10 minute read
Exercise Capability Support
52
Every year, NATO holds a range of exercises across all its operating domains. The NCI Agency’s Branch Head of Operations and Exercises, Anthony Moore, and his team are on hand to ensure that the exercise Commanders and operational staff have all the critical capabilities required to ensure success. Anthony Moore explains
This year was yet another extremely challenging year for the NCI Agency Operations and Exercise (OPEX) team as it worked hard to provide exercise support to NATO. Together with our partners, we provided planning support to NATO’s exercises in accordance with the Military Training and Exercise Programme and were heavily involved in the planning processes for several exercises at the end of 2022 and the beginning of 2023. In particular, experts from the NCI Agency’s OPEX Service Line recently supported three major NATO exercises: Steadfast Cobalt 2022, Steadfast Jupiter 2022 and preparations for Steadfast Jackal 2022.
STEADFAST COBALT 2022
At Steadfast Cobalt 2022 (STCO 22), OPEX supported the Deployed Network Operations Center (DNOC) NCI Agency Cell Head for five weeks of execution in Bydgoszcz, Poland where some 22 NATO Command Structure units, NATO Force Structure units and headquarters participated in the exercise. It involved around 1,000 personnel at sites and unit locations (both military and civilian) across Europe. Approximately 300 staff from the NCI Agency were involved in planning and supporting this exercise – some remotely, some deployed. 53
NITECH ››› SUPPORTING NATO AND THE NATIONS During the exercise, NATO Member countries tested the interoperability of their internal services over a single communications network in order to conduct missions as the NATO Response Force (NRF). The NRF is deployed in response to crises or incidents and consequently, its mission network is one of NATO’s most critical networks. Therefore, this exercise is NATO’s insurance policy as it confirms that Allies are able to operate together as soon as the NRF is required for action.
During all phases of the exercise, subject matter experts from across the NCI Agency prepared all of the NATO-owned equipment for the static and deployed elements; operated and monitored all of the services that they provide; resolved incidents and managed changes as they arose. The team also deployed to Bydgoszcz, Poland as the NCI Agency Cell Head Deployed Network Operations Center (DNOC).
The NCI Agency has ensured the effectiveness of this critical network, enabling the NRF Commander to command and control his forces by providing the Mission Network Service Management Authority (SMA), which designed a plan for the interconnection of NATO and national networks into the mission network. Federation allows NATO, national and multinational units to join one comprehensive mission network, while retaining the ownership of their own networks. This supports interoperability among Nations and ensures that the NRF Commander is able to communicate with both NRF combat units and joint headquarters.
The network created at Steadfast Cobalt 2022 will be used to support the preparation of the next NRF rotation and will be on standby as part of the force in 2023. It will be used if the NRF is activated in 2023 for a NATO-led mission. Steadfast Cobalt is one of a few main exercises that strengthens interoperability within NATO Nations. The exercise highlights the Agency’s ability to successfully collaborate with other NATO bodies while providing, implementing and maintaining vital technologies in support of NATO’s ambitious agenda.
STEADFAST JUPITER 2022
In order to maintain momentum towards Steadfast Jupiter 2023 (STJU 22), and in light of the strategic challenges emerging from the
OPEX participating in an Exercise Planning Conference in Turkey (PHOTO: NCI Agency)
54
The NCI Agency played a pivotal role in exercise Trident Jupiter, ensuring that CIS used in the exercise were reliable (PHOTO: NCI AGENCY)
conflict in Ukraine, Major Stoyanov Kaloyanhas, NCI Agency Exercise Branch Officer of Primary Responsibility (OPR), has been tirelessly working to re-scope Steadfast Jupiter 2022 to a three-level (strategic, operational and tactical) training event. From planning to execution, the NCI Agency was involved in all three layers of the exercise with the NCI Agency OPEX team in the lead. Using cross-functional teams, the Agency OPEX team processed and resourced Computer Information Systems (CIS) support for Joint Forces Command Naples and the German Special Operations Command deployment. The Agency prepared the CIS backbone and all command and control services requested outside of the already configured NRF capabilities built at those leading command structures. This CIS uplift provides a flexible approach that can be adapted to any real-world situation.
STEADFAST JACKAL 2022
Closing out the year, the NCI Agency OPEX team diligently planned and resourced Steadfast Jackal 2022 (STJA 22). This critical exercise is sponsored by NATO Headquarters, i.e. Supreme Allied Powers Europe (SHAPE), and is an operational level computer-assisted command post (CAX/CPX) exercise to train, evaluate and certify a Joint Task Force Headquarters (JTFHQ) in the planning and execution of an ‘out of area small joint operation’. As such, it serves as a platform to train and certify a JTFHQ in counter terrorism operations and NATO expeditionary capabilities.
The NCI Agency OPEX team’s support to this exercise builds customer relationships and enables NATO’s core mission set. Major Joshua Winsett, the NCI Agency OPEX’s Coordinating OPR, accompanied by a subject matter expert from the Command and Control Service Line travelled to Stavanger, Norway. Here, they observed the CIS setup, undertook its validation and verification and provided on-site support for the NATO Common Operational Picture (NCOP) systems. These systems generate situational awareness and the Land Command and Control Information Systems (LC2IS) used to enable information exchange and decision-making.
In conjunction with the execution phases of the exercise above, the NCI Agency OPEX team is vigorously involved in the planning processes for several future exercises with a special focus on the planning support for Steadfast Cobalt 2023 and Steadfast Defender 2024. 55
INDUSTRY PERSPECTIVE
How holistic ecosystems enable multi-domain operations
Marcel Taubert
Vice President Defence & Space, secunet Security Networks AG
German-based company secunet specializes in IT security and reliable digital infrastructure. As network structures around the world are being rethought by migrating to the cloud, secunet is increasingly addressing the need for a secure, holistic cloud continuum – and the capabilities and features such a continuum brings, especially in national defence.
Why has the topic of ‘multi-domain operations’ been discussed so intensively recently?
The geopolitical challenges of recent years have increased the importance of multi-national cooperation significantly. In cases of national and international threats to a country and its population, it is essential to be able to share classified information reliably, securely and quickly. Sharing information within NATO is a critical success factor in this regard – especially in defence cases, when the share-to-win principle takes hold and data from each of the operational domains – air, sea, land, cyber and space needs to be incorporated into decision-making. The multi-domain cloud is a technical solution for this. It pools valuable information in real time, secures the data that must be protected end-to-end (E2E) and enables decentralized access to applications.
So where does the focus on cloud technology come from?
The importance of holistic ecosystems for cybersecurity continues to grow, encompassing not only cloud technology, but also a wide variety of software and hardware components. However, in terms of national defence in particular, IT structures are becoming increasingly complex. They now comprise a wide variety of C2 systems, weapon systems, their effectors and sensors, forming a heterogeneous information network. Cloud platforms, with the help of which the associated security solutions can be easily deployed anywhere as ‘software containers’, create added value.
As one of the Federal Republic of Germany’s IT security partners, secunet provides a holistic security solution, the Secure Inter-Network Architecture (SINA), which ensures effective encryption and separation of differently classified data, not only locally, but also when it is transferred over open networks. Secure gateways such as the SINA L3 and L2 Box and the corresponding stationary and mobile clients are also part of the portfolio and can be managed across different domains. These classic security architectures form the foundation of all budgeted cyber security efforts and are complemented by a cloud for the use of classified data, including NATO Restricted (NR) and NATO Secret (NS), which places special demands on client separation, the protection of sensitive data and the secure handling of nationally owned cryptographic keys.
What exactly is the added value of a cloud continuum in all this?
Internationally speaking, the situation at the ‘Sharp Edge’, in other words the place of deployment, is very heterogeneous, especially in the initial phases. The need for large bandwidths and compute power is compounded by various local, climatic and even capacitive influences. Proximity to the site of operation, therefore, plays just as important a role in implementing the necessary IT as access to bandwidth, effectors and even sensor systems. For this reason, the on-site infrastructures must be expanded accordingly and, among other things, sufficient gateways, servers and storage must be made available. The associated roll-out process is complicated and requires lengthy planning.
In a case such as this, a cloud continuum creates added value. Take the NATO Response Force (NRF) as a perfect example. The NRF operates with rigid IT structures which are highly and rapidly mobile. To take this mobility into account, the hardware and software architecture has been closely aligned so that it can be operationally ready as quickly as possible. To respond to future threats even faster, a secure cloud architecture would increase this flexibility. By the means of
Backend/Reachback Deployable DC Intelligent platforms
Air Speci c Cloud Edge
Mission Cloud
Central Command
Secure cloud
E2E
Maritime Command
Secure cloud Air Component Command
Secure cloud
E2E
E2E
Land Component Command
Secure cloud E2E
E2E
Ground Speci c Cloud
‘Infrastructure as Code’ (IaC), individual IT requirements can be defined, and the deployment process distributed across the racks in a fully automated manner. This increases the redundancy, reliability and resilience of the network and also enables the replacement of damaged elements quickly, owing to the fact that the network architecture requirements have been determined in advance for multiple use cases. The relocation of the operational site can also be carried out in just a few days and scaled according to the requirements. This helps to promote interdisciplinary cooperation between different ministries, states and sometimes even NGOs, which are increasingly in demand in current conflicts and operations - what we call a whole-ofgovernment cloud approach.
What are the key technical requirements for such a holistic system?
In military operations, IT infrastructures must be fail-safe and efficient. Meeting legally defined security standards is also a top priority for cloud solutions. But, other factors, such as flexibility, future-proofing and resilience also play an important role. The solution should not only provide the implementation of a multi-cloud for the use of different data sources, it should also enable the use of other technologies such as AI for example. Robust hardware and clients that can display and process information in different domains depending on the classification level are also part of the equation.
The cornerstone of all security efforts is therefore still comprised of the traditional classic ingredients. Reliable data encryption, client separation on the same device and individual access to the cloud are just a few examples of these ingredients. Already, secunet is working on linking the solutions in its portfolio with cloud functionalities. SINA clients, for example, have multi-session and multi-domain functionality. Working in a secure cloud is just the next step in this process. The SINA Communicator H as a multi-crypto phone for tap-proof voice communication is also becoming increasingly cloud-ready.
Does secunet’s cloud strategy put it in competition with established hyperscalers such as Azure or AWS?
The need for a multi-cloud strategy is undoubtedly essential, but the strategies of the hyperscalers differ significantly from secunet’s. For us, it’s more about recognizing the huge role that cloud technology will play in the IT high-security environment today and in the future as well as driving its development. It is clear that in the future, government agencies and the military will work with the cloud. The crucial difference here lies in the type of use. The use of the cloud for classified information takes place in highly critical contexts and complements the security solutions that secunet provides to secure confidential information and create a highly secure cloud infrastructure.
In our vision, the cloud continuum incorporates edge and client components as well as highly secure backends based on cloud technology. It also provides the multi-domain dimension. So, secunet is not in competition with hyperscalers; it is complementary to them as they too have a place within the cloud continuum, especially if you access that domain through a session on a SINA Workstation from secunet.
