.5.2 Elements of the DOD Strategy   101     2.6 Measuring Interoperability   105     2.6.1 A Technical Compliance Scorecard   105     2.6.2 A Systems Interoperability Scorecard   106     2.6.3 An Operational (Mission-Enabling) Interoperability Scorecard   107

OCR for page R1
-->     2.7 Findings   109     2.8 Recommendations   116 3   Information Systems Security   130     3.1 Introduction   130     3.1.1 Vulnerabilities in Information Systems and Networks   135     3.1.2 Security Requirements   136     3.1.3 Role of Cryptography   137     3.2 Major Challenges to Information Systems Security   139     3.2.1 The Asymmetry Between Defense and Offense   139     3.2.2 Networked Systems   139     3.2.3 Ease-of-Use Compromise   140     3.2.4 Perimeter Defense   140     3.2.5 The Use of COTS Components   141     3.2.6 Threats Posed by Insiders   142     3.2.7 Passive Defense   143     3.3 Defensive Functions   144     3.4 Responsibility for Information Systems Security in DOD   152     3.5 The Information Systems Security Threat   154     3.6 Technical Assessment of C4I System Security   156     3.7 Findings   157     3.8 Recommendations   160 4   Process and Culture   179     4.1 Managing Change   179     4.1.1 Clear Vision for the Future   180     4.1.2 Supporting Processes   180     4.1.3 Persistent Leadership Creating a Sense of Urgency   182     4.1.4 Process Reengineering   184     4.1.5 Budgets and Reprioritization of Investment   186     4.2 Special Non-Technical Challenges Faced by the Military   187     4.2.1 Situational Challenges   187     4.2.2 Organizational Challenges   188     4.2.3 Schedule and Budget Challenges   192     4.2.4 Coalition Challenges   193     4.3 The Acquisition System   194     4.3.1 Overview   194     4.3.2 Requirements, the 80% Solution, and Functional Specifications   197

OCR for page R1
-->     4.3.3 Exploiting Commercial Technology   199     4.3.4 Testing   204     4.3.5 Flexibility in the Process   205     4.3.6 Support of the Legacy Base Versus New Technology   207     4.4 Personnel, Knowledge, and Professionalism   208     4.5 Exercises, Experiments, and Doctrinal Change   210     4.6 Management Metrics and Measures of Military Effectiveness   212     4.6.1 DOD Use of Management Metrics and Measures of Military Effectiveness   213     4.6.2 Considerations in Assessment of C4I System Effectiveness   216     4.6.3 Caveats   217     4.6.4 Ways of Generating and Developing Data   219     4.7 Findings   221     4.8 Recommendations   229     APPENDIXES         A List of Site Visits and Briefings   247     B Summary of Relevant Reports and Documents   250     C Members of the Committee   272