Military Embedded Systems July/August 2018 by OpenSystems Media

@military_cots

John McHale

Space Force and COTS procurement

Cybersecurity Update

Using Majorana particles to foil intruders 10

Special Report Cyber resilience

Industry Spotlight

Deep learning in the defense IT arena MIL-EMBEDDED.COM

26 36

July/August 2018 | Volume 14 | Number 5

CYBER ATTACK

ATTRIBUTION: Is it actually a deterrent?

P 16

P 22 The state of cyberÂ resiliency metrics on embedded systems By David Sheets, Curtiss-Wright Defense Solutions

Mobile computing mounts in popularity for military field use P 30

FAILURE IS NOT AN OPTION. o FIPS 140-2 P o NIAP  o Rugged  o NIST P o U.S. Supply Chain P

RUGGED AND SECURE. Crystal Group PASS – Platform Agnostic Security Solutions – includes the world’s first rugged FIPS 140-2 compliant data-at-rest storage devices, ruggedized Ruckus ICX switches with NIAP certified IP-security modules for network encryption, and exclusively conformal-coated Seagate 2.5-inch, dual-port SAS drives compatible with any Crystal Group server, workstation, and JBOD or RAID storage system. Crystal Group manufactures its products in vertically integrated, NIST compliant, U.S.-based facilities, tracing every component – from the raw materials through production processes to the delivery of the final warrantied product – to ensure an end-to-end U.S. supply chain of custody and help prevent security vulnerabilities. Visit crystalrugged.com to request more information or receive a quote.

Volume 14 Number 5

www.mil-embedded.com

July/August 2018

COLUMNS

SPECIAL REPORT

Editor’s Perspective 8 Space Force and COTS procurement

Cyberwarfare Technology 16

Cyberattack attribution: Is it actually a deterrent?

By John McHale

Cybersecurity Update 10 Majorana particles may block intruders on sensitive networks in the future

By Sally Cole, Senior Editor

The state of cyber resiliency metrics on embedded systems

By Sally Cole

By David Sheets, Curtiss-Wright Defense Solutions

16 26

Mil Tech Insider 11 Bringing VxWorks support to Intel Xeon D-based EW systems By Denis Smetana

Mission- and life-critical cyber resilience for military platforms By Samuel Hamilton and Robert Gray, BAE Systems

Technology Update 42 Drone-swarm tactics program leverages game-based technologies

MIL TECH TRENDS Rugged Computing 30

By Mariana Iriarte

Mobile computing mounts in popularity for military field use

Blog 44 Blockchain for embedded systems

By Mariana Iriarte, Technology Editor

INDUSTRY SPOTLIGHT

By Russ Doty, Red Hat

Leveraging Big Data for Military Applications

DEPARTMENTS

Applying deep learning techniques to expand defense capabilities

Defense Tech Wire

By Mohamed Bergach, Kontron

Editor’s Choice Products

Connecting with Mil Embedded

By Mariana Iriarte

By Mil-Embedded.com Editorial Staff

WEB RESOURCES Subscribe to the magazine or E-letter Live industry news | Submit new products http://submit.opensystemsmedia.com

30 www.linkedin.com/groups/ Military-EmbeddedSystems-1864255

Published by:

@military_cots

All registered brands and trademarks within Military Embedded Systems magazine are the property of their respective owners. © 2018 OpenSystems Media © 2018 Military Embedded Systems ISSN: Print 1557-3222

4 July/August 2018

MILITARY EMBEDDED SYSTEMS

White papers: Read: http://whitepapers.opensystemsmedia.com Submit: http://submit.opensystemsmedia.com

ON THE COVER: Top image: The DoD is building up its programs to thwart cyberwarfare. Does attribution or blame-placing for cyberattacks actually deter other would-be cyberattackers? Bottom image: Rugged mobile computing is getting a major boost as the DoD presses the defense industry to ruggedize commercial technologies for military use.

www.mil-embedded.com

EMBED MISSION SUCCESS

Embed Success in Every Application Whatever the operational environment—aerial, space, ground or submersible— WinSystems has a full line of embedded computers, I/O cards, cables and accessories to ensure mission success. Our rugged, reliable and resilient single board computers are capable of processing a vast array of data for controlling unmanned systems, machine intelligence, mission management, navigation and path planning. From standard components to full custom solutions, WinSystems delivers world-class engineering, quality and unrivaled technical support. Our full line of embedded computers, I/O cards, and accessories help you design smarter projects offering faster time to market, improved reliability, durability and longer product life cycles.

SBC35-C398Q Quad-Core NXP i.MX 6Q Cortex A9 Industrial ARM® SBC PX1-C415 PC/104 Form Factor SBC with PCIe/104™ OneBank™ expansion and latest generation Intel® Atom™ E3900 Series processor

AERIAL

SPACE

GROUND

SUBMERSIBLE

TEST & MEASURE

MEDICAL

SCADA

Single Board Computers | COM Express Solutions | Power Supplies | I/O Modules | Panel PCs

817-274-7553 | www.winsystems.com ASK ABOUT OUR PRODUCT EVALUATION! 715 Stadium Drive, Arlington, Texas 76011

ITX-P-3800 PICO-ITX form factor SBC with onboard I/O, fast graphics, dual Gigabit Ethernet, and Intel® Atom™ E3800 series processor

QUALITY CERTIFIED

ISO 9001:2015

ADVERTISER INFORMATION

Page Advertiser/Ad Title 43 ACCES I/O – Products, Inc. – PCI Express mPCIe embedded I/O solutions 29 Acromag – AcroPacks = SWaP-C 38 AirBorn – Series 360 circular interconnects 34 Alphi Technology Corporation – Mission-critical solutions 2 Annapolis Micro Systems, Inc. – For when latency really matters 3 Crystal Group, Inc. – Failure is not an option 24 Dawn VME Products, Inc. – Dawn powers VPX 33 Elma Electronic – Proven building blocks 21 General Micro Systems, Inc. – Rugged servers, engineered to serve 19 LCR Embedded Systems – “I need COTS, but … “ 15 MilesTek – Military & aerospace interconnects at the ready 42 MPL AG – Rugged embedded Xeon server 23 Omnetics Connector Corp. – Lighter, smaller, more durable connectors for any application 7 One Stop Systems – HPC for government and defense 35 One Stop Systems – Rack scale composable infrastructure for mixed workload datacenters 9 Pasternack – You engineer the future. We’ll supply the components … today! 48 Pentek, Inc. – Unfair advantage. 38 Phoenix International – Phalanx II: The ultimate NAS 28 Sealevel Systems, Inc. – Push the edge 18 Themis Computer – Innovation that enables supercomputing 5 WinSystems, Inc. – Embed mission success 39 Z Microsystems, Inc. – Thinking outside the rack 42 Z Microsystems, Inc. – Smaller. Lighter. Faster.

ASSISTANT MANAGING EDITOR Lisa Daigle ldaigle@opensystemsmedia.com

SENIOR EDITOR Sally Cole scole@opensystemsmedia.com

TECHNOLOGY EDITOR Mariana Iriarte miriarte@opensystemsmedia.com

DIRECTOR OF E-CAST LEAD GENERATION AND AUDIENCE ENGAGEMENT Joy Gilmore jgilmore@opensystemsmedia.com ONLINE EVENTS SPECIALIST Sam Vukobratovich svukobratovich@opensystemsmedia.com

CREATIVE DIRECTOR Steph Sweet ssweet@opensystemsmedia.com

SENIOR WEB DEVELOPER Aaron Ganschow aganschow@opensystemsmedia.com

WEB DEVELOPER Paul Nelson pnelson@opensystemsmedia.com

CONTRIBUTING DESIGNER Joann Toth jtoth@opensystemsmedia.com

EMAIL MARKETING SPECIALIST Drew Kaufman dkaufman@opensystems.media

VITA EDITORIAL DIRECTOR Jerry Gipper jgipper@opensystemsmedia.com

SALES SALES MANAGER Tom Varcie tvarcie@opensystemsmedia.com (586) 415-6500

MARKETING MANAGER Eric Henry ehenry@opensystemsmedia.com (541) 760-5361 STRATEGIC ACCOUNT MANAGER Rebecca Barker rbarker@opensystemsmedia.com (281) 724-8021 STRATEGIC ACCOUNT MANAGER Bill Barron bbarron@opensystemsmedia.com (516) 376-9838 STRATEGIC ACCOUNT MANAGER Kathleen Wackowski kwackowski@opensystemsmedia.com (978) 888-7367 SOUTHERN CAL REGIONAL SALES MANAGER Len Pettek lpettek@opensystemsmedia.com (805) 231-9582 SOUTHWEST REGIONAL SALES MANAGER Barbara Quinlan bquinlan@opensystemsmedia.com (480) 236-8818

EVENTS

GROUP EDITORIAL DIRECTOR John McHale jmchale@opensystemsmedia.com

ASIA-PACIFIC SALES ACCOUNT MANAGER Helen Lai helen@twoway-com.com

BUSINESS DEVELOPMENT EUROPE Rory Dear rdear@opensystemsmedia.com +44 (0)7921337498

Air, Space & Cyber Conference

September 17-19 National Harbor, MD www.afa.org/events/calendar/2018/09/17/ air-space-cyber-conference

AUSA 2018 Annual Meeting & Exposition

October 8-10 Washington, DC www.ausameetings.org/2018annualmeeting/

E-CASTS

WWW.OPENSYSTEMSMEDIA.COM PRESIDENT Patrick Hopper phopper@opensystemsmedia.com

EXECUTIVE VICE PRESIDENT John McHale jmchale@opensystemsmedia.com

EXECUTIVE VICE PRESIDENT Rich Nass rnass@opensystemsmedia.com CHIEF FINANCIAL OFFICER Rosemary Kristoff rkristoff@opensystemsmedia.com

EMBEDDED COMPUTING BRAND DIRECTOR Rich Nass rnass@opensystemsmedia.com

ECD EDITOR-IN-CHIEF Brandon Lewis blewis@opensystemsmedia.com

TECHNOLOGY EDITOR Curt Schwaderer cschwaderer@opensystemsmedia.com

Predictive Maintenance

Sponsored by Kontron, National Instruments, Wind River ecast.opensystemsmedia.com/794

The Rise of the Robot Overlords Sponsored by Real-Time Innovations (RTI) ecast.opensystemsmedia.com/810

6 July/August 2018

CONTENT ASSISTANT Jamie Leland jleland@opensystemsmedia.com CREATIVE PROJECTS Chris Rassiccia crassiccia@opensystemsmedia.com PROJECT MANAGER Kristine Jennings kjennings@opensystemsmedia.com FINANCIAL ASSISTANT Emily Verhoeks everhoeks@opensystemsmedia.com SUBSCRIPTION MANAGER subscriptions@opensystemsmedia.com CORPORATE OFFICE 1505 N. Hayden Rd. #105 • Scottsdale, AZ 85257 • Tel: (480) 967-5581

REPRINTS WRIGHT’S MEDIA REPRINT COORDINATOR Wyndell Hamilton whamilton@wrightsmedia.com (281) 419-5725

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

HPC for Government and Defense

GPU and FPGA Accelerated Systems

GPUtlima-CI

Rack-scale datacenter systems

SWaP rugged deployable systems

- AI training - Threat simulation - Deep packet inspection

- SAAR - Threat detection - Signal Intelligence

(877) 438-2724

www.onestopsystems.com sales@onestopsystems.com

EDITOR’S PERSPECTIVE

Space Force and COTS procurement By John McHale, Editorial Director President Donald Trump recently called for the U.S. Department of Defense (DoD) to create a new branch of the U.S. armed forces, a Space Force, to deal with threats outside our atmosphere. The move, like many Trump announcements, created immediate controversy, with some critics opining that it’s a waste of money and others saying that militarizing a peaceful environment is a stroke of genius or long overdue. Put me in the “long overdue” camp. Within our industry, technology continues to be developed with cross-domain capability in mind. By domains I refer to air, land, sea, space, cyber, the electromagnetic spectrum, etc. While the electromagnetic spectrum and cyber are covered by the current branches of the DoD, space is mostly the territory of the Air Force Space command. Aside from cyber, where is the U.S. most vulnerable? I say it’s in the space domain, as U.S. security and its citizens’ way of life is incredibly dependent on satellites – from mobile phone use, to business transactions, to GPS navigation. If you want to cripple the U.S. quickly, just knock out its satellites. Not all the threats are nefarious in nature, either: There is a lot of space junk orbiting the Earth. For example, a tiny metal scrap from a blown-up satellite that hits a spacecraft at 30,000 mph could be as destructive as a bullet to a human at close range. That’s why the Space Fence radar is being funded. More security is needed in space. Yes, the U.S. has been conducting military missions in space for decades. However, a Space Force creates an organization with the sole focus of maintaining the security of U.S. interests in space, with budgets, training, personnel, and missions aligned accordingly. Regarding the Space Force critics, Doug Loverro, president of Loverro Consulting and former deputy assistant secretary of defense for space policy, wrote in a recent article on Space News that “Many of the president’s detractors pointed out, incorrectly, that the Outer Space Treaty reserves space for only peaceful purposes, but that’s just not true. It is true that the treaty specifically restricts the Moon or other celestial bodies for peaceful purposes, but it was intentionally silent with regards to outer space – simply because the two major signatories, the United States and the Soviet Union, were already using space for military applications and planned to continue to do so into the future.” Loverro covers the broader need for a Space Force with an excellent historical perspective in the piece, titled “Why the United States needs a Space Force,” available here: https:// spacenews.com/why-the-united-states-needs-a-space-force/.

8 July/August 2018

MILITARY EMBEDDED SYSTEMS

The Space Force announcement also dovetails with what has been a paradigm shift in military procurement. For most of the last few years following the budget cuts and sequestration headaches, the U.S. government has moved away from funding tech development and started budgeting based on mission priorities. If those priorities call for more research and development and faster turnaround times for tech solutions, it will be reflected in the requirements. That’s been the case for many terrestrial applications, from avionics to shipboard radar to electronic warfare (EW) solutions. These applications have the mission priority so they get the dollars, but suppliers of these are also required to add more capabilities and deliver them much quicker. The solutions area also features more COTS and is often based on open architectures. The space arena has been slower to adapt this procurement process, but that is changing – and quickly – as end users want enhanced capability now and are leveraging open standards and commonality to make it happen. Suppliers that provide these solutions are only going to see more opportunities – in both manned and unmanned applications – as a Space Force is assembled. In my mind, COTS is not an adjective used to describe quality, but rather is a procurement term. That is why COTS products sold and developed for space applications and sold to multiple programs are already flying in space. These are off-the-shelf parts, already qualified for space, that meet the DoD price requirements that COTS suppliers have been developing for years. This procurement change has been happening for years on the ground and today is affecting the military space market. DoD planners are now looking to see how they can drive costs down while maintaining quality in space platforms. DoD-backed open standards such as SpaceVPX – also known as VITA 78 and VITA 78.1 – are being funded primarily by industry. That codevelopment enables reduced life cycle costs while meeting performance and reliability targets. The U.S. Space Force – when it is fully stood up, organized, and deployed – will be leveraging solutions based on SpaceVPX and other standards for missions similar to those conducted terrestrially, such as intelligence, surveillance, and reconnaissance (ISR); radar; EW; and the like. Bet on it. www.mil-embedded.com

You Engineer the Future. We’ll Supply the Components... Today!

Largest Selection p Same-Day Shipping p Expert Technical Support p Armed with the world’s largest selection of in-stock, ready to ship RF components, and the brains to back them up, Pasternack Applications Engineers stand ready to troubleshoot your technical issues and think creatively to deliver solutions for all your RF project needs. Whether you’ve hit a design snag, you’re looking for a hard to find part or simply need it by tomorrow, our Applications Engineers are at your service. Call or visit us at pasternack.com to learn more.

866.727.8376 Pasternack.com an

company

CYBERSECURITY UPDATE

Majorana particles may block intruders on sensitive networks in the future

By Sally Cole, Senior Editor

The signature of the long-sought-after Majorana particle – a particle that has unusual properties believed to render it resistant to external interference – has been found by a group of researchers led by UCLA and funded by the U.S. Army. What they’ve found may just be the key to blocking intruders on sensitive communications networks in the future. Majorana particles, predicted more than 80 years ago by Italian theoretical physicist Ettore Majorana, could become critical building blocks for quantum computers. The group’s discovery solves a long-standing physics problem and also opens up a new way to control Majorana fermions (building blocks of matter) for achieving robust topological quantum computing, according to Joe Qiu, manager of the SolidState Electronics Program within the Engineering Sciences Directorate at the Army Research Office, an element of the U.S. Army Research Laboratory located in Durham, North Carolina. Quantum computers are of great interest to the U.S. Army because of their potential to solve problems much faster and more efficiently than classical computers. Quantum computers’ ability to process large amounts of data would enable significant improvements in situational awareness for warfighters. Prior experimental approaches based on semiconductor nanowires on superconductors “produced inconclusive signals that could also be attributed to other effects,” Qiu says. “The UCLA experiment using stacked layers of magnetic topological insulator and superconductor demonstrated the clearest and most unambiguous evidence of the Majorana particles as predicted by theory so far.” The group’s research leading up to the discovery of the Majorana particles involved a close interdisciplinary collaboration between a team of researchers including electrical engineers, physicists, and material scientists from UC, Irvine; UC, Davis; and Stanford University. Kang L. Wang, a UCLA distinguished professor of electrical engineering, physics, and materials science and engineering, as well as UCLA’s Raytheon Chair Professor of Physical Science and Electronics, led the work. “The Majorana particle is its own antiparticle – carrying zero electrical charge – so it’s viewed as the best candidate to carry a quantum bit, or qubit, the unit of data that would be the foundation of quantum computers. Unlike ‘bits’ of data in standard computers, which can be represented as either 0s or 1s, qubits have the ability to be both 0s and 1s, a property that would give quantum computers exponentially more computing power than today’s best computers,” explains Qiu. The Majorana particle is of interest for quantum computing largely because its neutral charge makes it resistant to external interference, which means it can leverage and sustain a quantum property known as “entanglement.” Entanglement allows two physically separate particles to concurrently encode information, potentially generating enormous computing power. You can imagine “bits of data in standard computers as cars traveling both ways on two-lane highways,” Wang says. “A quantum computer could have many lanes and

10 July/August 2018

MILITARY EMBEDDED SYSTEMS

many levels of ‘traffic,’ and the cars could hop between levels and travel in both directions at the same time, in every lane and on every level. We need stable, armored quantum ‘cars’ to do this, and Majorana particles are those supercars.” The researchers set up a superconductor (a material that allows electrons to flow freely across its surfaces without resistance) and placed above it a thin film of a new quantum material (a topological insulator) to give the engineers the ability to manipulate particles into a specific pattern. After sweeping a very small magnetic field across their setup, they found the Majorana particles’ distinct quantized signal: a telltale fingerprint that revealed a specific type of quantum particles within the electrical traffic between the two materials. These particles “show up and behave like halves of an electron, although they aren’t pieces of electrons,” says Qing Lin He, a UCLA postdoctoral scholar and one of the lead researchers. “We observed quantum behavior, and the signal we saw clearly showed the existence of these particles.” In their experiment, Majorana particles traveled along the topological insulator’s edges in a distinct braid-like pattern. The next step, the researchers say, is to explore the use of Majorana particles in quantum braiding, in effect to “knit them together” to enable information to be stored and processed at super-high speeds. The Majorana particles’ unique properties appear to make them “especially useful for topological quantum computers,” says Lei Pan, a UCLA doctoral student in electrical engineering who is one of the lead researchers. “While conventional quantum systems have sophisticated schemes to correct errors, information encoded in a topological quantum computer cannot be easily corrupted.” www.mil-embedded.com

MIL TECH INSIDER

Bringing VxWorks support to Intel Xeon D-based EW systems By Denis Smetana An industry perspective from Curtiss-Wright Defense Solutions The advantages that the Intel Xeon processor D-1500 product family brings to compute-intensive embedded electronic warfare (EW) system designs is clear. These 8-/12-/16-core devices deliver enhanced performance at low power, making them suitable for use on rugged open-architecture modules designed for deployment in harsh environment applications including electronic warfare (EW) and command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR). These system-on-chip (SoC) devices make large numbers of x86 processing cores readily available for embedded defense applications. Embedded EW system designers haven’t optimized the Xeon D processor’s many performance advantages in a Wind River VxWorks operating environment. No board support packages (BSP) provided software drivers to access the Xeon D’s QuickData Technology DMA engine, which frees the multicore processor from devoting critical resources to communications handling. In the same way, no software drivers supported 40 Gigabit Ethernet (GbE) using Mellanox Ethernet controllers. High throughput, low latency, and determinism are all associated with the real-time performance required by sensor processors. The unavailability of software drivers necessarily drove system designers to turn to Linux, which, unlike VxWorks, is not a true real-time operating system (RTOS). For EW applications, many of which require highly accurate task handling down to the nanosecond, the robust determinism of VxWorks delivers precise timing and tight controls. In contrast, Linux supports less accurate probabilistic timing. With an architecture designed to support math-intensive processing and very-high-bandwidth data transfers, Xeon D enables advanced cognitive EW applications to operate in small size, weight, and power (SWaP)-constrained platforms. During the last five to ten years, while field-programmable gate arrays (FPGAs) have dominated EW system development, Intel processors were limited to a maximum of four cores. Until recently, x86-based general-purpose processors were used in EW systems only to provide system management or to handle the man-machine interface. The Xeon D, with its expanded multicore architecture – delivering four, 12, or 16 cores – enables the use of x86 devices as active participants in the prosecution of RF emitter stacks. Even better, because these devices are available in ball-grid-array (BGA) packages, their entire bottom surface can be used for interconnection pins, which is necessary for high-bandwidth operations for EW applications. Also, each of the Xeon D cores is supplemented by a powerful AVX2 SIMD [single instruction, multiple data] engine, which delivers enough processing power to execute www.mil-embedded.com

›

Figure 1 | Curtiss-Wright’s Intel Xeon D processor-based CHAMP-XD1 and CHAMP-XD2 DSP modules are designed for use in VxWorks-based EW applications.

the complex decision-making and high-bandwidth DSP math needed to run sophisticated EW algorithms. The Xeon D’s QuickData Technology DMA engine is used to push data between multiple Xeon Ds – or to talk to GPUs or FPGAs – without having the Xeon D handle the communications burden. This arrangement enables data to be moved around with PCI Express or Ethernet without taxing the Xeon D, which instead is able to keep working undisturbed on the radar or other EW application while the DMA handles all of the lowlatency, high-speed throughput transmissions. Typically, without software driver support for the DMA engine, these communications chores would require the use of entire processor core, as well as some of the available memory bandwidth. By making it possible to use the VxWorks operating environment on solutions architected with the supercomputerclass Xeon D devices, EW system designers are able to leverage millions of previously developed lines of VxWorks software code, protecting their investment and eliminating the need to migrate to a different operating environment. An example of software drivers that enable Xeon D-based high performance embedded computing (HPEC) systems for ISR applications to use VxWorks are some recently introduced new software drivers included in the Curtiss-Wright BSPs for use with Xeon D-based CHAMP-XD1 3U OpenVPX and CHAMP-XD2 6U OpenVPX DSP modules. When running VxWorks, these cards can deliver 40 GbE rated at ~37 Gbps, near line rate. (Figure 1.) Denis Smetana is senior product manager, FPGA products, for Curtiss-Wright Defense Solutions. Curtiss-Wright Defense Solutions www.curtisswrightds.com

MILITARY EMBEDDED SYSTEMS

July/August 2018 11

DEFENSE TECH WIRE NEWS | TRENDS | DOD SPENDS | CONTRACTS | TECHNOLOGY UPDATES By Mariana Iriarte, Associate Editor NEWS

U.S. Army awards Lockheed Martin $364 million contract for ATACMS missiles

AFRL taps MacB to conduct and advance research on advanced sensors, EW technologies

Lockheed Martin recently won a $364 million production contract for Army Tactical Missile System (ATACMS) missiles to be supplied to the U.S. Army and a Foreign Military Sales (FMS) customer. The program will enable the military services to upgrade their existing Block 1 missiles with new technology and double their range, while extending the missiles’ useful life by more than 10 years and providing the most updated surfaceto-surface missile capability.

Officials at the Air Force Research Laboratory (AFRL) Spectrum Warfare Systems Engineering Branch (RYWD) tapped MacAulayBrown, Inc. (MacB) for the Effective Sensor Technology Evaluations and Enabling Methodologies (ESTEEM) program task order, under which engineers will develop and mature research methodologies for rapid assessment of advanced sensors and electronic warfare (EW) technologies.

The new ATACMS rounds will be produced at Lockheed Martin’s Precision Fires Production Center of Excellence in Camden, Arkansas, which also handles the Service Life Extension Program (SLEP) for the missiles. Under the terms of this contract, all missiles are scheduled for delivery by January 2021.

Under contract, MacB will conduct research assessments and evaluations of advanced sensors and EW technologies via AFRL’s Sensors Directorate, the Integrated Demonstrations and Applications Laboratory’s (IDAL) real-time synthetic battlespace simulation. MacB’s initial contract value is $9.6 million over a five-year period. Work will be performed at Wright-Patterson Air Force Base and MacB corporate headquarters in Dayton.

Navy, Moback sign CRADA to pursue AR/VR tech for fleet readiness Developer of cloud-based augmented-reality (AR) computing and experience platforms Moback, Inc. is collaborating with the Naval Surface Warfare Center, Port Hueneme Division (NSWC PHD) to research and investigate specialized augmented- and virtual-reality (AR/VR) capabilities to enhance fleet readiness for the U.S. Navy. Figure 1 | The Army Tactical Missile System (ATACMS) is a conventional surface-to-surface artillery weapon system capable of striking targets beyond the range of existing Army cannons, rockets, and other missiles. Photo courtesy of Lockheed Martin.

U.S. Army signs $33.8 million contract for tactical ground vehicles

Representatives of NSWC PHD and Moback formalized the partnership efforts through a cooperative research and development agreement (CRADA) that will focus on AR/VR technology tosupport naval training, maintenance, life cycle engineering, and product support. Future integration is targeted for longdistance support of shipboard technology and combat weapons systems as well as improved training efforts for the fleet.

General Dynamics Ordnance and Tactical Systems won a $33.8 million contract from the U.S. Army Contracting Command to produce Army Ground Mobility Vehicles (AGMV) and associated kits. The AGMV – based on the GMV1.1 vehicle General Dynamics is currently supplying to the U.S. Department of Defense – is designed to carry an airborne infantry squad and has a payload capability of over 5,000 pounds. It shares approximately 90 percent of its parts with the GMV1.1 and meets the same strategic-lift requirements. The AGMV, says General Dynamics, can be modified to accept already developed kit configurations such as remote and manned turrets, armor, and arctic kits. The contract is estimated to be completed by March 2019.

12 July/August 2018

MILITARY EMBEDDED SYSTEMS

Figure 2 | Moback, Inc. Chief Executive Officer, Devkumar Gandhi (right), signs a cooperative research and development agreement with Naval Surface Warfare Center, Port Hueneme Division (NSWC PHD). Pictured from left to right: NSWC PHD Computer Engineer Liping Chen; Moback, Inc., Product Development Lead, Sidhant Gandhi; NSWC PHD Commanding Officer, Capt. Ray Acevedo; NSWC PHD Science and Innovation Technology Lead, Mark Jue; and Gandhi. Photo courtesy of the U.S. Navy/Marco Hinahon.

www.mil-embedded.com

NEWS

Chinook Block II helicopter program moves to final assembly

Autonomous technology headed to the battlefield thanks to U.S. Army, Oshkosh deal

Boeing and U.S. Army officials report that the CH-47F Block II Chinook helicopter program recently passed a major milestone with the loading of the first engineering and manufacturing development (EMD) helicopter into final assembly on June 27.

Oshkosh Defense, an Oshkosh division, won a $49 million contract from the U.S. Army Tank Automotive Research, Development, and Engineering Center (TARDEC) to integrate existing palletized load system (PLS) vehicles with scalable autonomous technology as part of the U.S. Army’s Expedient Leader Follower (ExLF) program.

The Block II program – awarded to Boeing in July 2017 for the next-generation Chinook for the U.S. Army conventional and Special Operations Forces – consists of several aircraft upgrades to increase lift capability, an upgraded fuselage, new fuel system, and new drive train. These updates greatly increase the commonality between U.S. Army and allied fleets, thus reducing maintenance costs. Chuck Dabundo, vice president, Boeing Cargo Helicopters and H-47 program manager, says that the Block II upgrades are expected to help keep Chinooks in operation for the U.S. Army into the 2060s. The first Block II aircraft is targeted for completion in 2019, with flight tests scheduled shortly thereafter; first delivery is expected in 2023.

The ExLF program, according to Oshkosh company materials, removes soldiers from the vehicle while it operates in highly contested areas. The to-be-installed autonomous technology was designed to operate in a variety of modes, including leaderfollower, fully autonomous, and teleoperation, in a bid to support either manned or unmanned operations. Under the terms of the contract, Oshkosh will initially integrate 70 autonomy kits for Program Development and Operational Technical Demonstrations (OTD); the contract also has an option for the Army to procure up to 150 autonomy kits. Pat Williams, vice president and general manager of Army and Marine Corps programs for Oshkosh Defense, stated, “By equipping these vehicles with autonomous capabilities, we can significantly reduce our soldiers’ exposure to enemy threats by taking them out of the vehicle altogether.”

U.S. Department of the Interior awards first-ever contract for small UAS services

Figure 3 | Boeing recently loaded the first CH-47F Block II model into final assembly. The Block II program is a modernization effort for U.S. Army and special operations Chinooks. Photo courtesy of Boeing.

U.S. Army will use L3’s next-gen night-vision binocular goggles L3 Technologies has been awarded a three-year, $391 million contract from the U.S. Army Contracting Command to provide soldiers with next-generation binocular night-vision goggles to enhance mobility for ground forces.

Unmanned systems and software company Insitu, a whollyowned subsidiary of Boeing, has won a first-of-its kind contract from the U.S. Department of the Interior (DOI) to provide firesuppression services within the contiguous 48 states and Alaska using its ScanEagle unmanned aircraft system (UAS). Under the terms of the contract, Insitu is set to support manned aerial operations for the DOI including fire suppression, search and rescue, emergency management, and other operations on an as-needed basis. According to information from Insitu, the ScanEagle UAS will be equipped with infrared and electrooptical cameras, sensors, and a customized TK-5 Firewatch smart tactical mapping payload.

L3 officials state that the Enhanced Night Vision Goggle – Binocular (ENVG-B) includes L3’s high-performance white phosphor image-intensification technology in a dual-tube goggle, together with a separate thermal channel for image fusion and thermal target detection. These technologies are aimed at enabling troops on the ground to better locate and engage threats and access common operating environment imagery. The ENVG-B will also include a new high-resolution display and an embedded soldier wireless personal area network, rapid target acquisition, and augmented-reality algorithms to interface with the U.S. Army’s Nett Warrior situational-awareness system. www.mil-embedded.com

Figure 4 | The ScanEagle is equipped with infrared and electro-optical cameras, sensors, and a customized TK-5 Firewatch smart tactical mapping payload. Photo courtesy of Insitu.

MILITARY EMBEDDED SYSTEMS

July/August 2018 13

NEWS | TRENDS | DOD SPENDS | CONTRACTS | TECHNOLOGY UPDATES NEWS

Navy completes KC-130J weapon test with Harvest Hawk configuration

Contract signed with Kratos to enable government satellite users to roam

U.S. Navy officials announced that its Tactical Airlift Program Office (PMA-207) Integrated Warfighting Capability (IWC) Weapons team completed a five-week developmental and integrated test (DT/IT) live-fire event using a newly configured KC-130J with the Harvest Hercules Airborne Weapons Kit (HAWK) Plus (HH+) installed. The results, say the Navy, showed that the HH+ completed multiple sorties, demonstrating successful strikes on both fixed and moving targets.

Kratos Defense & Security Solutions, Inc., under its Kratos RT Logic subsidiary, won an award from the U.S. Air Force Space and Missile Systems Center, MILSATCOM Systems Directorate, Advanced Concepts Division, for the Pilot Phase 2 program that will develop an enterprise solution to increase the capacity and resiliency of wideband satellite communications (SATCOM).

The live-fire test, conducted at Naval Air Weapons Station China Lake (southern California) also included four dedicated tactical integration flights to support operational test objective in conjunction with the weapons tactics instructor course at Marine Corps Air Station Yuma (Arizona). The HH+ mission was launched to provide the U.S. Marine Corps with extended endurance multisensor imagery, reconnaissance, and on-call close air support capabilities. The HH+ is an upgrade to the original Harvest HAWK roll-on, roll-off precision strike package weapons system.

Under the terms of the $2.6 million contract, Kratos officials say that the company will develop and implement a system under which government satellite users will be able to roam, similar to the way cell phone users roam through multiple cellular networks. Kratos is set to develop a flexible modem interface (FMI) that enables secure communications across multiple operator networks in multiple frequency bands, using diverse waveforms and modems. Kratos will also demonstrate a prototype government network operating center (GNOC) function that responds to user requirements and service provider capabilities; the GNOC will interface to SATCOM gateways and remote terminals, provide situational awareness, and mitigate threats.

Rockwell Collins gets go-ahead for detailed design work on Navy tactical training tool Rockwell Collins has completed the Preliminary Design Review (PDR) of the Tactical Combat Training System Increment II (TCTS Inc. II) program it undertook with the U.S. Navy and has obtained approval to begin detailed design work on the system. The TCTS Inc. II program will replace the Navy and Marine Corps training range infrastructure and enhance training across all squadrons and fleet forces, say Rockwell Collins officials. Figure 5 | A KC-130J configured with the Marine Corps Harvest HAWK Plus weapons system fires a Hellfire missile during a developmental and operational test. Photo courtesy of the U.S. Navy.

Rockwell Collins announced its initial $142 million award for TCTS Inc. II in 2017, acting as the prime contractor and systems integrator for the air combat training system, with collaboration and support on the contract from Leonardo DRS.

Army looks to upgrade 116 Stryker vehicles to the A1 configuration U.S. Army officials modified an existing contract with General Dynamics Land Systems to upgrade 116 Stryker flat-bottom vehicles to the Stryker A1 configuration. The modified contract is worth $258 million. The Stryker A1 builds on the previous Double-V Hull (DVH) configuration, providing survivability capabilities against mines and improvised explosive devices. In addition to the DVH sÂ urvivability, the Stryker A1 features a 450-horsepower engine, 60,000-pound suspension, 910-amp alternator, and in-vehicle network. Work will be performed in Lima, Ohio; Anniston, Alabama; Tallahassee, Florida; and Sterling Heights, Michigan; the estimated completion date is March 2020.

14 July/August 2018

MILITARY EMBEDDED SYSTEMS

Figure 6 | TCTS Inc. II is also interoperable for joint and coalition training with fourth- and fifth-generation platforms and aligns with industry software standards such as the FACE Technical Standard and Software Communications Architecture (SCA). Photo courtesy of Rockwell Collins.

www.mil-embedded.com

MILITARY & AEROSPACE INTERCONNECTS AT THE READY

From high volume production, to low-volume customized products, MilesTek is your source for Military, aerospace, communications and industrial interconnect solutions. With quick turnaround and same-day shipping from our stock of over 10,000 high reliability products, MilesTek is at the ready to help meet your project deadlines.

The MilesTek Advantage: • Large In-Stock Inventories • Same-Day Shipping • Prototype Development • CAD Design Capabilities • Multiple Testing Solutions • Expert Technical Support

• AS9100 Certified • SO 9001:2008 Registered

866-524-1553 • MilesTek.com

Special Report CYBERWARFARE TECHNOLOGY

Cyberattack attribution: Is it actually a deterrent? By Sally Cole, Senior Editor As the U.S. Department of Defense (DoD) builds up its cyberwarfare programs, what sorts of cyber ops are North Korea and other nation-state adversaries focusing on? Does attribution or admission of responsibility actually act as a deterrent to other would-be cyberattackers?

The incidence of cyberwarfare – akin to guerrilla warfare, used primarily to prevent and disrupt electronic communications that support combat operations – continues to mount, so the DoD is ramping up its cybercapability and screening capacity. Two programs in particular, the DoD Cyber Command unified platform and the Army-led persistent cybertraining environment, are gearing up to further gird the U.S. and its military against further cyber incursions. To give you a hint of what the Pentagon’s up against just in terms of inbound email, officials at the Defense Information Systems Agency (DISA) say that the agency receives and scans on the order of 36 million malicious emails each day from hackers attempting to gain access to military systems. “Cyber Command’s unified platform is the place that members of the cyber mission force go to work. It’s more akin to a system of systems that integrates current

16 July/August 2018

tools that have been in use by the cyber mission force,” says Bill Leigher, director of Raytheon’s government cybersecurity solutions business and a retired U.S. Navy rear admiral. “The persistent cybertraining environment program unifies what so far has been disparate service training into unified joint training that’s adaptable to all four services across the entire cyber mission force. It provides skills enhancement, but also experimental and rehearsal environments to develop new cybertechniques. This is a huge step forward in how cyber is maturing within the DoD.” (Figure 1.) While it’s easy to “take for granted that cyber is high tech and must be great, the truth is that it’s a force less than 10 years old and barely – as of this year – has all of the right people in place,” Leigher notes. “If you compare it to another domain and go back to World War I, air-to-ground warfare was literally a pilot leaning out of an open cockpit and dropping a grenade. But by the middle of World War II, we had very sophisticated bomb sights and training and procedures for using them. We need to keep in mind that this cyberforce is still very young and early in its development lifetime.” North Korea’s cyber ops North Korea – under intense scrutiny right now for its nuclear weapons development program – also is thought to be getting ready to mount more cyberoperations. “Since the Sony attack in 2014, and their ongoing operations against South Korean power stations in 2013 and 2014, we haven’t seen a lot of development of specific disruptive or destructive capabilities from North Korea,” says Priscilla Moriuchi, director of strategic threat development for Recorded Future, a real-time cyberthreat intelligence provider. “But it’s likely that they’re developing them.”

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

“If you look at reports about their actual cyberoperations during intrusions, you could make the argument quite easily that North Koreans are using and exploiting U.S. technology every step of the way. They’re exploiting Windows machines to use as command and control servers, and Cisco routers to get into victims’ networks; it would be more of a story if North Korea could do all of this without any U.S. hardware or software.” Dual-use technology sales to China for military technology are regulated via export controls “because we don’t ever want U.S. technology to be used against our sailors and soldiers in a conflict,” Moriuchi says. “These dualuse technology regulations are also in place because the U.S. government doesn’t want to subject U.S. companies and entities to cyberattacks using U.S. technologies. So we need to figure out ways to restrict North Korea’s use of U.S. technologies – if the U.S. government is serious about stopping it.”

Perhaps not surprisingly, North Korea relies heavily on U.S. technology for its internet and network operations. “The amount and variety of U.S. software and hardware we found indicates that a large percentage of it is U.S.-manufactured,” Moriuchi says.

›

Figure 1 | Personnel of the 624th Operations Center, located at Joint Base San Antonio – Lackland, conduct cyberoperations in support of the command and control of Air Force network operations and the joint requirements of Air Forces Cyber, the Air Force component of U.S. Cyber Command. (U.S. Air Force photo/William Belcher.)

www.mil-embedded.com

U.S. export controls for technology aren’t as useful as they are for other areas, though. “A broad segment called ‘computers and electronic products’ covers everything you can manufacture that has a chip in it,” she adds. “And the number of manufacturers is so widespread that, in many cases, it’s impossible to know who the end user will be. Export controls work for some things, but for technology it’s not been overly successful.” While North Korea seems isolated and limited in terms of what it can do with technology and science, by examining its leadership’s internet activity and looking broadly at cyberoperations and the types of criminal activities they’re engaging in to generate revenue, Moriuchi and colleagues have found that while North Korean hackers can easily adapt a new technology or exploit, they are quick to abandon efforts that aren’t successful. “They’re also at the cutting edge of technologies supporting cryptocurrencies, which they exploit by finding weaknesses that they can use to their advantage,” she says.

MILITARY EMBEDDED SYSTEMS

July/August 2018 17

Special Report

CYBERWARFARE TECHNOLOGY

Attack attribution The U.S. moves faster today to push attribution of and indictments for cyberattacks than it has in the past. This policy began shortly after the attack on Sony in 2014, which was pinned on North Korea. “At the time, there was an undercurrent of ‘what a waste of time this is’ on blogs and social media, but the behavior we’ve seen since tells us that it has a deterrent effect,” Leigher says. There’s likely “much more discussion at the policy level to release attribution faster than we would have had five years ago,” Leigher adds. “Releasing attribution facts as a policy is aggressive because it sends the message: ‘We know you’re out there and are going to call you out on it every time – you’re not as good as you thought.’ It’s a much more aggressive approach than when I retired from the Navy 4.5 years ago.”

Innovation

That Enables Supercomputing.

In a May 2018 attack against a bank in Chile – which hasn’t been attributed yet to the malicious actor – attackers looted $10 million by deploying a master boot record wiper that destroyed records of numerous thousands of computers and servers in an attempt to hide the theft from that bank from the interbank transfer system. “A lot of the TDTS [tactical data transfer system] fits with the North Korean operations, but we hadn’t seen them conduct this type of destructive attack against a bank before,” Moriuchi says. North Korea appears to be increasing its development and use of zero-day exploits, she points out, which exploit flaws or software/hardware vulnerabilities via malware before a developer has time to create a patch to fix it. (Figure 2.)

Visit tms.mrcy.com/hpc or email tms@mrcy.com

Themis RES-NT2 Accelerate your Mission with Double Precision Processing

For SIGINT, Radar, and Video Surveillance Applications • Up to four NVIDIA® Tesla GPGPU / GRID cards • Extended temperature operation, MIL-STD 810G • Short Depth: 20”, 23”, 25”

18 July/August 2018

North Korea’s cyberattacks and intrusions tend to be “designed to generate revenue for the regime,” Moriuchi explains. “While difficult to attribute, there are a number of unique fingerprints to North Korean activity, such as the way they write and compile their malware.”

MILITARY EMBEDDED SYSTEMS

“Within the past three months, there have been two or three zero-days reported against South Korea targets,” Moriuchi says. “That’s quite unusual for North Korea actors; not to say they can’t discover their own zero-day vulnerabilities and develop exploits. But they more typically reuse vulnerabilities discovered by others. It may be an indication that North Korea is changing its tactics slightly, but in terms of cyberwarfare the information is a bit more limited within the public sphere.” North Korea: We work alone While some nations collaborate with others to conduct cybermissions, experts say that is unlikely North Korea is working with other countries due to the closed-off nature of its culture. “We’ve never come across any evidence that North Korea’s state-sponsored hackers are working with other nations,” Moriuchi says. “But most of their operations are conducted from facilities outside of North Korea. We don’t believe www.mil-embedded.com

trained and knowledgeable about their country’s cyber and military operations, but what they’re doing is illegal. “China has computer-use laws, so if China finds and arrests North Korean hackers they could easily end up in prison,” Moriuchi points out. “North Korea conducting its operations overseas is very unusual, as opposed to just compromising infrastructure in countries overseas, which is what most nations do.”

›

Figure 2 | North Korea, already under intense scrutiny for its nuclear weapons development program, is also believed to be readying cyberattacks.

that China, which has many of these bases operating within its territories, is working with North Korean hackers or is training or supporting them in any way. They’re in a very plugged-in society, with people who are tech-savvy, which helps them to be more adaptable than if they were operating from North Korea.” Conducting operations within other countries is a huge risk for North Korea, because its cyberoperators must be

www.mil-embedded.com

One sign that attack attribution “naming and shaming” is paying off lately is that China has started increasing its use of “commodity malware.” This is malware that’s “more or less open source, so it’s available to a wide range of users,” explains Moriuchi. “Chinese threat actors are taking that malware and tweaking it a bit to tailor it to their needs and then using that instead of writing a highly customized piece of malware themselves – basically a signature of their activities. Using commodity malware and exploiting tools on computers already – frankly, Microsoft PowerShow and things like that – helps them avoid detection and attribution. It’s an interesting technique.” As far as Russia is concerned, the full scope of cyberintrusion is still to be seen. “They haven’t stopped any of their influence campaigns targeting the U.S. or Western countries,” she says. “We’ve seen them spread destructive malware via home routers. It’s a diversified and simple attack that doesn’t necessarily affect the end users, but attackers can use it to monitor communications as well. There are so many dimensions when we’re talking about really large, well-funded nation-state operators. There aren’t many things they aren’t into.” Nation-state capabilities Consider this: Nation-states can be broadly – in myriad ways – organized by their cyber capabilities: “Countries like the U.S., U.K., China, and Russia are full-scope actors with a full range of cyber capabilities, ranging from generic script kiddies and phishing

MILITARY EMBEDDED SYSTEMS

July/August 2018 19

Special Report to disruptive cyberattacks, supply-chain threat capabilities, and funding and resourcing,” says Moriuchi. North Korea can’t quite be categorized as a full-scope actor “because they don’t possess a supply chain threat capability,” she explains. “But North Korea is a formidable adversary. They’ve demonstrated a willingness to invest months and months at a time for a single operation to develop malware for a specific piece of software or an end-user network they want to target. They can be very patient and be in networks for months, gathering information before doing anything, and they’re good at reconnaissance. They do, however, make some mistakes in the way they write their malware and code, leaving fingerprints behind. But no one is flawless, and every time we think we have a handle on them they go develop something different.” North Korea’s hackers have a reputation for excelling in competitions. But “our own

CYBERWARFARE TECHNOLOGY

competitive hacking competitions, like Black Hat, are optimized for that particular competitive environment,” Leigher says. “Capture-the-flag games, which most of these competitions are called, aren’t exactly like cyberwarfare, so you’ve got to try to measure things with an equal yardstick. If you had the opportunity to go look at some of our nation’s best [hackers], you’d find that they’re every bit as capable as the best hackers at these events – if not more.” The bottom line: Cyberwarfare’s price of admission is much lower than that of kinetic warfare, where combatants need weapons systems like a Joint Strike Fighter, Tomahawk weapons systems, and advanced infantry fighting vehicles, points out Leigher. It’s “just a different kind of warfare,” he says. Expect to see AI play a bigger role in cyberwarfare Artificial intelligence – already playing a key role in cyberwarfare – is expected

to expand its domain. “Applications for machine learning can help us get a better picture of enterprise IT environments so that we can make much faster decisions about what it takes to defend really large network environments,” Leigher says, “because the massive number of DoD penetration attempts on a daily basis far outstrips the capacity for humans to deal with it.” Leigher says he expects models developed from AI to provide much more predictive capability into what’s going to happen to the network. “My kinetic world analogy is that undersea you use sonar, on the surface you use a radar, but cyber really has no sensor that gets beyond their immediate platform,” he notes. “Models of what’s happening within the broader internet environment will eventually fill the gap of not being able to predict the environment outside of your own network, the way that we take for granted within every other warfighting domain.” MES

OpenSystems Media works with industry leaders to develop and publish content that educates our readers. The Future of Armament Test Systems By United Electronic Industries (UEI) The new Common Aircraft Armaments Test Set (CAATS) – the replacement for the 25-year old Common Rack and Launcher Test Set – developed by prime contractor Science Applications International Corporation (SAIC) will be the new standard to test today’s smart armament systems. CAATS is designed both to ensure successful test/deployment and to troubleshoot various military armament and munitionsrelated equipment in a go/no-go fashion. In this white paper, read how UEI hardware and I/O solutions enable rugged operation, I/O flexibility, and longevity for armament systems under test using CAATS.

Read this paper at http://ow.ly/vhQv30kUueF 20 July/August 2018

MILITARY EMBEDDED SYSTEMS

Read more white papers: http://mil-embedded.com/white-papers/ www.mil-embedded.com

RUGGED SERVERS, ENGINEERED TO SERVE.

THE WORLD’S MOST

ADVANCED

THUNDER S422

RUGGED SERVER 4.25

11.6 7.75”

Dual Intel® CPUs

Up to

Fat Pipes/Inter-rack

Add-in PCIe 3.0 Co-Processor

2x Xeon E5 v4

Packet Switch/Indv. Subnets

Single/Multi-mode Fiber

via Full-size PCIe card

44 cores ®

20x 10 GbE

2x 40 GbE

GPGPU cores

GMS PATENTED

KEY FEATURES - Dual socket Intel Xeon E5 v4 CPU up to 22 cores (E5-2699RV4) ®

- Hyper-Threading on each core for total system with 88 logical cores - Supports up to 1024 GB of DDR4 RAM with ECC (512 GB per CPU) - Up to two fixed M.2 for OS boot or storage (Optionally used for I/O) - 20x ports of 10 GbE ports (enterprise switch or segregated subnets) - Two removable 2.5” SATA or NVMe SSDs behind EMI/IP-rated door - GMS FlexIO™ x16 PCIe Gen 3.0 at 8 Gbits/s fabric expansion architecture for inter-chassis co-processor sub-rack - SSD drives support optional encrypt/Secure Erase/Write Protect

-40° to +85° C

Extended Temperature Full Operation w/out Throttling

GMS

GENERAL MICRO SYSTEMS, INC. TRUSTED AND DEPLOYED SINCE 1979

(800) 307-4863 / GMS4SBC.COM All General Micro Systems, Inc. products are proudly designed and manufactured in the U.S.A.

Special Report CYBERWARFARE TECHNOLOGY

The state of cyber resiliency metrics on embedded systems By David Sheets

The ability of an embedded system to identify, prevent, and respond to cyberattacks intended to disrupt its operational capabilities is defined by measuring its level of cybersecurity and cyber resiliency. The concept of cyberattacks can refer to either electronic warfare (EW) like signal jamming or to cyberwarfare, for example, such as sending malformed packets to disrupt the system. How do the metrics used to measure a system’s cyber resiliency relate specifically to embedded systems, and what are the special considerations that embedded-system designers must undertake when applying cyber resiliency metrics? First, it’s important to understand that metrics are a means to an end. Because there are costs associated with obtaining, measuring, and evaluating cyber resiliency metrics, those costs must be offset by the benefits gained from the data the metrics deliver. To optimize cybersecurity, the resulting metrics should enable decision-makers to perform the cost/benefit analysis needed to define a system’s cyber resiliency requirements. Metrics should also enable the designer to make comparisons between cyber resiliency capabilities and perform appropriate risk assessments for cyber resilient systems. The difficulty of measuring cyber resiliency Measuring a system’s cyber resiliency is not that simple. For example, many aspects of cyber resiliency are hard to quantify, even when examined individually. Further complicating the evaluation

22 July/August 2018

of a system’s cyber resiliency is that the same metric might be prioritized differently depending on the system or program requirements. For this discussion, let us start with the agreement that at its core, cyber resiliency is the ability of the system to continue operating exactly as intended, even in the face of cyberattack. Among other aspects, cyber resiliency may include ensuring the confidentiality of data. There are multiple potential ways to measure a system’s capability to ensure continued operation as intended. Examples include measuring the system’s ability to identify anomalous behavior, measuring its ability to respond when anomalous behavior is detected, and measuring the ability of the system to prevent anomalous behavior from occurring in the first place. All of these measurements are extremely difficult to quantify, however, for any sufficiently advanced technology. Modern processing systems have numerous interrelated subsystems that must work together in exactly the right way to maintain their operational state. This reality makes the challenge of quantifying the entire set of possible operational states unfeasible. Even if the entire set of correct operation could be identified, defined, and enumerated, it would still be impossible to relate that set to the larger set of possible anomalous states with all possible transition paths defined. This means that cyber resiliency metrics are unlikely to become a single number that identifies and quantifies the security of a particular system. Instead, individual elements of cyber resiliency must be analyzed to determine how they relate to a specific system’s operational environment.

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

system. Some of the controls within RMF contain language that mandates how metrics need to be defined and provides a broad outline of what that metric is tracking. (Figure 1.) Although the RMF does not define these metrics in detail, it does help to define the types of metrics that are important. Some of the RMF controls and associated referenced metrics include

›

Furthermore, cyberattacks are constantly evolving. Approaches for cybersecurity that might have been deemed sufficient and proper at one point in time may later be revealed to be vulnerable to attack. Metrics for cyber resiliency can only be as good as the current state of the art in assessment capabilities. Because they are based on a contemporary understanding of possible attacks, these metrics must be constantly reevaluated and reassessed as new vulnerabilities and threats become understood. Already defined frameworks and metrics The state of metrics and assessment for cybersecurity and resiliency is a work in progress. Some very useful work has been published by the National Institute of Standards (NIST) related to the security engineering process and the defining of frameworks to allow for the evaluation of the cyber resiliency of systems. Important documents published by NIST include the Risk Management Framework (RMF) NIST Special Publication 800.73, and the associated publications 800.53 and 800.53A, that define security and privacy controls and how to assess those controls for federal information systems. www.mil-embedded.com

Figure 1 | This Risk Management Framework for measuring cyber resiliency is based on the NIST model. Illustration courtesy Curtiss-Wright.

These NIST documents help define the RMF process, lay out which security controls to apply to systems, and determine how to assess those security controls. While the RMF process does not define metrics per se, it does create a framework for designing, categorizing, and assessing the security of information systems. With some tailoring for embedded systems, it can provide a workable framework in which to define the metrics of cyber resiliency for a

›› CA-7 Continuous Monitoring: Organizations develop their own metrics to be continuously monitored ›› CP-2 Contingency Plan: Objective metrics for recovering from a cyber incident ›› CP-10 Information System Recovery and Reconstitution: Metrics for returning to operational status ›› IR-8 Incident Response Plan: Metrics to measure incident response ability ›› PM-6 Information Security Measures of Performance: Metrics to assess effectiveness of security controls ›› SA-15 Development Process, Standards, and Tools: Metrics to assess development quality

LIGHTER, SMALLER, MORE DURABLE CONNECTORS FOR ANY APPLICATION

WWW.OMNETICS.COM | SALES@OMNETICS.COM MILITARY EMBEDDED SYSTEMS

July/August 2018 23

Special Report

CYBERWARFARE TECHNOLOGY

These RMF-defined metrics provide insight into some aspects of cyber resiliency that are most important to measure, such as the ability to monitor, respond, recover, and restore operational status, along with the ability to measure effectiveness and development quality. Unfortunately, effectiveness – which is probably the most interesting metric at the moment – is the least clearly defined in the RMF. The measure of a cyber resilient system’s effectiveness should quantify how well that system can resist any proposed cyberattack. Because of the constantly changing nature of cyberattacks, and the almost limitless number of possible attack scenarios, the metric for effectiveness will almost certainly need to be defined through analysis. Such an analysis requires enumerating all attack scenarios, along with probabilities of success against a given system. The bad news is that today, this type of analysis is both difficult and costly.

Dawn Powers VPX Dawn’s PSC-6238 VITA 62 compliant 3U VPX Power Supply for conduction cooled systems is designed to operate in a military environment over a wide range of temperatures at high power levels. Up to 800 Watts available power. Onboard embedded RuSH™ technology. Switchable Battleshort and NED functions.

Dawn is the leader in VITA 62 compliant power supplies for the mission critical market. Wide range of standard features, highly configurable through custom firmware.

Rugged, Reliable and Ready.

You need it right. You want Dawn.

(510) 657-4444 dawnvme.com 24 July/August 2018

MILITARY EMBEDDED SYSTEMS

Drilling down The RMF provides a high-level framework in which cyber resiliency can be designed and assessed for a system. In contrast, NIST publishes Security Technical Implementation Guides (STIGs) that operate at the lowest level, with each STIG defining a set of specific controls for a specific system in order to harden it against cyberattack. The document NIST SP 800-70 provides guidance on developing and using STIGs; the set of individual STIGs can be obtained from the NIST and DISA [Defense Information Systems Agency] websites. STIGs do not address metrics directly but instead provide guidance on how to properly configure a system to maximize cybersecurity. But applying STIGs to a system does provide an opportunity to measure cyber resiliency. As STIGs get applied to a particular system, there may be controls/guidance that cannot be applied or followed because of system functional requirements or because of the system’s technical limitations. A cyber resiliency metric used to measure system “hardness” could include the number of successfully applied STIGs, as well as the number of unapplied controls based on the control severity. While frameworks currently exist to help define the areas for which cyber resiliency metrics should be developed, and controls exist that enable the hardening of assets that are critical to a protected system, there remains a lack of clearly defined metrics that can be applied consistently across systems to enable decision-makers to analyze the cyber resiliency capabilities of their systems. Differences in assessing cyber resiliency of embedded systems The RMF was designed with regular information technology (IT) systems in mind, not embedded systems. While RMF can be applied to embedded systems, some of the controls it defines can seem out of place or difficult to implement in deployed embedded environments. This situation can lead to misapplication or confusion when trying to apply security controls developed for IT infrastructures to embedded platforms. There are www.mil-embedded.com

many reasons for the mismatch, but most stem from assumptions about the operational environment that do not apply to embedded systems. For example, the IT infrastructure normally resides in a building with physical security controls. Embedded systems, on the other hand, typically operate out in the field and may not be manned at all. IT systems are most often multi-user, while many embedded systems provide no multi-user login or support only one user. Another example: IT systems are often used as general computing/network resources, whereas embedded systems are often purposebuilt to perform a single function. Embedded systems, unlike IT systems, often require additional integration to ensure continued operational capabilities after any update. One of the biggest differences between IT infrastructure and embedded systems is assumptions about their operational lifetime and update frequencies. IT infrastructure normally has a much shorter deployed lifespan than embedded systems. For most embedded systems, the combined challenges of the defense acquisition process, safety-certification requirements, and limited physical accessibility all conspire to increase the difficulty and cost of performing a system update when compared to a functionally similar piece of IT infrastructure. These challenges mean that any consistent approach for evaluating the cyber resiliency of embedded systems must consider the unique operational characteristics of embedded systems. A failure to consider the attack vectors, mitigating environment, and challenges unique to embedded systems when applying cyber resiliency metrics will result in confusion and the misapplication of security controls. Possible paths forward There are currently some efforts underway to develop new RMF overlays and additions designed specifically for embedded systems. As these resources become more developed they will likely be available for wider distribution. Moreover, discussions are ongoing at DISA about tailoring STIGs in order to more easily align them with the unique characteristics of embedded systems. This effort, if successful, should help www.mil-embedded.com

›

Figure 2 | Cyber resiliency for embedded systems that may be used in electronic warfare or by the warfighter often must address such issues as operation in harsh conditions, use by multiple people, and integration with end uses following updates. Illustration courtesy Curtiss-Wright.

reduce the analysis and documentation efforts currently needed to exclude those controls that are not mainly applicable to embedded systems. While these efforts promise to help to streamline the frameworks that embedded system cyber resiliency often operate in, they do not directly address the ongoing need for metrics that will enable the comparison of cyber resiliency across products. There is actually no standardization today within the marketplace for measuring the cybersecurity effectiveness of embedded products; instead, frameworks call on the program or vendor to define their own measure of success. This approach can go two ways: Either each program must expend precious resources to do complex evaluations of individual products, or the program must trust that the all vendors are using similar evaluation methodologies, which is unlikely without some guidance. In order to help develop effective cyber resiliency metrics for embedded systems, Curtiss-Wright is participating in government-led activities tasked with providing more rigor in this area. While these efforts are still in the very early definitional stages, the goal is to provide more structural guidance in order to enable suppliers of commercial off-the-shelf (COTS) parts to better define their cyber resiliency metrics. As these metrics emerge, decision-makers will finally have the means to perform “apples-toapples” comparisons to measure the cyber resiliency and cybersecurity effectiveness of embedded products from different vendors. MES David Sheets, Senior Principal Security Architect, joined Curtiss-Wright in January 2018. In this role, he helps guide technology development and strategy on antitamper and cyber resiliency for Curtiss-Wright Defense Solutions. David possesses 18 years of embedded engineering experience, including 10 years working on multiple U.S. Department of Defense programs architecting, implementing, and integrating security solutions. David has a Master of Science in computer science from Johns Hopkins University. Curtiss-Wright Defense Solutions • www.curtisswrightds.com

MILITARY EMBEDDED SYSTEMS

July/August 2018 25

Special Report CYBERWARFARE TECHNOLOGY

Mission- and life-critical cyber resilience for military platforms By Samuel Hamilton and Robert Gray The concept of cyber resilience is leading defense companies to develop embedded capabilities to ensure that U.S. military platforms can defend themselves against cyberattacks just as well as they defend against physical missiles. Shown is a simulated image of the northeastern U.S. at night (right side of image) with a blackout of the power grid due to theoretical cyberattack. Image courtesy BAE Systems.

Cyberattack has become the adversary’s first weapon of choice, and military platforms, on land, air, sea, and space, are prime targets. Nation-state cyberattacks against military, contractor, and critical-infrastructure facilities are a daily occurrence, and compelling public demonstrations have recently included attacks against commercial cars and planes. The United States Department of Defense (DoD) is conducting cybersecurity reviews of all major platforms, and U.S. defense contractors are developing embedded capabilities to ensure that U.S. military platforms defend themselves against cyber missiles with just as much finesse as against physical missiles. When defense companies talk about cyber resiliency for military platforms, what exactly do they mean? The term can mean many different levels of security, whether one is talking about a government network or a platform component. Unfortunately, there is not yet a standard hierarchy, which can make it difficult even to discuss the level of security actually desired. An industry standard, even at a high level, would eliminate many of the semantic hurdles to realizing military cyber resiliency commensurate with the modern threat. Let’s posit a three-tiered cyber resilience hierarchy to describe the broad levels of cyber resilience available for military platforms. The hierarchy reflects the scale of the cyberthreat, current and emerging requirements, system-development practices across the defense community, and both existing state-of-the-art capabilities and cutting-edge research and development. The hierarchy can be the jumping-off point for evaluating the cyber resilience appropriate for different requirements and price points.

26 July/August 2018

MILITARY EMBEDDED SYSTEMS

Each tier in the hierarchy builds upon the previous tier. Defensive capability increases from silver to gold, but cost, including the difficulty of retrofitting legacy platforms, also increases. Selecting the appropriate tier, and solutions within that tier, balances cost against platformspecific adversary threats. Threat analysis must include not only the likelihood that the adversary will launch particular types of attacks, but also the impact that those attacks will have on safety and mission outcomes. Solutions might fall naturally into one tier or partially address parts of multiple tiers. www.mil-embedded.com

THREAT ANALYSIS MUST INCLUDE NOT ONLY THE LIKELIHOOD THAT THE ADVERSARY WILL LAUNCH PARTICULAR TYPES OF ATTACKS, BUT ALSO THE IMPACT THAT THOSE ATTACKS WILL HAVE ON SAFETY AND MISSION OUTCOMES.

Base tier addresses individual binaries The initial tier, silver cyber resilience, concentrates on the analysis and protection of individual binaries embedded in the platform. There may be hundreds of binaries on any given platform, and a vulnerability in any binary with bus access risks compromise of every component on the bus. Protecting these binaries includes best-practice processes and technologies, including execution guards and authenticated communication channels when performance and design constraints allow. To earn silver cyber resilience, however, the platform binaries must go beyond best practice: Each binaryâ&#x20AC;&#x2122;s cybersecurity properties is evaluated against an internal vulnerability scale, which derives requirements and test sets from catalogs of mission requirements, threat actors, and cyberattack types specific to embedded systems. For components with available source code, users can turn to such tools as HP Fortify or Coverity to help identify issues. For third-party binaries delivered without source code, teams at BAE Systems apply a suite of best-ofbreed binary analysis tools tied together by the Automated Reverse Engineering (ARE) tool suite. Software developers prioritize and address ARE-identified vulnerabilities during the normal development and test/evaluation processes.

â&#x20AC;ş

Figure 1 | The tiers of this proposed cyber resilience hierarchy provide better protection as users ascend, but with higher costs in design, development, test, and manufacture. Illustration courtesy BAE Systems.

www.mil-embedded.com

Under the hood, ARE statically and dynamically analyzes the control and data flows of target binaries, and automatically identifies vulnerabilities reachable from external input, including memoryaccess and arithmetic errors. ARE is now part of a pilot study on the cybersecurity of mission-critical U.S. Navy software.

MILITARY EMBEDDED SYSTEMS

July/August 2018 27

Special Report

CYBERWARFARE TECHNOLOGY

The gold cyber resilience level adds to the previous one defense-in-depth, in which layers of defenses each build on the one before, to the entire embedded system. The choice of man-on-the-loop, man-in-the-loop, or autonomic response depends on the tradeoffs between the direct impact of an adversary attack and the collateral impact of responding to attacks and false alarms. The key to defense-in-depth is multitiered falsealarm suppression that uses a hierarchy of filters to identify and remove false alarms arising from unusual, but nonattack, activities. Accurately eliminating false alarms prevents collateral damage from defensive response that serves no purpose. This overall approach detects unseen or zero-day attacks based on improper component behavior; provides rootcause analysis for operator situational awareness; acts to correct or contain cyber compromises; and provides intuitive, actionable information to operators modeled after and sometimes integrated Figure 2 | Effective cyberdefense responds automatically to and presents recommended SEA-18026 - IoT Design.pdf 1 3/20/18 courses 9:50 AM of action for high-confidence cyberattack detections. into existing fault-diagnostics systems.

â&#x20AC;ş

28 July/August 2018

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

Sam Hamilton is the Deputy Product Line Director for the BAE Systems FAST Labs Cyber Technology group and has been an active member of the cyber research community for more than fifteen years. In that time, he has had technical and leadership roles in both large and small large companies, including founding multiple companies in cyber research and gaming technologies.

With this approach in place, the system detects, contains, and recovers from even previously unseen cyberattacks against runtime components. One way to add defense-in-depth capability is to include a device that plugs into an existing vehicle bus, monitors component data flow for anomalous behavior, and alerts vehicle operator(s) through existing fault-diagnostic interfaces. Such an approach can dramatically increase the end-to-end cybersecurity posture of legacy platforms without having to retrofit existing components.

Dr. Robert (Bob) Gray is one of two Chief Scientists in the BAE Systems FAST Labs Cyber Technology group. His research focuses on the automation of previously manual processes in cyberdefense and cyberoperations for the U.S. Department of Defense and other customers. He received a Ph.D. in Computer Science from Dartmouth College in 1997. BAE Systems • www.baesystems.com

At the top level Platinum cyber resilience levels integrates component-level and defense-in-depth characteristics into a clean-slate design paradigm for the development of inherently secure computing technologies. This approach leverages formal methods to ensure that solutions are provably secure against whole categories of security flaws. Platinum-level cyber resilience leverages hardware/software codesign approaches such as SAFE, which leverages hardware support for memory safety, dynamic type checking, and native support for dynamic information flow control. The platinum level of cyber resistance can demonstrate that designs are immune from buffer overflows, cross-site scripting, and code injection, including binary code injection, script code injection, SQL injection, and ROP code injection. Ideally, all platforms would have platinum cyber resilience covering all possible cyberattack categories. Internal redteam exercises have actually shown that platform security benefits massively from each additional tier of cyber resilience. Realistically, however, each tier involves additional cost; platform-specific analysis of the cost, security, and performance tradeoffs is essential. Silver cyber resilience, for example, requires neither the replacement of legacy system architectures (platinum) nor the pervasive insertion of layered cyberdefenses (gold), but can provide effective defense against common threats and have low costs even when retrofitting legacy platforms. Ultimately, the levels of the cyber resilience hierarchy guide the discussion of what is feasible and best for both new and legacy military platforms. MES www.mil-embedded.com

AcroPacks ® = S W a P - C

Embedded I/O Solutions for the Next 25 Years

MIL/Rugged mPCIe-based I/O Modules The AcroPack product line updates our popular Industry Pack I/O modules by using the mPCIe interface format. We added 19mm and a 100-pin connector to provide up to 50 isolated rear I/O signals, giving you a tremendous amount of capability on an Extremely Small Footprint - Without Cabling! Key Features Include:

▪

A/D, D/A, serial, digital I/O, counter/timer, Ethernet and FPGA

▪

Low-power consumption

▪

Solid-state electronics

▪ ▪ ▪

AcroPack modules snap onto AcroPack PCIe, XMC & VPX carriers, eliminating ribbon cables.

NEW

-40 to 85°C standard operating temperature Conduction-cooled models available

These modules are just 70mm long.

Mix-and-match endless I/O combinations in a single slot by using our XMC, VPX or PCIe-based carriers

Visit Acromag.com/AcroPacks

TO LEARN MORE

Embedded I/O Solutions

Ethernet Remote I/O Modules

FPGA Modules

www.acromag.com

AcroPack® I/O Modules

solutions@acromag.com

SFF Embedded Computers

877-295-7088

MILITARY EMBEDDED SYSTEMS

July/August 2018 29

Mil Tech Trends RUGGED COMPUTING

Mobile computing mounts in popularity for military field use By Mariana Iriarte, Technology Editor Marines train with the Augmented Immersive Team Trainer (AITT) from the Office of Naval Research (ONR) during ongoing testing at Quantico, Virginia. Photo courtesy U.S. Navy/John F. Williams.

Commercial computer technology continues to influence military mobile computing requirements as warfighters demand that their field equipment have the same functionality and capability as their personal devices. Consequently, rugged mobile computing is getting a major boost as the Department of Defense (DoD) pushes the defense industry to ruggedize commercial technologies for military use. Technologies such as virtual reality (VR) and augmented reality (AR), along with artificial intelligence (AI) and methods like deep learning, are poised to be a game-changer for military users. However, the biggest challenge is leveraging these innovations in hardware rugged enough for field use. “Military customers are looking for that technology that gives them the freedom to really operate anywhere, any time,” says Chris Balcik, vice president of sales/federal government, at Samsung Electronics America (Ridgefield Park, New Jersey). These customers, he says, are clamoring for technology that commercial buyers use on a daily basis. Military systems must be viable in high-density, accident-prone environments, while also leveraging the dexterity of those commercial devices that you can buy at any electronics store. An agile warfighter who can pick up and move with the latest technology as quickly as possible is a concept resonating with the defense industry. “They are looking for laptops and tablets especially, but also ruggedized workstations and servers,” says Sara Blackmer, president at RAVE Computer (Sterling Heights, Michigan). “For example,

30 July/August 2018

MILITARY EMBEDDED SYSTEMS

it is important that field maintenance engineers have the compute power they need in a rugged mobile case. What we call ‘Ready Relevant Learning’ is key. That means bringing training to the point of need instead of bringing troops to a location for classroom training.” Mobility does not necessarily mean a dramatic change in computing requirements. Instead, makers of mobile technologies are staying true to the DoD mantra of abiding to the size, weight, and power (SWaP) needs of specific applications. Initially, “the demand for SWaP-C [size, weight, power, and cost] arose because mobile platforms have become overwhelmed as more and more advanced mission and vehicle systems have been added,” explains Ed Fulmer, director of business development at IEE (Atlanta, Georgia). Instruments and applications have proliferated so that today “Crew stations have become crowded and the vehicles’ www.mil-embedded.com

Having a full rugged solution means more than having a commercial solution that is ruggedized enough for the field. Users are “also looking for a product that has a revision-controlled bill of materials, documentation in the form of user manuals, mechanical or CAD drawings, statements of volatility, mean time between failures, conflict mineral, counterfeit statements, and the like,” Travis says. Simply put, leveraging commercial technologies into the battlefield requires much effort. “Rugged means something more than what you could buy at a consumer electronics store,” clarifies Ciufo. It’s also important to note that the mobile rugged landscape is slightly different as the industry struggles to define what mobile rugged computing means to those in the field, he adds. “[For example] is mobile an iPhone that you put into your pocket or your briefcase or your purse or your rucksack?” Ciufo asks. “Mobile can also mean: Get me the functionality that I need onto or off the battlefield as quickly and as easily as possible. It doesn’t have to necessarily mean small, light, and low power; it can also mean something that it moves from location to location via civilian aircraft.”

power systems cannot keep up with demand. System integrators who buy mobile rugged computers are looking to improve SWaP-C by consolidating functions and eliminating hardware, as well as providing more ergonomic, multifunctional crew stations,” Fulmer adds. “There’s a new definition of mobile that we’re seeing which is different than what we all associate with mobile,” says Chris Ciufo, chief technology officer at General Micro Systems (GMS – Rancho Cucamonga, California). Mobile doen’t always mean a laptop anymore, “because of the new near-peer threat we’re seeing on the battlefield. [Troops] need to deploy whatever asset they need to use – whether it’s electronic equipment or something else – and it doesn’t always mean something small.” The combination of emerging threats and proliferation of instruments is pushing DoD officials to start requiring an all-in-one solution. “As these processing functions are combined, there is also an increased need to protect the integrity of computing platforms from cyberthreats,” Ciufo continues. “This means there are design constraints to minimize vulnerabilities and provide separation between connected systems to prevent propagation of a potential exploitation in one system to the next.” Finding an all-in-one solution depends on the type of military application plus “where and how the product is being deployed,” explains Steve Travis, chief marketing director at Chassis Plans (San Diego, California). “While all the unique applications [such as maritime, tracked and wheeled vehicle, aircraft, and portable ground-based] are rugged, they each require a unique set of enhancements to help with shock, vibration, extended temperature requirements, high humidity and salt fog environments, weight and power consumption, as well as EMI [electromagnetic interference] considerations.” www.mil-embedded.com

The domino effect Marrying the new technology with the agile development the military wants ends up becoming “a fine art of balancing a customers’ system requirements with their deployed environmental requirements,” Travis notes. “Knowing the hardware requirements for the software that will run on the proposed system such as CPU [central processing unit], system memory, and data-storage requirements will help us to understand in what ways we must enhance the product to meet both performance and environmental requirements.” In addition to current set requirements, “Increasingly these days, the biggest challenges associated with rugged mobile computing is to deliver the smallest processing, lowest power, most number of consolidated systems in the smallest package,” Ciufo says. The beauty about this scenario is that “hardware is pretty good relative to the military standards,” Balcik says. “It’s

MILITARY EMBEDDED SYSTEMS

July/August 2018 31

Mil Tech Trends

RUGGED COMPUTING

military-grade, it’s drop-tested to two meters, down to minus 32 °C. We’ve got all that covered.” That being said, new threats will emerge and systems will need to update for the current threat, he adds. “I think the challenge we’re going to have is the operating systems – are they keeping pace with the workflow? And are the networks available to keep pace with the needs of the upload/downloads? I think that’s where we’re going to struggle for the foreseeable future.” Ultimately, new DoD requirements for system upgrades “often start a domino effect, as one consideration leads to another,” Travis warns. “What techniques are required for a system to be properly cooled or heated, will the COTS [commercial off-the-shelf] components withstand the required shock and vibration profiles or do they require component staking, shock isolation, etc? Do internal components require further enhancements such as conformal coating? These enhancements can often add weight, additional power draw, and/or expanded external dimensions of the enclosure itself.” In general terms, Fulmer adds, “Typical design challenges for mobile computing include effective power management or battery life, custom equipment housing designs using lightweight materials, meeting the demand for latest processors, and complying with cyber requirements. Additionally, each mobile platform typically has unique space constraints and system interfaces, making it a challenge to have commonality across platforms. To a large extent, mobile rugged computing products have to be modular and adaptable to accommodate these unique requirements.” The end result of this requirements lineup often means that the ultimate challenge is “to offer that fully MIL-STDcertified system at a competitive cost,” Blackmer says. “A fully enclosed case that is dust/water/shock proof is expensive compared with standard desktop solutions. Certification testing itself is also very expensive, and achieving

32 July/August 2018

›

Figure 1 | The TFX is a rugged military-grade high performance 2U rackmount display offering either three 17.3-inch or 19-inch TFT LCD [thin-film transistor liquid crystal display] screens. Photo courtesy of Chassis Plans.

certification as fully ruggedized requires extra effort on the part of the system integrators. Quite often, customers want the functionality and certification but their price expectations do not line up.” DoD users are without a doubt looking for a whole life cycle solution: “We’re seeing requirements for mobile that include: ‘Get me my entire server infrastructure,’ ‘get me my large disk storage, my Intel server capability, my network patch panel, etc.’ – it all needs to go onto the battlefield, but check it in the overhead bin,” Ciufo explains. “Today’s military requirements call for a compact footprint for smaller deployable forces,” Travis acknowledges. “Portable networks consisting of virtual servers, crossdomain solutions, storage arrays, switches, routers, UPS [uninterruptible power supply], and power conditioning are becoming more commonplace.” (Figure 1.) Power and heat tradeoffs and options As defense users get a taste of what the commercial world has to offer, the desire for feature-laden systems becomes significant, but heat management and power challenges remain for mobile computing engineers – whether servers, laptops, or networks in general. “You cannot eliminate heat from a computer or LCD product, as it must always be transferred somewhere else,” Travis explains. “Many of our systems use forced-air cooling; the drawback is that filtration is required to keep dirt and dust from contaminating the interior, and these do require scheduled maintenance to keeping the air filter clean and unclogged. For customers that require a sealed solution, cooling options include heat pipes/sinks to help dissipate the heat over a large surface, often requiring a low power/performance component that do not generate much heat. Lastly, heat can be transferred out of a system via liquid cooling, but that will require a large radiator to help dissipate the heat out of the fluid before cycling back through the system again.” “Among the recent technology trends relevant for our products are improved efficiencies of microprocessors and LEDs for display backlighting,” Fulmer says. “Generally, the goal is to match the unit requirements to the appropriate level of power and to size power supplies appropriately so they run at maximum efficiency.” (Figure 2.) Heat and power requirements more and more are being influenced by developments in the automotive industry. “We are starting to see more COTS components developed for automotive applications as autonomous vehicle technology begin to become more mainstream,” Travis says. “COTS component companies such as Intel, AMD, and NVIDIA are all now developing products for [such applications].” These components,

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

“We’re seeing quite a bit of interest in virtual and augmented reality,” Travis adds. “As computers and displays become more powerful, smaller and more power efficient new VR capabilities will enhance the warfighter’s ability to process and understand data in real time. From battlespace awareness and enhanced communication to improved logistical capabilities, we see many possible applications with this emerging technology.” “Data analytics from sensors in the field or from forward operating locations is the first potential use that comes to mind,” Blackmer suggests. “The real-time application of AI and deep learning to this collected data will grow in demand.” Ultimately, DoD users will part of a larger ecosystem: “Think about taking a ruggedized tablet into a shipyard and using the high-fidelity camera that we have, and holding

›

Figure 2 | IEE 3.5-inch handheld control display unit (CDU). Photo courtesy of IEE.

Proven

Building Blocks

designed to operate in an automobile from freezing winters in Alaska to the hottest day in Phoenix, Arizona, can and are now being used in the military market space, he adds. COTS components enable better power efficiency and management as many are designed with this feature in mind, Travis says. “Using these, along with COTS components from the mobile (laptop and cellphone) space that are designed for reduced power to preserve battery life, a system can be configured for lowpower applications depending on the customers requirements.” Next generation of mobile rugged computing Future rugged computing systems for the warfighter will be leveraging technology developed in the commercial world. The ruggedized tablet [will be used] for more than just data collection with the introduction of virtual and augmented realities, Balcik says. “Right now, generally, the ruggedized device is a single point. It’s an endpoint, that’s it. But we want to introduce that into a larger ecosystem.” www.mil-embedded.com

Elma’s embedded system solutions use open standards based products and technologies from our range of proven chassis, backplanes, boards, rotary encoders and power supplies - plus best in class partner products

With you at every stage! Elma Electronic Inc.

MILITARY EMBEDDED SYSTEMS

elma.com

July/August 2018 33

Mil Tech Trends it up against a section of a ship that’s being developed. Right then and there you can see an overlay in an augmentedreality fashion on what you need to do,” Balcik says. “Being able to equip them with a ruggedized solution is one thing,” Blackmer continues. “But now, if you start introducing mixed reality, augmented reality, offering the future possibilities like visualizing the blueprints for construction sites or these antennas, it allows them to actually expedite work and they’re able to do their job at a much higher level with higher performance capabilities.” These technologies will continue to mature. “The human-machine interface (HMI) is evolving very rapidly at present, and will be dramatically different in the five- to 10-year horizon,” Travis says. “Game-changing research can be found in battlefield augmentedreality systems (BARS), which help users maintain situational and environmental

RUGGED COMPUTING

awareness. The visual presentation of key data points over an actual battlefield, mapping of mission parameters and movement, while networked with nearby soldiers, creates collaborative and immersive situational awareness. This helps to avoid costly mistakes such as interpreting color data or friend/foe movement.”

on concrete,” Ciufo says. “Hardened will also come to mean cybercapability is built into the device.” MES

Users will also benefit from improvements in biometric technologies: “Biometric authentication – the consistent, persistent, multifactorial authentication – is going to be key,” Balcik points out (Figure 3). “Mobile will be a collection of the best military and civilian technologies that are out there, with one caveat – the technology will have been appropriately hardened for use on the battlefield,” Ciufo says. “This may mean that something as simple as an Otterbox case protects the device, which provides a solid level of protection for smartphones dropped

›

Figure 3 | Samsung’s Galaxy Tab Active2 offers defense-grade security plus a fingerprint scanner for biometric authentication. Photo courtesy of Samsung.

MISSION-CRITICAL SOLUTIONS DELIVER YOUR RUGGED SYSTEM WITH PCI EXPRESS Mini Cards – COTS OR CUSTOM ALPHI IS NOW CERTIFIED TO AS9100D WITH ISO9001:2015 1553 ARINC429 CanBus Serial

RS-422 User FPGA Avionics I/O A/D D/A

Thermocouple Synchro/Resolver LVTTL User FPGA Custom

Designed and manufactured in the USA. | 480.838.2428 | www.AlphiTech.com | sales@alphitech.com 34 July/August 2018

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

ADVERTORIAL

EXECUTIVE SPEAKOUT

Rack Scale Composable Infrastructure for Mixed Workload Datacenters By Katie Rivera, Marketing Communications Manager – One Stop Systems Since 2012, hyperconverged servers, with large numbers of CPU, GPU, storage and networking resources, have formed the foundation of GPU accelerated data center architecture for the most demanding applications. These highly integrated, and often expensive, servers operate efficiently when used in a cluster with very specific applications in mind at the time of purchase. What if the datacenter runs many different HPC applications? Over time, as applications change and need more data storage, GPU compute power, networking or CPU cores the datacenter manager changes the server to meet the new needs. A more flexible, application-centric, datacenter architecture is required that can meet the needs of the rapidly changing applications and hardware. The newest solution involves disaggregating the server resources into a “composable HPC infrastructure.” With composable infrastructure, the datacenter manager combines many existing servers with expansion systems such as an NVMe flash storage array (JBOF) or GPU accelerator systems to add greater numbers of resources than the servers can support in a hyperconverged architecture. In addition, the job scheduler works with the composable infrastructure API to create the ideal node or cluster to run a particular application set. Composable infrastructure allows any number of CPU nodes to dynamically map the optimum number of GPU and NVMe storage resources to each node required to complete a specific task. When the task completes, the resources return to the cluster pool so they can be mapped to the next set of nodes to run the next task. Expansion also brings additional advantages to the datacenter such as bandwidth aggregation of many PCIe 3.0 based GPUs or NVMe drives into the latest generation PCIe 4.0 based servers. For data centers with many nodes, the expansion option adds unlimited flexibility to the HPC architecture by decoupling the latest innovations in CPU capabilities, GPU performance and NVMe storage. Composable infrastructure using expansion accelerators provides many benefits. HPC data scientists can use servers they already own and add GPU expansion and NVMe storage via expansion with no additional server investment. If they do plan to purchase new servers, data scientists should choose the best server for the application, no matter how many GPUs fit inside. Since servers, GPUs and storage upgrade on different schedules from the various vendors, composable infrastructure can be upgraded at different times spreading the capital expenditures over many fiscal periods. Better yet, data scientists can rent the latest technology composable infrastructure systems and software from Cloud Service Providers using operational expenditure budgets rather than capital equipment budgets. Other benefits of composable infrastructure using expansion systems include a large number of GPUs on the same RDMA network fabric, especially for AI, deep learning, RTM, Monte Carlo and image processing applications that benefit from peer-to-peer communication with moderate CPU interaction. In 2017, OSS unveiled the newest version of its rack-scale GPU Accelerator products, the GPUltima-CI (Composable Infrastructure). GPUltima-CI allows mixed use datacenters to greatly increase GPU, networking and storage resource utilization compared to similar hyperconverged server solutions. Unlike traditional architecture where applications must use the available datacenter hardware, OSS GPUltima-CI allows the high-performance application to dictate the optimal bare-metal hardware configuration for each job to maximize efficiency. Large, flexible reservoirs of GPUs, www.mil-embedded.com

NVMe storage and NICs are interconnected by a high-speed, low-latency PCIe switched fabric to banks of dual Intel® Xeon™ Scalable Architecture server nodes in each rack. The Command Center Management Software then composes these resources into the optimal set of bare metal servers. This multipetaflop compute accelerator system is perfect for AI training, deep learning, weather modeling, finance simulations, and data sciences requiring flexible access to GPUs and storage resources. One Stop Systems www.onestopsystems.com

MILITARY EMBEDDED SYSTEMS

July/August 2018 35

Industry Spotlight LEVERAGING BIG DATA FOR MILITARY APPLICATIONS

Applying deep learning techniques to expand defense capabilities By Mohamed Bergach

Leveraging advanced data center computing techniques holds the promise of delivering powerful ways to solve complex defense mission challenges. Deep learning is an increasingly popular technique that can be used to process very large data sets. As the goals for defense systems move in the direction of greater autonomy, deep learning techniques that were once too tough for more traditional processing technologies can now be supported. Newly available technologies are driving how deep learning can be used for defense applications. These techniques include very large field-programmable gate arrays (FPGAs), power-efficient generalprocessing units (GPUs), and new singleinstruction/multiple data (SIMD) processing units that work with today’s more flexible multicore processors. The intense computing power these components offer greatly surpasses the processing limitations that made real-time deep learning architectures virtually impossible. Advancements in high-performance embedded computing (HPEC) platforms have come a long way in not only handling

36 July/August 2018

deep learning algorithms, but also in meeting size, weight, power, and cost (SWaP)constrained system requirements. Unfortunately, it isn’t as simple as plugging in an HPEC platform. Applying deep learning algorithms to a specific system problem will be an ongoing challenge for developers. For their part, embedded computing suppliers will need to continually modify and upgrade HPEC-based platforms, making them more easily adaptable to deep learning applications. How deep learning works Applications can “learn” by taking any sensor signal (image, sound, GPS position, radar, etc.), and represent it in an abstract way, or as features such as shapes, corners, patterns, and more. More importantly for military use, machine learning can be applied to any collected data. These abstractions are made up of deep neural nets (DNNs), which have dozens of processing level layers. In each layer, data is processed based on a particular type of feature, and this layer provides the result to the next layer. The results of using these techniques have been quite impressive, where some results are shown to be better than human-based solutions for applications such as image registration, face recognition, fraud detection, and natural-language processing.

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

THE CHALLENGE FOR THE SYSTEM INTEGRATOR, THEREFORE, IS TO DEFINE HOW DEEP LEARNING ALGORITHMS CAN BE APPLIED TO SOLVE THEIR PARTICULAR PROBLEM.

Considerable computational capabilities are needed for deep learning because the network must be “trained.” Typically, data centers have done the heavy lifting to weight and optimize the information numerous times in order to reduce the potential for errors. Each network training result becomes a snapshot. For defense programs, these snapshots would then be deployed on the actual embedded HPEC system for testing. This process continues with the expectation that each snapshot will provide a better result than the previous one. (Figure 1.) Solving deep learning challenges with HPEC Technologies such as high-speed switched serial links, rugged standardized form factors, and HPEC middleware can be employed with much success for deep learning applications. These technologies have been developed and honed over the years to address HPEC challenges such as synthetic aperture radar (SAR) and military signal intelligence (SIGINT) applications. The challenge for the system integrator, therefore, is to define how deep learning algorithms can be applied to solve their particular problem.

›

Figure 1 | This illustration – an example of how deep learning works on an embedded HPEC system – shows the huge amount of computation required in the testing phase, in which a snapshot of the network is taken with each training result and then tested. This process is repeated with the expectation that the next snapshot will respond better than the previous one.

www.mil-embedded.com

Deep learning techniques have proven in the initial phases to be most useful for pattern-recognition tasks such as naturallanguage processing and image feature detection. Taking this approach a step further, deep learning is also a good candidate to be applied to on-platform processing of streaming signal or image data. These systems would have the power to sift through voluminous streams of data looking for either signals or targets of interest that can help support decision-making by humans as well as autonomous systems.

MILITARY EMBEDDED SYSTEMS

July/August 2018 37

Industry Spotlight Using HPEC-based systems, the military gets a ready solution for the vast data crunching needs required for deep learning. This data explosion is particularly evident for information that must be evaluated in real time. Therefore, the opportunity grows in dynamic military environments for deep learning technology solutions that can streamline analysis and enable faster decision-making through critical insights in handling immediate threats. Additional applications include intelligence gathering to help better assess battle scenarios, enable faster situational analysis in the air or on the ground, and even provide an edge in understanding enemy or terrorist groups through greater insight into how they behave and communicate. Building blocks for HPEC It is possible to build modular HPEC systems optimized for deep learning applications with readily available platforms. For instance, Kontron’s VX3058 3U VPX board enables server-class computing capabilities

LEVERAGING BIG DATA FOR MILITARY APPLICATIONS

›

The evolution of deep learning techniques will undoubtedly advance as processing densities and backplane speeds continue to increase. These breakthroughs further optimize HPEC platforms’ ability to successfully host computationally challenging deep learning applications on realistically deployable form factors that make sense for a broader range of defense and security programs. MES

Figure 2 | When combined with a high-speed 10 Gigabit Ethernet switch card, the StarVX enables a design of a deployable platform suitable for deep learning applications.

via the advanced eight-core version of the Intel Xeon Processor D architecture (Broadwell DE). The Kontron VX3058 enables high-level digital signal processing (DSP) performance and is ruggedized for harsh environments. Kontron’s StarVX HPEC system integrates the VX3058 to leverage the same processor performance capabilities of the Intel Xeon D-1540. This type of HPEC platform meets footprint reduction demands through operational computers consolidation via server virtualization. (Figure 2.)

Series 360 ®

Mohamed Bergach, Ph.D., is a system/ software architect at Kontron, having worked at Kontron in engineering and R&D since 2011. He holds a Ph.D. in computer science from Université Nice Sophia Antipolis and attended Telecom Sud Paris, studying computer science. Kontron www.kontron.com

AS 9100D / ISO 9001:2015 CERTIFIED

PHALANX II: THE ULTIMATE NAS Supports AES-256 and FIPS140-2 encryption

Circular Interconnects

Introducing our NEW rugged, ultraminiature circular interconnect solution & assemblies —

High performance in a smaller & lighter package than D38999

—

Push/Pull & Quick-DeMate® versions available; both interoperable with the same receptacle

—

Quick-Clean® & High-Speed versions available

—

Board-mount, panel-mount, cable & flex assembly ready

Utilizing two removable SSDs, the Phalanx II is a rugged Small Form Factor (SSF) Network Attached Storage (NAS) file server designed for manned and unmanned airborne, undersea and ground mobile applications. w w w . p h e n x i n t . c o m

www.airborn.com 38 July/August 2018

MILITARY EMBEDDED SYSTEMS PHX_OSP_3.375_4.875.indd

www.mil-embedded.com 1/22/18 11:36 AM

ADVERTORIAL

EXECUTIVE SPEAKOUT

Thinking Outside the Rack By Jason Wade, President – ZMicro, Inc.

zmicro

Whenever we talk with customers about what they need in a mission computer, they always tell us to reduce size, weight and power. We’d respond by looking for new lightweight materials and finding new ways to optimize our designs. However, at a certain point, we couldn’t reduce much further because we were constrained by the rackmount form factor. So, we asked our customers, “What’s the higher priority: reduced SWaP or the ability to rackmount?” They told us by far SWaP is more important. Figuring out how to bolt down computers is the easy part for them. The 19-inch rack form factor was established as a standard by AT&T around 1922 and has been widely adopted across telecommunication, computing, audio, video, entertainment and other industries. It’s interesting to realize that so much of the rugged computer industry still revolves around this legacy approach. In fact, relatively few manufacturers have developed the capability to develop the custom shapes and sizes customers need today. Like other manufacturers, we designed our computers to fit in a rack. We used ATX / Extended ATX motherboards because they offered the most capabilities. However, with the latest COM Express Type 7 spec, we can replace the motherboard with a much smaller, versatile baseboard. COM Express provides the flexibility to tailor the daughter board to unique factors that traditional formfactors don’t support and still maintain the relevant I/O capabilities. The compute requirements for mission computers are on a par with enterprise computing. They typically include a 16-Core Intel Xeon D processor. Dual processor sockets are no longer required, because with the growing emphasis on graphical content, much of the workload has shifted to the GPU. The NVIDIA Quadro P6000 GPU is the powerhouse at the heart of today’s high-performance

mission computers. It’s the single most expensive component and, as it turns out, it’s the form factor of the NVIDIA card that ultimately determines how small you can make a mission computer.

“... with the latest COM Express 7 spec, we can replace the motherboard with a much smaller, versatile baseboard.” With a fresh canvas, we set out to give customers exactly what they asked for. Along the way, we discovered some unexpected things. First, we were able to take all the enterprise compute capability of our 30 pound rackmount system and fit it into a new design that’s about the size of a shoebox and weighs only 9 pounds. The new box requires less power and its shape allows better airflow making it easy to cool. Instead of a bunch of little fans – which tend to be noisy – we can use just two larger fans, so the unit runs much quieter and is cool to the touch. The design is quite scalable because COM Express type 7 provides up to 32 PCIe lanes that can be allocated as needed. For example, in our ZM3 mission computer, we use 8 lanes for storage and the remaining 24 lanes for expansion cards, typically up to 16 graphics cards and 8 encoders. COM Express Type 7 supports the NVMe PCIe Gen 3 interface, designed for SSDs. Using NVMe drives increases read/write speeds three to four times compared to SATA 3. The new spec also provides 10GbE LAN for rapid communication of video over the network. Recently at SOFIC 2018, we had the chance to demonstrate our new ZM3 mission computer and we took the cover off the unit to let people look inside. The feedback from military customers was exciting and, at the same time, a little humbling. What they said was, “Thank you for hearing us and finally giving us what we need.” Have we been overestimating the importance of rackmount systems and missing out on the opportunity to give customers what they actually need? ZMicro | www.zmicro.com

Editor’s Choice Products

Drone-detection system offers 360-degree video livestream The Drone Detect System from Acquired Data Solutions is a full acousticand visual-detection system that alerts users to drones using location, classification, and alarms. The system has 150 m-plus minimum active detection/classification range with alarm lock and 360-degree video stream. Engineers designed the system to deliver detection range of 1 km-plus, with algorithm improvements expected. The system can be configured as a portable or a fixed installation system. It is web/net accessible and can be used in all types of weather. It is designed to use as little power as possible and comes with software upgrades and updates plus maintenance plan. Users can customize power and communications for site-specific requirements; the company says that setup time is less than 10 minutes. Additional features include four high-sensitivity dipole microphones to detect intrusions and the ability to integrate with existing camera systems. Acquired Data Solutions | www.acquireddatasolutions.com | www.mil-embedded.com/p374669

MPG 4020 Series instruments test avionics receivers The MPG 4020 Series is a fast low-noise RF signal generator instrument – designed to test avionics receivers and airfield alarm monitors – able to generate AM, FM, and PM modulations. Developed by MPG Instruments, the tool also provides features that satisfy the need for a Omni Ranging/Instrument Landing System (VOR/ILS) Avionics signal generator. The MPG 4020 Series can be operated manually, using a touch-screen user interface or remotely via a standard GPIB [general-purpose interface bus] port using the same remote commands. The modulation source can be internal digitally generated or provided via two external modulation inputs. The use of a vector modulator and digital modulation techniques enables high accuracy and stable performance under all operating conditions. The MPG VOR-ILS 4020 Series generates waveforms suitable for testing VHF VOR ILS and Marker Beacons receivers. Avionics parameters are presented in the same form as described on the International Civil Aviation Organization (ICAO) standards. MPG Instruments | www.mpginstruments.com | www.mil-embedded.com/p374670

Data link system with built-in multiport Ethernet switch Troll Systems’ LinkBox is a data link capable of providing downlink and optional uplink of multiple IP streams and control data. Its built-in multiport Ethernet switch and optional wireless router enable seamless connection to cameras, mapping systems, tracking antennas, and other sensors. Radio options are flexible and configured for each customer’s application. Available in standard 1/2 ATR [Air Transport Rack] units, it features a built-in touchscreen monitor that enables operators to configure and control the aircraft’s entire data link system. The LinkBox is controlled from third-party mapping systems, which the company says can reduce the complexity in the cockpit, placing all systems controls in one place (no additional control heads required). The LinkBox can support any video input, including multiple video streams, and supports both internal encoding and streams from an external source over IP. The transmitted video can be displayed on the local display or optional external HDMI [high-definition multimedia interface] monitor. Audio is supported in analog and embedded modes, while data may be sent over serial or via built-in Ethernet links. Bidirectional data options are available to support full network bridging and routing. Troll Systems | www.trollsystems.com | www.mil-embedded.com/p374671

40 July/August 2018

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

Editor’s Choice Products

MIL-STD-1553B bus communications testing and simulation tool Bloomy’s BCI-1553 C Series module provides a standards-compliant MIL-STD-1553B interface for the National Instruments CompactRIO platform. The module uses the industry standard Holt HI-6131 integrated terminal to provide a single dual-redundant bus interface. The flexible software-configured driver provides out-of-the-box operation as a bus controller, bus monitor, or as two independent remote terminals. According to the company, the BCI-1553 can be used for functional unit testing, device simulation, and fault code download. Other application uses include aircraft system monitoring and diagnostics, flight line diagnostics, and operational flight program (OFP) upload verification. Additional features include high-level API implementation, out-of-the-box single-function MIL-STD-1553B interface, and a low-level API that enables concurrent operation for one to four MIL-STD-1553B functions including bus controller, bus monitor, or two remote terminals. The system also features the Holt HI-6131 that is available through low-level API. The system sports integrated isolation transformers for stub coupling as well as LabVIEW drivers. Bloomy | www.bloomy.com | www.mil-embedded.com/p374678

Microcontroller with HARDSIL technology aimed at extreme radiation environments Vorago Technologies’ VA10820 ARM Cortex-M0 microcontroller chips use the company’s patented HARDSlL hardening technology to enable use of the parts in extreme radiation environments. The VA10820 includes error detection and correction (EDAC) logic on the internal memories; the EDAC is byte-based to boost performance and reliability. In addition, the VA10820 includes triple modular redundancy (TMR) with voting on all internal flip-flop storage elements. The VA10820 ARM Cortex-M0 microcontroller chip’s performance is clocked at 50 MHz. It features on-chip memory, 56 general-purpose I/O (GPIO) pins, 24 general-purpose counter/ timers, two UARTS, three serial peripheral interface (SPI) ports, two I2C ports, system-level triple modular redundancy (TMR) on all internal registers, 3.3 V I/O supply, and 1.5 V core supply. Vorago Technologies | www.voragotech.com | www.mil-embedded.com/p374672

Bidirectional RF amplifier generates 16 watts of power The NuPower Xtender VU4GX02 VHF/UHF bidirectional simplifier module is a small, broadband, high-performance RF [radio-frequency] amplifier that generates 16 watts of RF power across the 225 to 512 MHz frequency range. NuWaves Engineering developed the bidirectional amplifier for extending the communication range of half-duplex transceivers with constant-envelope waveforms (i.e., PSK- and FSK-based modulations such as SOQPSK and GFSK); the part generates 16 watts of RF transmit power (4 W linear). The module accepts a +5 dBm input level and provides 35 dB of transmit gain while operating with 30 percent or better power efficiency at most frequencies. In receive mode, the NuPower Xtender offers a noise figure of 3.5 dB and uses a low-noise amplifier that provides 15 dB of gain. The NuPower Xtender features manual transmit/receive (T/R) mode selection, coupled with a T/R mode switch time of 2 μs. With a small form factor (3.8 cubic inches) and gallium nitride (GaN) power amplifier device technology, the module was intended for use in broadband RF telemetry and communication systems that require reliability and minimal size, weight, and power consumption. NuWaves Engineering | www.nuwaves.com | www.mil-embedded.com/p374673 www.mil-embedded.com

MILITARY EMBEDDED SYSTEMS

July/August 2018 41

TECHNOLOGY UPDATE

Drone-swarm tactics program leverages game-based technologies By Mariana Iriarte, Technology Editor Raytheon BBN Technologies has teamed up with Smart Information Flow Technologies and Oregon State University to tackle a challenge from Defense Advanced Research Projects Agency (DARPA) that aims to design, develop, and demonstrate a swarm of unmanned aircraft systems (UASs) or unmanned ground systems (UGSs) that can maneuver and accomplish missions within a complex urban environment. According to documents from DARPA, the BBN team is developing a set of tools and technologies that will enable researchers to “create and test their own swarm tactics and supporting technologies.” DARPA officials began the initiative – dubbed the OFFensive Swarm Enabled Tactics (OFFSET) program – in February 2017. Researchers will use swarms of as many as 250 UASs/UGSs per mission; to this end, they seek to use game-based technologies to create realistic environments that are user-friendly for digital natives. The requirements set by DARPA are setting the stage for a fuller view of what tools the warfighter may be using in the coming years. The scenario that DARPA laid out for what it calls “Vignette 1,” which covers swarm autonomy, has as its mission to isolate an urban target within 15 to 30 minutes using a swarm of 50 UASs or UGSs – all of this occurring within two city blocks.

The BBN team is developing three key technologies: A visual interface, a gamebased simulator, and a physical swarm testbed. “The key challenge in developing and testing tactics for swarms is that it is difficult to reason about and program a large number of autonomous and potentially independent agents simultaneously,” says Shane Clark, a scientist at Raytheon BBN Technologies in Cambridge, Massachusetts. Visual interface The team’s visual interface consists of a “drag-and-drop” mechanism that creates and manipulates drone tactics. “We’re developing a programming interface and framework to make that easier,” Clark says. “Part of that is providing programming primitives that already work in

SMALLER. LIGHTER. FASTER. ZM3 COMPUTER Designed specifically to minimize size and weight, yet maximize performance, the ZM3 Airborne Computer is the ideal solution for airborne ISR applications.

WEIGHS LESS THAN 10 LBS.

16 CORE INTEL® XEON® PROCESSOR

DESIGNED AND TESTED TO EXCEED DO-160G REQUIREMENTS

COMPACT, REMOVABLE STORAGE DRIVES (UP TO 4TB)

NVIDIA® QUADRO® GPUs SUPPORTED

ADDITIONAL x8 OR TWO x4 PCIe EXPANSION SLOTS AVAILABLE

LEARN MORE

zmicro.com/ZM3

42 July/August 2018

zmicro MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

the context of swarms to move a large number of vehicles without running into each other – that is one example.” (Editor’s note: Primitives are the simplest elements that are available in a programming language.) The “drag-and-drop” capability will enable users to easily move drones and map an area, he explains. Part of the challenge is delivering the “primitives in a way that’s easy to compose and test together. Instead of having to write code to test that quickly, they can just combine blocks in a user interface.”

bed, in this case, is a heterogeneous swarm of air and ground vehicles that we are procuring with commercial off-the-shelf (COTS) hardware and making modifications as necessary,” Clark says. “We are also providing the hardware and the software programming interface so that others can bring their best tactics to the field and see what they actually do in practice.” Even with all this activity, the BBN team is still only in the initial phase of the program, he continues: “It’s organized in a bit of an unusual way in that there are three phases for the program, each running 18 months, and we’re about a third of the way through phase one. At the same time, DARPA is releasing what they call ‘sprinter’ amendments.” For those still interested in participating in the OFFSET program, Clark says that “Every six months they’re soliciting new teams for small contracts, where they do things like develop tactics or platform modifications that we could potentially integrate. We’re actually working with sort of a new cast of potential characters and contributors every six months throughout the program.”

Game-based simulator The second technology the team is developing is a game-based simulator that will evaluate the tactics developed for such vignette scenarios. “For the game-based simulator, we’re using an open source project called AirSim originally created by Microsoft research,” Clark says. “The goal of the game-based simulator is to allow rapid low-stakes iteration when you’re developing tactics. The simulator is there to give people a high-fidelity representation of what should happen when they try to deploy on real hardware.” Game-based technologies have been on the rise within defense platforms. In this instance, it enables users to see realistically what will happen during a mission. One reason that Raytheon BBN is using this technology is to be able to “offer high-quality image capture in simulation, so that if you’re doing something like simulating the operation of a camera or processing on camera data, the imagery we grab from within the simulator is pretty representative of the real world,” he adds. When the user was born during the digital era, this type of gaming-derived technology is intuitive and easy to learn. It’s also important to note that “The other thing that they do really well with modern game engines are things like physics modeling,” Clark adds. “You get really good models of things like collision lift, weather conditions, etc.” Physical-swarm testbed The team is also developing a physicalswarm test bed, arguably the most important portion of the project. “The test www.mil-embedded.com

MILITARY EMBEDDED SYSTEMS

July/August 2018 43

Blockchain for embedded systems By Russ Doty, Red Hat Perhaps best known for cryptocurrency, blockchain technology can also be a powerful tool for embedded systems. Put aside bitcoin for a moment and consider what blockchain provides: A verified, immutable record of actions across distributed systems with robust security capabilities. If desired, the actual contents of a blockchain can be encrypted, providing secrecy as well as integrity. These capabilities can be used in many ways. They can range from robust methods to gather sensor data to building more secure command-andcontrol systems that work even in the presence of system failure, degraded communications, and compromised or hostile nodes inside your perimeter. While a blockchain can be implemented with standardized frameworks, such as Hyperledger or Ethereum, it can also be implemented with custom systems to meet specific needs. The block and chain At the most basic level, a blockchain is made of two components: the block, which is a set of data, and the chain, which is a hash of the data in the previous block and which is used to establish the link between blocks. Any attempts to modify a block will change the hash of that block, producing a validation failure when compared with the recorded hash in the next block. You can trace the entire history of a blockchain by reading each block and validating it against the next block. In addition to holding data, a special strength of a blockchain is that it can handle transactions – changes in the state of data. Blockchains provide an elegant method for handling transactions in a distributed environment – even in untrusted environments and across unsecure transports. A blockchain system consists of several components: systems that are designed to create and submit data or transactions; serialization servers that process

44 July/August 2018

transactions in order; validation servers that verify the transactions and create the official blocks to be added to the blockchain; and a distribution mechanism for the validated blocks. Blockchain in action Consider an example of a contaminated site, such as the former military bases on Cape Cod. Here, decades of fuel spills and munitions testing have contaminated the soil and groundwater that is undergoing remediation. In a generalized case, groundwater and air might be monitored by 100 sensors and there might be a filtering system whose flow rate can be changed once per minute. The landowner (who c reated the contamination), an environmental group, a government monitoring agency, and the company doing the remediation are all watching closely. All parties want access to the data, a permanent record of the data, and proof of the validity of the data. Since these groups have opposing viewpoints, there is a strong interest in being able to prove that records haven’t been tampered with. Let’s assume that the 100 sensors are all network-connected and report once per minute. There is a monitoring gateway that collects and concatenates sensor data, while commands to the filtering system flow through the gateway. Each sensor takes the current value, a sensor identifier, and a timestamp; concatenates them and hashes them using a sensor private key; and sends these four data elements to the gateway using a protocol such as MQTT [Message Queuing Telemetry Transport]. The gateway combines the sensor data from multiple sensors into a block, timestamps the block, hashes the block with its private key, and sends this combined block to a back-end system, perhaps running in the cloud. Robust communications can be implemented with more advanced messaging systems such as AMQP [Advanced Message Queuing

MILITARY EMBEDDED SYSTEMS

BLOG Protocol], which integrates into sophisticated applications running on the backend systems. At this point the validation server will validate the raw blockchain data, perhaps using custom code for the specific application. The validation server can verify that the data has not been modified in transit and can apply additional checks. A single validation server or multiple validation servers can be used. You may want to have two validation servers, perhaps at the remediation company and the government agency, and require both servers to validate a block before it is released. The validation servers sign the block using cryptographic hashes and their private keys. Once a block of data is validated, copies are sent to all parties involved. The result is that each entity has their own copy of the data and they can independently verify the source of the data and assert that none of the records have been modified or tampered with. Cryptography concerns The cryptography used can be matched to the need. For example, the sensors could use a simple hash algorithm such as SHA-1. While SHA-1 is considered insecure, it might still be appropriate for this use case. The gateway would use a more secure algorithm such as SHA-256. The validation servers might also use SHA-256, but would perform the signing operation in a dedicated HSM [Hardware Security Module]. At this point, we have a blockchain containing validated sensor data from the remediation site – but that is only the beginning. In the next article, we will look at how commands to the filtration system can be implemented using blockchain transactions. Russell Doty is a technology strategist and product manager at Red Hat. Readers may connect with Russell at rdoty@redhat.com. www.mil-embedded.com

WHERE TECHNOLOGY EXPERTS GATHER

MARKET TRENDS, TECHNOLOGY UPDATES, INNOVATIVE PRODUCTS Military Embedded Systems focuses on embedded electronics â&#x20AC;&#x201C; hardware and software â&#x20AC;&#x201C; for military applications through technical coverage of all parts of the design process. The website, Resource Guide, e-mags, newsletters, and print editions provide insight on embedded tools and strategies such as software, hardware, systems, technology insertion, obsolescence management, and many other military-specific technical subjects. Coverage includes the latest innovative products, technology, and market trends driving military embedded applications such as radar, sonar, unmanned system payloads, artificial intelligence, electronic warfare, C4ISR, avionics, imaging, and more. Each issue provides readers with the information they need to stay connected to the pulse of embedded technology in the military and aerospace industries. mil-embedded.com

CONNECTING WITH MIL EMBEDDED By Mil-Embedded.com Editorial Staff

www.mil-embedded.com

Military Families United Each issue in this section, the editorial staff of Military Embedded Systems will highlight a different charity that benefits military veterans and their families. We are honored to cover the technology that protects those who protect us every day. To back that up, our parent company – OpenSystems Media – will make a donation to every charity we showcase on this page. This issue we are highlighting Military Families United, a not-for-profit 501(c)(3) charitable organization whose stated mission is “Honor the Fallen, Support Those Who Fight, and Serve Their Families.” The organization – a coalition of active-duty military, families who have lost loved ones in action, veterans, and military supporters – was founded in 2005 to provide an avenue for military families to remind the nation of the importance of supporting our military and the mission they have been given to accomplish. The group subsequently expanded its mission to initiate charitable services, events, and advocacy programs that offer direct support to military families and survivors direct support. One of the organization’s major ongoing projects is the first National Gold Star Family Registry, which is a public, online platform intended to be the first comprehensive record of fallen military. The aim of the registry, according to organization documents, is to create the first “virtual memorial,” ensuring that Americans from all over the country can learn about the heroic sacrifice of service members. The registry is also set up for families who have lost loved ones to connect and share stories and photos. Military Families United also sponsors community get-togethers to send care packages to deployed troops; runs fundraising events such as golf outings; and supports an extensive directory of educational, relocation, legal, and medical support services for military and veteran families. For more information on Military Families united, please visit www.militaryfamiliesunited.org.

E-CAST

WHITE PAPER

Next-generation military radar tech outlook By National Instruments and Pentek Designers of next-generation military radar systems are trying to deliver enhanced capability to track and counter increasingly sophisticated threats, all at the lowest cost possible, while also factoring in ease of installation and upgrades. New radar systems that meet these requirements leverage size, weight, and power (SWaP) features; incorporate multiple functions; and borrow techniques from commercial electronics solutions. In this webcast, participants will learn about technological trends driving innovation in the military radar market. View archived e-cast: http://ecast.opensystemsmedia.com/814 View more e-casts: http://opensystemsmedia.com/events/e-cast/schedule

46 July/August 2018

Calculate total cost of ownership By National Instruments The defense and aerospace market has changed: Organizations and programs need to optimize product technology and the value of their business processes to win contracts. Calculating total cost of ownership (TCO) can give companies a tool to quantify the financial impact of test on an organization. Calculating TCO can model the effects of changes by quantifying the return on investment and payback period of dedicating internal research and development to the upkeep and modernization of test equipment and facilities. This approach can lead to a minimized total cost of test, an improved cost-to-defect ratio, and – ultimately – an optimized test organization. In this white paper, learn how organizations can figure out whether they are over- or under-invested in test by identifying a data-driven perspective of test expense. Read the white paper: https://bit.ly/2KZ5Lu1 Read more white papers: http://mil-embedded.com/white-papers/

MILITARY EMBEDDED SYSTEMS

www.mil-embedded.com

THE LATEST, MOST INNOVATIVE PRODUCTS AND TECHNOLOGY

THE RESOURCE GUIDE PROVIDES INSIGHT ON EMBEDDED TOOLS AND STRATEGIES FOR MILITARY-SPECIFIC TECHNICAL SUBJECTS The September 2018 Military Embedded Systems Resource Guide will focus on embedded hardware and software for military applications. Our Special Report will examine the role of shipboard electronics, while additional features will report on test and measurement trends in the industry. We’ll focus the Industry Spotlight on the increasingly relevant issue of obsolescence and counterfeit parts in the supply chain. The September 2018 Military Embedded Systems Resource Guide will also highlight such key electronics-buying categories as avionics, communications, cybersecurity, electronic warfare, hardware and software, obsolescence management, operating systems and tools, RF and microwave, safety certification of parts, unmanned systems, and wireless. Don’t miss this special jam-packed issue.

mil-embedded.com

le: b a vail el A n Now Chan y 2X ensit D

Unfair Advantage. 2X HIGHER performance

4X FASTER development

Introducing Jade™ architecture and Navigator™ Design Suite, the next evolutionary standards in digital signal processing.

Kintex Ultrascale FPGA

Pentek’s new Jade architecture, based on the latest generation Xilinx® Kintex® Ultrascale™ FPGA, doubles the performance levels of previous products. Plus, Pentek’s next generation Navigator FPGA Design Kit and BSP tool suite unleashes these resources to speed IP development and optimize applications. •

•

Streamlined Jade architecture boosts performance, reduces power and lowers cost Superior analog and digital I/O handle multi-channel wideband signals with highest dynamic range

•

Built-in IP functions for DDCs, DUCs, triggering, synchronization, DMA engines and more

•

Board resources include PCIe Gen3 x8 interface, sample clock synthesizer and 5 GB DDR4 SDRAM

•

Navigator Design Suite BSP and FPGA Design Kit (FDK) for Xilinx Vivado® IP Integrator expedite development

•

Applications include wideband phased array systems, communications transceivers, radar transponders, SIGINT and ELINT monitoring and EW countermeasures

Jade Model 71131 XMC 8-channel module, also available in VPX, PCIe, cPCI and AMC with rugged options. Navigator FDK shown in IP Integrator.

See the Video!

www.pentek.com/go/mesjade or call 201-818-5900 for more information

All this plus FREE lifetime applications support!

Pentek, Inc., One Park Way, Upper Saddle River, NJ 07458 Phone: 201-818-5900 • Fax: 201-818-5904 • email: info@pentek.com • www.pentek.com Worldwide Distribution & Support, Copyright © 2016 Pentek, Inc. Pentek, Jade and Navigator are trademarks of Pentek, Inc. Other trademarks are properties of their respective owners.