ADI’s AD9213S is the industry-leading, commercial space qualified 10.25 GSPS RF analog-to-digital converter that helps you thrive, not just survive in space. Trust ADI to get your high speed signal processing applications to market faster.
Behlman introduces the first test-proven VPX power supplies developed in alignment with the SOSA Technical Standard. Like all Behlman VPXtra® power supplies, these 3U and 6U COTS DC-to-DC high-power dual output units feature Xtra-reliable design and Xtra-rugged construction to stand up to the rigors of all mission-critical airborne, shipboard, ground and mobile applications.
VPXtra® 1000CD5-IQI
> 6U power module developed in alignment with the SOSA Technical Standard
> Delivers 1050W DC power via two outputs
> VITA 46.11 IPMC for integration with system management
VPXtra® 700D-IQI
> 3U power module developed in alignment with the SOSA Technical Standard
> Delivers 700W DC power via two outputs
> VITA 46.11 IPMC for integration with system management
Editor’s Perspective
7 On the road again ...
By John McHaleMil Tech Insider
8 Tactical decision-making demands increasing speeds and volume of data processing
By Aaron FrankDefense Tech Wire
10 By Dan Taylor
Connecting with Military Embedded
47 By Military Embedded Systems Staff
SPECIAL REPORT: Leveraging Big Data for military applications
12 Industry pushing for AI, big data to drive strategic defense decision-making
By Dan Taylor, Technology Editor
16 Data dominance: the weapon of the future
By Aron Brand, CTERA Networks
18 Multi-agent augmentive artificial intelligence: an exoskeleton for warrior minds
By Dawn M.K. ZoldiMIL TECH TRENDS: Cyberdefense: Dealing with evolving threats
22 From airgap to zero-trust: Enhancing cybersecurity in the testing space
By Steve Summers,NI
26 How automation can optimize zero-trust security at the multidomain, tactical edge
By Christopher Yates, Red Hat Inc.
30 Designing and implementing secure boot for military-grade systems
By
DanieleLacamera, WolfSSL
34 The DoD addresses security challenges and harnesses emerging technologies
By Scott Aken, Axellio
36 Cybersecurity: What the defense industry needs to unlock to stay ahead By Matt Medley, IFS
INDUSTRY SPOTLIGHT: Rugged computing & thermal management
40 High-speed VPX backplane design practices
By David Jensen and Steve Gudknecht, LCR Embedded Systems
44 A tour of VITA AFT cooling standards in 2023 By Ivan Straznicky, Curtiss-Wright
ON THE COVER:
© 2023 OpenSystems Media © 2023 Military Embedded Systems
ISSN: Print 1557-3222
U.S. Marine Corps Staff Sgt. Nathaniel Williams, a defensive cyberwarfare operator with 9th Communication Battalion, I Marine Expeditionary Force Information Group, utilizes the Big Data Platform – Cyber Hunter & Analytics Operation System (BDP-CHAOS) to scan for cyberthreats during an exercise at Camp Pendleton. BDP-CHAOS allows analysts to hunt for threats on a network that is accessible by multiple units. (U.S. Marine Corps photo by Lance Cpl. Macie Ross.)
https://www.linkedin.com/groups/1864255/
@military_cots
PAGE ADVERTISER/AD TITLE
43 AirBorn – Sinergy –high-density, modular, & fast
2 Analog Devices, Inc. –Trusted on Earth. Qualified for space.
3 Behlman Electronics, Inc. –Behlman leads the pack again!
29 Dawn VME Products – Fill your tank. Run up to three supplies in parallel
15 Elma – Enabling the warfighter with OpenVPX
25 GMS – X9 Spider. The world’s most powerful full-featured wearable AI computer
33 GMS – Thunderbolt 4 Distributes Compute Elements for Optimized Rugged Architectures
31 Interconnect Systems – Smaller, tougher, custom modules
46 Interface Concept – Front-end processing boards for edgeapplications
9 Mercury Systems, Inc. –Protect one of your most critical resources: Time
48 Mercury Systems, Inc. –Critical signal processing with unmatched flexibility
5 MOSA Industry & Government Summit & Expo – Atlanta GA –18-19 September 2023
21 Phoenix International –Phalanx II: The ultimate NAS
23 Zmicro – ZX1C 18 airborne server
DSEI 2023
September 12-15, 2023
London, England
https://www.dsei.co.uk/
AUSA 2023
October 9-11, 2023
Washington, DC
https://meetings.ausa.org/annual/index.cfm
Aerospace Tech Week Americas
November 14-15, 2023
Atlanta, GA
https://www.aerospacetechweek.com/ americas/
Association of Old Crows (AOC) 2023
International Symposium & Convention
December 11-13, 2023
National Harbor, MD
https://www.crows.org/mpage/2023HOME
GROUP EDITORIAL DIRECTOR John McHale john.mchale@opensysmedia.com
ASSISTANT MANAGING EDITOR Lisa Daigle lisa.daigle@opensysmedia.com
TECHNOLOGY EDITOR – WASHINGTON BUREAU Dan Taylor dan.taylor@opensysmedia.com
CREATIVE DIRECTOR Stephanie Sweet stephanie.sweet@opensysmedia.com
WEB DEVELOPER Paul Nelson paul.nelson@opensysmedia.com
EMAIL MARKETING SPECIALIST Drew Kaufman drew.kaufman@opensysmedia.com
WEBCAST MANAGER Marvin Augustyn marvin.augustyn@opensysmedia.com
VITA EDITORIAL DIRECTOR Jerry Gipper jerry.gipper@opensysmedia.com
DIRECTOR OF SALES Tom Varcie tom.varcie@opensysmedia.com (734) 748-9660
DIRECTOR OF MARKETING Eric Henry eric.henry@opensysmedia.com
OPERATIONS & AUDIENCE DEVELOPMENT (541) 760-5361
STRATEGIC ACCOUNT MANAGER Rebecca Barker rebecca.barker@opensysmedia.com (281) 724-8021
STRATEGIC ACCOUNT MANAGER Bill Barron bill.barron@opensysmedia.com (516) 376-9838
STRATEGIC ACCOUNT MANAGER Kathleen Wackowski kathleen.wackowski@opensysmedia.com (978) 888-7367
SOUTHERN CAL REGIONAL SALES MANAGER Len Pettek len.pettek@opensysmedia.com (805) 231-9582
DIRECTOR OF SALES ENABLEMENT Barbara Quinlan barbara.quinlan@opensysmedia.com AND PRODUCT MARKETING (480) 236-8818
INSIDE SALES Amy Russell amy.russell@opensysmedia.com
STRATEGIC ACCOUNT MANAGER Lesley Harmoning lesley.harmoning@opensysmedia.com
EUROPEAN ACCOUNT MANAGER Jill Thibert jill.thibert@opensysmedia.com
TAIWAN SALES ACCOUNT MANAGER Patty Wu patty.wu@opensysmedia.com
CHINA SALES ACCOUNT MANAGER Judy Wang judywang2000@vip.126.com
WWW.OPENSYSMEDIA.COM
PRESIDENT Patrick Hopper patrick.hopper@opensysmedia.com
EXECUTIVE VICE PRESIDENT John McHale john.mchale@opensysmedia.com
EXECUTIVE VICE PRESIDENT AND ECD BRAND DIRECTOR Rich Nass rich.nass@opensysmedia.com
TECHNOLOGY EDITOR Curt Schwaderer curt.schwaderer@opensysmedia.com
ASSOCIATE EDITOR Tiera Oliver tiera.oliver@opensysmedia.com
ASSOCIATE EDITOR Taryn Engmark taryn.engmark@opensysmedia.com
PRODUCTION EDITOR Chad Cox chad.cox@opensysmedia.com
GRAPHIC DESIGNER Kaitlyn Bellerson kaitlyn.bellerson@opensysmedia.com
FINANCIAL ASSISTANT Emily Verhoeks emily.verhoeks@opensysmedia.com
SUBSCRIPTION MANAGER subscriptions@opensysmedia.com
CORPORATE
REPRINTS
This spring, our Military Embedded Systems crew was all over the country and western Europe covering military and aviation events to bring you the latest news and in-depth features.
We hit Embedded Tech Trends in Phoenix, West2023 in San Diego, Satellite 2023 in D.C., Aerospace Tech Week in Munich, Sea-Air-Space in Maryland, Army Quad-A in Huntsville, SOF Week in Tampa, xPonential in Denver, and IMS in San Diego. Whew.
As you read this, summer’s almost over and the fun starts again on the defense trade show circuit, starting with DSEI in London, followed by the MOSA Summit and Expo in Atlanta and the Air Force Association (AFA) in National Harbor. That’s just September.
In October, we’ll be out in force covering the AUSA Annual Meeting, and then we’ll travel to a new event for us in the Czech Republic, GSOF Symposium Europe, the last week of the month.
Come November, we are hosting the MOSA Pavilion at the second iteration of Aerospace Tech Week Americas in Atlanta. We end our 2023 show coverage at the AOC International Symposium and Convention in National Harbor, Maryland.
To paraphrase another John (that’s Mr. Cash to you): “We are everywhere, man. We are everywhere.”
DSEI
This year will be our first visit back to London for DSEI since before the pandemic. We will be doing it in style, filing the first edition of our Military Embedded Systems Daily newsletter that we’ll then produce for specific shows throughout the year.
If you received this column and magazine via the U.S. Postal Service, you’ll notice it is polybagged with the 3rd annual SOSA Special Edition, a special 84-page issue covering The Open Group’s Sensor Open Systems Architecture (SOSA) Technical Standard – with content straight from the pages and website of Military Embedded Systems magazine, as well as information regarding the products aligned and conformant to the Technical Standard, all put together exclusively by our staff. If you don’t have a copy, visit us online at https://military embedded.com to peruse the latest SOSA Special Edition.
The 2023 SOSA Special Edition follows on our second special issue covering the Future Airborne Capability Environment (FACE) Technical Standard, which we published in May and may
John.McHale@opensysmedia.com
be viewed here: https://issuu.com/opensystemsmedia/docs/ face_specialedition_2023_e-mag_final. The 2023 SOSA Special Edition will also be distributed at the MOSA Summit in Atlanta (mentioned above).
This event is run by the Global SOF Foundation, which also hosts SOF Week in Tampa, for which we were the Official Media Partner with Shephard Media this past spring.
At the SOF Week show, we produced the official show guide plus about 80 pieces of content over four days, including news, videos, blogs, and more, all deployed twice a day in our two Show Daily newsletters. For more on our coverage of SOF Week 2023, visit www.militaryembedded.com/SOFWEEK
We’re excited to return to Tampa for SOF Week 2024, where with Shephard Media we are again Official Media Partners. Thanks again to the Global SOF Foundation and Clarion Events for the opportunities.
Once again, I am organizing a one-day MOSA conference track for the second year of Aerospace Tech Week Americas. The track will educate attendees on how MOSA [modular open systems approach] strategies and open architecture initiatives such as SOSA and FACE are being deployed in military systems and how these approaches enable faster adoption of commercial technology.
The one-day track will include a keynote and three sessions: MOSA for Military Aviation Platforms; Open Architecture Strategies for Sensor Application; and Leveraging Commercial Technology for Defense Applications. For more information on the conference, visit https://www.aerospacetechweek.com/ americas/conferences/.
On the opposite day of the MOSA Conference Track, there will be a one-day MOSA Workshop/Exhibitor Theater near the OpenSystems Media MOSA Pavilion. To learn more about the workshop/exhibitor theater and the MOSA Pavilion contact OSM’s Director of Sales at tom.varcie@opensysmedia.com.
Before all this traveling, however … be sure to sit back and enjoy the article in this July/August issue from our Technology Editor Dan Taylor on big data (see page 12), as well as pieces on test and measurement, cybersecurity, GaN technology, VPX backplanes, and more.
See you somewhere this fall.
By Aaron Frank
For defense applications, responsiveness, accuracy, and precision have never been more critical to mission success. Expanding the connectivity bandwidth within and between systems enables faster time-to-solution and greater mission capability through higher data resolution and fidelity, all of these with reduced latency.
Curtiss-Wright first introduced its 40 Gbit ecosystem in 2013 with its 6U VPX products that featured 40 Gbit Ethernet and InfiniBand fabrics. The full ecosystem of 40 Gbit interoperable modules – single-board computers (SBC), digital signal processors (DSP), FPGAs [field-programmable gate arrays], and GPU engines, as well as fabric switches, and backplane/chassis systems – was the first to provide system integrators with a complete suite of 40 Gbit building blocks that significantly lowered their integration risks when building high-performance embedded computing (HPEC) systems.
Today, higher-bandwidth connectivity within systems will enable the processing elements to transfer and share more data faster. To take full advantage of 100 Gbit connectivity in an embedded computing system, the processing elements must be able to supply and consume the data at the higher speed without the impediment of other architectural bottlenecks. This is critical for modern sensors which rely on increased volumes of efficiently processed data. Higher-bandwidth connectivity between systems also enables more data and actionable information to be efficiently shared, for increased mission effectiveness and integrated situational awareness.
A system-level 100 GbE solution should encompass all aspects of embedded computing, from sensor ingest and processing, to the most advanced levels of network integration and connectivity. Such a system will feature solutions in 3U and 6U VPX form factors to fit the unique needs of a wide range of programs. By leveraging the COTS [commercial off-the-shelf] model, vendors can ensure that their highly modular and interoperable solutions will be flexible enough to address any platform’s needs. The COTS approach provides system designers with proven technology at a lower cost than customdeveloped hardware, and with reduced system integration risk.
One of the main challenges in applying new technology to existing systems is integrating disparate components from a variety of vendors and reducing program integration risks by ensuring the components and all parts of the system work together. To solve this problem, the modules that make up an end-to-end 100 G system-level solution should be tested together, an approach far superior to simply testing each individual module on its own.
With newer technology, system integrators are often left to develop a patchwork approach to system design using cards from various vendors. When integration between cards from different vendors fails, who is responsible for facilitating the integration? This failure is a significant risk to system design and can result in unforeseen project cost increases and schedule delays.
100 Gbit Ethernet technology is not just the future of the embedded computing industry; it is a foundational building block needed to ensure competitiveness and agility in an everchanging defense landscape. Investing in 100 Gbit components enables system integrators to quickly bring new capabilities to the field, ensuring that designs remain relevant and efficient while minimizing both near-term and long-term program cost and risk.
The first modules in the Curtiss-Wright Fabric100 portfolio, a pair of 6U OpenVPX high-performance processing modules ideal for sensor ingest and advanced processing for nextgeneration radar and SIGINT systems. Alignment with the modular open systems approach (MOSA) – such as the Sensor Open Systems Architecture (SOSA) Technical Standard – enables building new systems that can deliver the critical information troops need at the speed of relevance.
The Fabric100 offerings enable system integrators to take full advantage of faster processing speeds while leveraging the lower latency and the improved fidelity offered with 100 Gbit technology. (Figure 1.)
Aaron Frank is senior product manager for Curtiss-Wright Defense Solutions.
Curtiss-Wright Defense Solutions https://www.curtisswrightds.com/Dramatically improve the speed and costs of hardware and software upgrades. Mercury’s fully configurable family of mission computers fit most aircraft and support converged applications for sustainable, high-speed, agile computing at the edge.
FEATURES
MOSA, SOSA and FACE open standard design
Latest Gen Intel/ARM processing
Deployed in safety certified DAL A applications
mrcy.com/missioncomputing
Reconnaissance system for F-16 aircraft completes flight testing
Collins Aerospace completed flight testing for the MS-110 Multispectral Airborne Reconnaissance System, which will be integrated onto F-16 fighter aircraft, according to a company statement. The flight testing began in July 2022 on an F-16 for an undisclosed international customer, followed by multiple flight tests and related ground activities. The MS-110 system, a later version of the currently deployed DB-110, offers multispectral features designed to enhance the extraction of information from a range of target sets, the company says.
Collins Aerospace is set to deliver a total of 16 sensors to international Fast-Jet operators and is negotiating contracts for an additional 13 pods, the statement adds. The company states that this multispectral sensor is compatible with various platforms, including the F-15 and F-16, ISR business jets, and drones.
The size of the unmanned maritime vehicle (UMV) market is forecasted to reach over $3.1 billion by 2033, a projected increase of over $1.9 billion from the size of the 2023 market, driven by applications for littoral warfare, according to a report from GlobalData. The report author highlights the projected market expansion of various types of UMVs in the study, forecasting growth in the unmanned surface vehicle (USV) market from $894 million in 2023 to over $2.1 billion in 2033, and projecting growth in the unmanned underwater vehicle (UUV) market from $379 million in 2023 to $965 million in 2033. The study author asserts that growth in the UMV market stems from military organizations increasingly weaponizing unmanned systems across all domains in order to capitalize on the outsized cost-to-benefit ratio such platforms provide.
Hensoldt demonstrated the operational capabilities of land-based networked sensors powered by artificial intelligence and machine learning (AI/ML), including the technology demonstration vehicle “MUV,” at the German Army Combat Training Centre (GÜZ). According to the company’s report of the demo, in a noncontrolled application scenario, ML algorithms were deployed to detect and classify objects using the “Ceretron” computing unit, which was able to detect real camouflaged combat vehicles under attack, reconnoiter them, and transfer them assisted to a networked command-and-control information system.
AI-supported reconnaissance assisted in passing targets between individual workstations of the vehicle. Networking laser alarms, reconnaissance optronics, all-round vision, and distributing information in the network between multiple vehicles and command posts allowed for automatic resolution of several threat alarms, the company says.
Figure 1 | U.S. Air Force photo.
Figure 2 | “MUV” technology demonstration vehicle. Hensoldt image.
L3Harris wins hypersonic missile detection contract for U.S. Space Force
L3Harris Technologies won a U.S. Space Force Space Systems Command contract to provide a sensor payload design for the medium Earth orbit (MEO) – Missile Track Custody (MTC) Epoch 1 satellite program, the company announced. The focus of this contract, worth about $29 million, will be on detecting and tracking hypersonic missiles. It was awarded through the Space Enterprise Consortium (SpEC) Other Transaction Authority (OTA) vehicle.
Under the terms of the contract, L3Harris will execute an infrared sensor payload critical design phase to assist in cost, schedule, and performance predictions for the Space Force’s future missile warning and tracking constellation. According to the contract announcement, the work is intended to bolster the Missile Track Custody program, aiming to offer resilient and low-risk solutions for both the Epoch 1 satellite constellation and future Epochs. The critical design review phase of the MEO-MTC contract is expected to conclude in May 2024.
A new project from the Defense Advanced Research Projects Agency (DARPA) is attempting to help government and industry more quickly and reliably harden space-bound microelectronics against damage caused by single-event effects, such as solar flares. The Advanced Sources for Single-event Effects Radiation Testing (ASSERT) program focuses on assuring that advanced U.S. microelectronics components can operate in harsh radiation environments while maintaining the highest-possible reliability, in large part by integrating radiation testing throughout the design and development life cycle.
According to the announcement from DARPA, the program aims to accelerate the availability of radiation-qualified, state-of-the-art components 10 times faster than current approaches. The ASSERT program proposes to develop sources to integrate testing at both the factory and lab levels. Dr. David K. Abe, program manager for ASSERT, stated that under ASSERT, the industry will be able to put advanced electronics into space and onto strategic platforms much faster than occurs today, calling that the “mission requirement.”
Thales is in exclusive negotiations to acquire Cobham Aerospace Communications (AeroComms), a provider of safety cockpit communication systems, in an effort to boost its avionics portfolio, according to a statement from Thales. Employing around 690 individuals, including approximately 190 engineers, AeroComms operates in France, South Africa, the U.S., Canada, and Denmark. The company is projected to generate revenues of about $200 million in 2023.
The planned acquisition is part of Thales’ strategy to fortify its avionics portfolio, which includes assuming a strong position in safety cockpit communications and integrating products developed by AeroComms that have established positions with major original equipment manufacturers (OEMs), the company says.
New radar system to be integrated into RAF’s Typhoon fighter jets
BAE Systems and Leonardo UK will further develop and integrate the European Common Radar System (ECRS) Mk2 radar into the Royal Air Force’s Typhoon fighter jets, according to a statement from the Eurofighter Typhoon consortium, a collaboration of governments and defense companies in the U.K., Germany, Italy, and Spain. The radar system aims to enhance the control of the airspace and offer improved electronic warfare (EW) capabilities, the consortium stated. Initial flight testing is expected to begin in 2024, with the project’s objective to operationalize the ECRS Mk2 prototype within five years.
The ECRS contract is part of the British government’s broader £2.35 billion ($3.075 billion) investment, announced in July 2022, intended to support national security and defense priorities through technological advancements in the Typhoon program, according to the Eurofighter statement.
Figure 3 | Image courtesy L3Harris.
By Dan Taylor
As the defense industry grapples with exponential increases in mission data that must be collected, managed, and analyzed, the promise of artificial intelligence (AI) to harness the power of big data and drive strategic decision-making represents an unprecedented shift in the industry.
It’s not just the commercial world that is embracing artificial intelligence (AI) to manage big data. Defense industry players from commercial off-the-shelf (COTS) hardware and software suppliers to prime contractors to the U.S. Department of Defense (DoD) are
integrating AI solutions to manage huge amounts of data that are only increasing in complexity.
Now, the question is how to use that data to help the warfighter. Industry insiders say the combination of AI and big data is poised to revolutionize defense operations by speeding up the kill chain – that necessary process of “find, fix, track, target, engage, and assess.”
U.S. Marine Corps photo/Lance Cpl. Macie RossOne major advancement for AI and big data has been its use in enabling more advanced capabilities for military personnel, particularly in real-time battlefield contexts, says Glenn Kurowski, chief technology officer for CACI (Reston, Virginia).
“A big trend is delivering increased data utilization at the edge for the warfighter,” Kurowski says. “A specific example is the aggregation of multi-intelligence sensor data into a fusion framework to provide sophisticated and timely situational awareness. That situational awareness then feeds into mission planning and multidomain operations, with a mix of automation and humans on/in the loop.”
That process is easier said than done, and the solution is not necessarily more data. One aspect that the industry has focused on is the fact that the key to data exploitation on the battlefield lies not in raw processing power, but in the proper application of the data warfighters already have, Kurowski says.
Then there’s the major issue of data security: Kurowski highlights the importance of zero-trust architectures, cloud stacks, and accompanying security encryption, from data transport to live data in data lakes to storage mechanisms. One significant innovation in this area, according to Kurowski, is the easy, National Security Agency (NSA)approved access to classified data from unclassified networks, enhancing data access for users at the edge via Commercial Solutions for Classified Programs (CSfC).
“It now includes over-the-air rekeying, integrated retransmission devices, and a more turnkey accreditation process,” he says. “Essentially, there’s now an easy button for one of the most pressing operational needs to access data at rest from a different security domain.” (Figure 1.)
Integration is an ongoing obstacle
Transferring data across domains is a key driver in enabling the military’s Joint All Domain Command and Control (JADC2) effort, but the reality of this integration is harder than it appears.
To address the difficulty of transferring data across older systems, Kurowski advocates for two specific strategies: optical communications and rethinking data utilization.
Optical communications “requires highly secure, high-bandwidth, resilient paths of network communications using photonic energy (lasers),” he adds.
The second strategy requires changing the approach to data utilization. “Think beyond ‘data’ being contained at a ‘location’ but rather to accepting that it exists everywhere and focus on managing accessibility and having resilient networks to ensure access,” Kurowski says.
Stephen Carlon, managing director and client account lead for C4ISR at Accenture Federal Services (Arlington, Virginia), says his firm attempts to tackle this challenge using technology called PICARD (Platform for Integrated C2 and Responsive Defense), which is aimed at assisting with the mixture of old and new systems.
“By normalizing the data into common formats, it removes the barrier of requiring systems to conform to a certain data standard,” Carlon says. (Figure 2.)
The effort to figure out how to best utilize big data is not just an industry focus – the Office of the Secretary of Defense (OSD) has also made it a priority. The OSD stood up the Chief Digital and Artificial Intelligence Office (CDAO) in June 2022 in an effort to centralize OSD’s digital and AI capabilities to ensure unity in the implementation of AI and data in general, says Lt. Cmdr. Tim Gorman, OSD spokesperson.
CDAO’s initiatives are focused on enabling self-service to easily access data, receiving input from all data users through feedback loops, and measuring value with metrics to support growth and quality.
CDAO also hosts the API [application programming interfaces] marketplace, a portal powered by Google Apigee (Google’s API platform), Gorman adds.
“Users discover data products through a self-service developer portal,” he says. “The data product is designed to meet the specific business and mission needs of user groups. These products are understandable, high-quality, secure, easy to access, and made available through a well-defined interface.”
To fulfill the goals of becoming a more “datacentric DoD,” CDAO has been developing an ontology – a collection of terms describing the types of objects and/or events and their relationships that comprise a domain of interest. Implementing a defense-wide semantic layer enables the linking of enterprise data, Gorman says.
The goal is to integrate operational and intelligence data and analytics to provide commanders with a greater understanding of the battlefield and a decision advantage over potential adversaries.
In order for both industry and DoD officials to be successful in leveraging big data successfully, it’s increasingly clear that open standards and interoperability will be key – especially with the push toward more cross-domain access to that data.
Carlon points to initiatives such as the Integrated Sensor Architecture (ISA) currently in use by the Army, which enables “the rapid acquisition and deployment of new data in a mission-forward, sensing environment,” he says.
The continued refinement of the modular open systems approach (MOSA) in the defense industry, which includes the adoption of standards for data encapsulation and formats, has been vital, Kurowski says: “There are working groups defining standards for data formats, descriptions, and storage.”
For security, the focus is on zero-trust architecture. Kurowski also pointed to the Common Modular Open Suite of Standards (CMOSS) as an example of defense-industry standards integrated into program requirements.
Carlon also sees the value of MOSA concepts for data interoperability. He points to Accenture’s own data mesh solution designed to acquire data from unlimited sources and deliver it to numerous data consumers. “By implementing this twoway MOSA strategy, complex data environments become easier to manage,” he says.
Tim Stewart, director of business development at Aitech Systems (Chatsworth, California), says MOSA is key because it “promotes interoperability, flexibility, and reusability.”
When it comes to interoperability and security challenges, Stewart says that MOSA’s biggest industry benefits are standardized interfaces, interchangeable components, plug-and-play integration, scalability, and upgradability.
The democratization of data – or the act of making the data easily accessible to those who need it – is another internal push driving the utilization of big data in defense. However, more easily accessed data comes with its own set of challenges, primarily revolving around security concerns and system innovation.
“We need to liberate data from traditional silos,” Kurowski says. “It does require us to do so smartly – with the proper security controls – but we have the technology to do that. In my opinion, this isn’t a technology problem. It’s a policy, legacy-control, and sometimes even a title authority
issue. And, of course, there needs to be a robust insider threat program.”
Carlon acknowledges the tension between the need to provide data widely and the need to control access to it –and this is where innovation can help.
“As AI/ML models get better and faster with more data, that allows us to process and receive more and more data, improving our understanding of the information environment,” he says.
Ultimately, the industry will need to find a balance, Stewart says: “Access controls, data governance, and privacy must be implemented so that data is available only to authorized personnel and otherwise protected,” he says. (Figure 3.)
While many issues remain, those involved in the defense industry understand the opportunity that big data provides to the future warfighter and are working to figure out how best to leverage it.
“The intersection of big data and AI in the kill-chain model ultimately becomes the foundation for improved and betterinformed decision-making,” Kurowski says, noting that CACI’s Information Advantage is focused on analytics, data optimization, AI functionality, and platforms to offer an advanced intelligence picture for operational decisions.
Carlon says AI/ML has a great deal of potential to make data more useful: “Pushing
AI/ML as close to the edge (that is, where the data is first acquired) will be the key to rapidly exploiting data and speeding the kill chain in the future,” he says. He adds that this strategy is particularly necessary in denied, degraded, and limited (DDL) environments where adversaries may restrict communication capabilities.
Big data can, in turn, make these AI models better, which opens up all sorts of possibilities for defense contractors, Stewart says. His company, Aitech, offers a low-power AI supercomputer designed for performance at the edge.
“Big data provides the data to train AI models. AI enables the extraction of insights at a rate that would otherwise be impractical,” he says. “This relationship expedites the processing of information, accelerates decision-making, and speeds up the kill chain by identifying patterns and threats in real time.” MES
In the theater of modern warfare, data reigns supreme. The ability to swiftly acquire, process, and act on information transforms the battlefield into a dynamic digital landscape where data is the new strategic resource. Recognizing this, defense organizations are making substantial investments in data dominance platforms. These platforms harness the potential of unstructured data generated at the tactical edge, extracting valuable insights from text, imagery, and video. The pursuit of data dominance is not just a strategic goal; it’s an evolution of warfare, and the cornerstone of their future victories.
In the modern battlefield, acquiring, processing, and acting on data faster than the adversary is a critical advantage. Achieving data dominance requires the right platform and infrastructure to enable real-time situational awareness. Today’s battlefield is no longer a place of physical combat alone; it is an everevolving digital landscape in which data is the new currency. By leveraging data promptly and effectively, the U.S. military can gain the upper hand in any conflict. This reality is why data dominance (also known as data superiority) has become the new target for U.S. military strategists. Achieving data dominance isn’t easy, as it
requires the right platform, infrastructure, and processes to enable real-time situational awareness and decision-making.
Using unstructured data generated at the tactical edge is rapidly becoming the most promising trend toward improving situational awareness, as it can provide a wealth of valuable insights and information. Recent advances in artificial intelligence (AI) and deep learning are making unstructured data assets more useful than ever, as these tools extract actionable and searchable information from assets such as text, image, radar/lidar, and video, that would otherwise be difficult
to interpret. By leveraging this new abundance of available unstructured data generated by humans and machines, the military and its mission partners can better understand their environment and better inform their decision-making – in areas ranging from predictive maintenance and logistics, to intelligence-gathering and identifying threats.
Such advances are why defense organizations around the world, with the U.S. Department of Defense (DoD) taking the early lead, are investing in data dominance platforms that can provide the necessary capabilities to efficiently ingest
massive quantities of unstructured data from remote sensors and devices into a global unstructured data lake, process it in real time, and enable quick action.
The overarching objective of a military data dominance platform is to provide an all-encompassing, integrated solution for managing unstructured data and transmuting it into actionable intelligence. Considering the classified nature of the data and the high-stakes environment, the platform must also incorporate stringent cybersecurity measures, ensuring data protection against unauthorized access and maintaining data integrity. Management of data by a data dominance platform follows four distinct stages:
› Collection: This stage involves acquiring data from various sources including sensor data from uncrewed aerial vehicles (UAVs) and other defense assets; human intelligence/signals intelligence/ open-source intelligence (HUMINT/ SIGINT/OSINT) reports; and data extracted from cyberspace domains. The diversity in data formats and protocols necessitates a comprehensive multisource intelligence capability to manage different data types and ingestion methodologies.
› Storage: Given the large volume of data, a military data dominance platform would need a distributed storage system designed to scale with the data influx. The storage system should be robust, reliable, and incorporate strict zerotrust architecture to ensure data preservation and accessibility only to authorized personnel. Data life cycle management could also be employed for optimal storagecapacity management.
› Processing: This stage involves processing unstructured data using techniques like natural language processing (NLP) for textual data, imagery analysis for visual data, and machine-learning (ML) algorithms for pattern recognition and trend analysis. The platform should have the capability to manage diverse data formats and processing requirements.
Analysis: After the data-collection, storage, and processing stages, the data needs to be analyzed to convert it into actionable intelligence. This could involve data analytics techniques like predictive analytics for forecasting future scenarios, geospatial intelligence (GEOINT) for geographical data analysis, and network analytics for analyzing interentity relationships.
Key capabilities for a data dominance platform
When considering a data dominance platform, organizations should look for the following technical capabilities:
› Global file system: A unified global namespace to store and manage all the organization’s data in a single repository, regardless of its location. It should scale to tens of billions of managed objects and transparently span multiple regions and data centers.
› Multiprotocol access: Provide access points for SMB (Windows File Sharing), NFS, and S3 (Object Storage) protocols, enabling concurrent access to overlapping data by any of these protocols.
› Edge-to-cloud data ingestion: Utilize an effective and secure protocol for data transmission, optimized to contend with the challenges of denied, disrupted, intermittent, and limited (D/DIL) communication environments common in contemporary tactical operations. The data-ingestion protocol must overcome the hurdles of high-latency satellite links to maintain the timeliness of data ingestion.
› Concurrent multicloud and on-premises deployment: Utilize a multicloud strategy to diversify workloads across multiple cloud providers or data centers for resilience. Implement policy-based data routing to enable concurrent utilization of multiple cloud providers, while allowing sensitive datasets to remain entirely within DoD on-premises facilities.
› Continuity of operations (CooP): Enable military-grade continuity of operations (CooP) on the data dominance platform, enabling remote users to continue mission-essential functions across a broad spectrum of no-notice emergencies. Implement robust disaster recovery at alternate facilities with zero data loss.
› Real-time publish/subscribe: Include data pipeline technologies such as Apache Kafka and/or Apache NiFi to coordinate reliable, real-time flows of unstructured data from the producers at the tactical edge to various data consumers, including AI training/inference, data analytics, indexing, and more.
› DoDIN APL certified: Utilize products meeting the comprehensive standards of the Defense Information Systems Agency (DISA) Approved Products List (APL). Implement deep audit logs, FIPS 140-2 validated encryption, and CAC [Common Access Card] authentication.
On the modern battlefield, whichever side can better leverage data will gain military advantage. In order to maintain an effective and reliable level of situational awareness, the U.S. military must leverage data dominance – the ability to access, analyze, and act on data resources available to it. Unfortunately, most of the data generated at the tactical edge today is wasted due to lack of appropriate technologies and infrastructure, leading to a loss of valuable insights.
Data dominance platforms – using the critical capabilities described earlier – are key to giving the U.S. military and its fighting forces the decisive edge to ensure victory in the 21st century. MES
Aron Brand is the chief technology officer and member of the founding team of CTERA Networks, a provider of edge-to-cloud storage solutions for federal and defense. Readers may reach him at aron@ctera.com.
A viral social media story earlier in 2023 reportedly claimed that during a U.S. military artificial intelligence (AI) drone simulation, the AI targeted and killed the human drone operator. It had apparently determined the human had been interfering with its mission: in this case, to take out surface-to-air missile (SAM) threats. Although the military has since denied such a sim even occurred – with an Air Force official calling it a “thought experiment” rather than an actual test – according to Rommel Martínez, CTO of the ASTN Group (Austin, Texas), it doesn’t take a great leap of logic to imagine that this scenario could actually occur.
Martínez and his ASTN team have, however, been working on an AI that they’ve dubbed augmentive arti fi cial intelligence (AAI) to prevent such a scenario from happening. Their software system, Valmiz, keeps the human front and center. For the military, it provides what Martínez calls “an exoskeleton for the mind” to enhance informational reach to better inform the decision-making of soldiers, sailors, airmen, marines, and guardians.
Current AI systems are prone to hallucinating. This means that AI sometimes provides confident responses not justified by its training, such as doing something that’s only favorable to the machine itself and the machine’s own survival, both of which may be detrimental to humans.
This occurs, according to Martínez, because most of the available AI relies on a generative model, a statistical and probabilistic approach. “If you rely on the statistical approach,” Martínez notes, “most of the time it works. But when you’re dealing with a weapon system, ‘most of the time’ is not enough. It has to be all the time. You cannot afford to fire a missile at your own base.”
These contemporary AI systems display intelligence which is not true intelligence, according to Martínez. These AIs are essentially word predictors and do not possess their own thinking capabilities. They do not reason from within, but rather are fed with external information that is spliced together with math. Achieving a higher level of functionality, closer to artificial general intelligence (AGI), requires a basic level of consciousness. That’s what Martínez has been working on for the past 20 years.
He created Valmiz to provide an alternative approach to contemporary AI.
Martínez says “AAI” is a new term his team coined to distinguish their AI from other forms. “With AAI, we focus on making people do their work faster, think better, and have an overall higher throughput by giving them capabilities – much like an exoskeleton for the brain,” he explains. “We put the human at the center of the process – to preserve human morals, ethics, and values – the laws of Valmiz, while enhancing their capabilities with AI.”
The Valmiz AAI is a multi-agent algorithm design that ingests actual client raw data and converts it into a super knowledge base. Valmiz is not based on neural networks, machine learning, statistics, or other external worlds, unless the user wants it to pull such data into it. The information processed inside Valmiz comes from within a client’s own organization. In that way, the information comes prevalidated and surpasses level-zero validation. It’s essentially a hypercustomized AI.
Valmiz combines several individual agents, which make up the components of the larger system. The components – named Veda, Vera, Vela, Vega, and Xavier – all work together as follows:
› Veda: Core Al system that fuses knowledge graphs and knowledge bases that binds everything together
› Vera: Tracks key-value-metadata changes across data sets
› Vela: Gathers data from different data sources; it can search your network or the internet for information for compilation
› Vega: Data-storage system; ensures that whenever Valmiz turns off (such as in the event of a power interruption) users will be able to turn things back on seamlessly
› Xavier: Human-machine interface for receiving commands; it receives commands and communicates back to users much like the digital assistants in use now, only in a smarter way that it pulls together from the other four agents. (Figure 1.)
Each of these agents acts as its own expert. In long inject systems, users have to add external information, and build upon it like Lego blocks, to enhance capabilities.
One value of Valmiz is that a user can employ a specific agent to perform a task as needed, without needing to use the entire value system to operate it. For example, if an organization desires to see weather information only, this can be provided as one block as part of several different modules that can operate with each other and an organization’s existing systems. Each of those blocks can also be removed and used and operated separately. Because Valmiz can be integrated with other systems, it provides an ideal plug-in for any element designed using a modular open systems approach (MOSA).
It also has a compounding capability. It can use several keywords to search an internal database or, if desired, the internet. With regard to external sources, Vera verifies and validates those information sources to ensure they actually exist.
All of these agents have thick walls between them to ensure no overlap of functionality. When the information gets passed on to an agent, it operates within its own universe, a structure that keeps Valmiz free from conflict or contamination from a fellow agent, as well as free from outside tampering. This holistic system dynamically updates, continues running, and searches out information based on keywords that the human gives it, to provide accurate and precise actionable information.
This multi-agent approach is novel, as is the way ASTN Group designed the customer interface with the AI and the volumes of their data. Unlike most contemporary AI platforms that require humans to communicate with them using long string queries to form phrases or sentences that would make sense to the machine, Valmiz uses simplified keywords, with only a few things needing to be specified.
Valmiz incorporates dual-use technology (DUT) to support all areas of a domain, for example: military and commercial industries, wholesale and retail, or research and application.
Another notable feature of Valmiz: Once it’s up and running, the user does not need to power it down and back on again for it to get updates.
“Valmiz acts like a live system,” Martínez says. “You don’t have to put it to sleep for it to learn. It learns continually.”
Finally, Valmiz has two types of user interfaces that directly connect to a user’s system: a desktop app that can be deployed on a machine or mobile device or one accessed via web API, inserted as part of an organization’s pipeline, both approaches that enable input into processes to produce specific outputs.
Endless use cases
ASTN Group completed an initial study that identified more than 50 different industries that could benefit from its technology, ranging from healthcare to election security, with the aerospace industry ranking high on the list.
On the commercial side, for example, businesses employ uncrewed aerial systems (UASs) for linear pipeline inspections. These aircraft collect tens of thousands of images which then require back-end analytics to provide valuable insights into the health of an enterprise. AI has proven useful for these purposes, with humans providing validation.
With Valmiz, this would be amplified. Valmiz could compare an entire pipe network for a company to identify systemic issues with a particular part, for example. Instead of just looking at one pipe at a time, Valmiz could connect the dots. If there was, for example, a broken widget on one part of the pipeline, it could holistically scan through all inspections for the last five years to identify if there were similar widget issues across the entire global enterprise.
Martínez says there are two layers of activity that must occur for this to work: The first layer consists of the activity that combines all the sources of information together from the raw data. It would take more than a month of work for people to find these
By Analog Devices, Inc.
Millimeter wave (mmWave) imaging has become an important part of security scanning systems in airports, public buildings, and stadia. These scanners are superior to traditional metal detectors because they can identify and locate both metallic and nonmetallic threats. In this white paper, learn how mmWave imaging hardware works and discover a chipset that uses edge processing to manage massive data loads to enable the development of walkthrough security scanning systems.
and publish
that educates our readers.
things manually. Valmiz could automate this information gathering in hours or days, depending on the complexity of the task. Then it would be able to pinpoint, make cross-references, and create a comprehensive sophisticated network of all those data sets where every node is connected to each other.
The second layer concerns time. Generally, when businesses look at something, they only look at how it is presented at a given time without regard to its previous value. Valmiz captures all the previous incarnations of the thing being evaluated (e.g., the widget). Vera does the comparison, using data in Vela.
Xavier enables the user to communicate to the system via keywords and bring them together and provide the required result. “If you’re looking for information for a specific thing, you can get the results not only from an exact point in time, but also by branching out to parts that you didn’t know were there if you
had to do it manually,” notes Martínez. “Manual searches are linear. With Valmiz, it’s like a tree with branches through time.”
In a defense setting, where militaries cannot afford to have a system that makes wrong guesses, the value proposition of using gated data for a wide range of processes remains critical to operations. Service members need to be able to work with a systemthat aids them and does not try to one-up them by pretending that it’s in a better position to make life-and-death decisions.
In an AI-enabled drone, for example, with Valmiz, the data used for decision-making would have been collected and processed at the edge, inserting volumes of data as a standalone system to improve processes. It can also be deployed like an additional module to make things faster. “
“You can deploy Valmiz at the headquarters or on the drone itself,” Martínez explains. “That’s how extensive it is. More importantly, it frees militaries from the liability that the AI will imagine targets that are not there.”
Instead, Valmiz is like having a thousand highly qualified experts to work on a task to provide input to the human operator at the center of the operation. These abilities enhance decision-making with powerful, precise, and accurate information.
ASTN Group plans to showcase the capabilities of Valmiz to the defense community and consumers during the last quarter of 2023. MES
ASTN Group • https://valmiz.com
Cyberdefense: Dealing with evolving threats
The Cybersecurity Maturity Model Certification (CMMC), a unified standard for security introduced by the U.S. Department of Defense (DoD), is bringing about a cultural shift within engineering and test organizations.
Until recently, engineering and test organizations doing business with the U.S. Department of Defense (DoD) and other critical agencies attempted to bypass information technology (IT) cybersecurity requirements for their operational technology (OT) through:
› Exceptions (“You don’t need to check this; I’ve already secured this device.”)
› Skirting requirements (“You don’t need to check this; this component is not a desktop, laptop, or phone.”)
› Relying on airgaps (“You don’t need to check this; you can’t access this device remotely.”)
To be sure, significant, highly damaging cybersecurity breaches have been occurring with frequency for quite some time with systems that were already secured, were not computers, and had no physical or wireless connections to a network.
These breaches led to the DoD introducing the Cybersecurity Maturity Model Certification (CMMC) several years ago. With CMMC, IT departments are now stepping up to audit and manage all OT, transitioning the culture from “exceptionbased” to “zero-trust.” Defense industrial base (DIB) contractors (those companies and laboratories that enable research and development of military weapons systems, subsystems, and components or parts) must follow the new certification model to ensure that DoD contractors properly protect sensitive information. The new set of certifications must be conducted by third-party assessors.
While this change may appear daunting and potentially expensive, a holistic approach to security that involves collaboration among engineers, testing teams, IT professionals, and testing providers is essential to control costs and maintain efficiency.
The F-35 fighter jet, at 80 million dollars a pop, is one of the top weapons in the U.S. arsenal … and a typical example of a complex system designed for military use. (Figure 1.)
With a sizable number of “computing” elements, each system and component within the aircraft is interconnected, giving rise to complex vulnerabilities.
The plane is only as secure in the sky as in the hangar; every system that makes up the plane needs to work together, so every single one is a possible individual point of failure.
The U.S. military has deep experience ensuring that every part works, is not counterfeit, and that all the individual components work together how and when they need to. It could be better at identifying cyberwarfare threats.
Such threats tend to be a lot more serious. A broken tailhook can create a dangerous situation for a pilot, but that tailhook is just an object – it is not malicious. In contrast, a sophisticated radar system on a jet is not conscious or capable of emotion, but once hacked, it may use multiple means to kill the pilot.
From a cybersecurity perspective, the plane is not a plane – it is a stack of individual components, each at risk for a severe breach at any time. Every component is at risk; by extension, every contractor’s product and production processes are also at risk.
Put it this way: Every F-35 is only as secure as its least-secure contractor.
Of course, as frightening as a hacked fighter jet would be, it does not compare in scope or destructiveness with other real-world hacking that has recently taken place.
The Stuxnet incident, which occurred from 2005 to 2010, is a notable example of a sophisticated cyberattack that targeted Iran’s nuclear program. Stuxnet, an extraordinarily complex and malicious computer worm, was designed to sabotage the uranium-enrichment process in Iranian nuclear facilities.
The attack targeted programmable logic controllers (PLCs) used in centrifuge cascades, causing them to malfunction and
spin at speeds that destroyed both the centrifuges and their output. It might have been a happy ending for one particular democracy in the region. Still, Stuxnet’s successful infiltration and manipulation of the Iranian nuclear infrastructure significantly derailed Iran’s nuclear program. Just as significant, it showed the destructive potential of malware in an OT setting where nuclear materials are processed.
Here on home soil, the Colonial Pipeline hacking incident occurred in May 2021, when a cybercriminal group known as DarkSide launched a ransomware attack on the Colonial Pipeline, one of the largest U.S. fuel pipeline systems. The attack disrupted
the pipeline’s operations, leading to a temporary shutdown and causing significant fuel shortages along the East Coast.
The hackers gained unauthorized access to Colonial Pipeline’s systems, encrypting critical data and demanding a ransom payment. The incident highlighted the vulnerability of critical infrastructure to cyberthreats and demonstrated the potential impact on essential services and the economy. It also underscored the urgent need for robust cybersecurity measures and proactive defense against cyberattacks on critical infrastructure systems.
It is important to note that, in both cases, the affected systems were “air gapped,” with hacks achieved using ingenious human engineering – getting operators to upload malware onto the targeted systems inadvertently. Air gapping is the practice of keeping a computing device physically disconnected and unable to connect to wireless – creating a “gap” of “air” between the device and any source of malware.
Air gapping was once considered the defense of last resort for test engineers looking to keep their computing devices free of malware (and their testing teams free of IT input). As these two incidents illustrate, this approach was simple, elegant, and wrong … and far from enough to prevent bad actors from causing catastrophic damage.
The threat posed by cyberattacks had been clear to many at the time of the Stuxnet attacks, which began more than 15 years ago. Colonial Pipeline provided the impetus for the U.S. government to finally act, and the DoD introduced a unified cybersecurity policy in the form of the CMMC in January 2020.
CMMC sets a framework and certification process to enhance cybersecurity standards across industries. The certification is based on a new culture of “zero trust” – where every component, and their relationship with other components, are validated at every step of assembly and use.
Companies must prepare for the associated costs and complexities and consider who will bear the financial burden of certification to obtain an authorization to operate (ATO) from the DoD. To be sure, whatever costs those efforts entail, an ATO is necessary for any contractor looking to sell to government agencies. Companies must assess whether it is cheaper to meet the new standards or get out of the business of selling to government agencies altogether.
Contractors that choose to rise to the new standards will need to embrace an environment where engineers and test teams no longer have any shortcuts to securing their computing devices. That means they must collaborate with new organizational stakeholders to meet CMMC standards efficiently.
This new integration of IT into testing will entail a significant culture shift. Many customers are getting their first taste of this shift and note that IT managers are intruding on the testing process in ways they never had before.
Most testing teams at defense and aerospace firms have already adopted best practices for ensuring quality and authenticity at every step in the supply chain. Like the U.S. government, however, they could have been better at ensuring cybersecurity throughout the process.
These realities mean that teams must be involved in the testing stages to ensure that contractors build cybersecurity into chips, components, and systems right from the beginning. The emphasis on cybersecurity needs to go up the supply chain; contractors must ensure that their testing hardware and software are entirely CMMC-compliant.
To be sure, fully compliant testing solutions do not guarantee fully secure devices. There are inherent vulnerabilities built into specific devices, such as a data port that could be used for hacking by bad actors. Understanding and responding to those vulnerabilities is another reason IT needs to be more involved in testing.
Embracing collaboration for a secure supply chain
Industry experts estimate the cost of CMMC compliance at between $50,000 and $75,000 per product – with some estimates nearly $100,000 – with no economies of scale or scope. The companies that seemed to achieve compliance quickly and cost-effectively have embraced greater collaboration between their IT departments and testing.
IT’s experience in the cybersecurity space enables testing to identify multiple areas of potential insecurity early in the process. Testing teams could discover those independently, but addressing vulnerabilities piecemeal is not sustainable, given the costs.
In this new zero-trust world, engineers, testing teams, IT professionals, and testing providers must all be connected to ensure cybersecurity.
It’s about time. MES
Steve Summers is Director, Offering Management, at NI, focusing on mechanical systems and structural test for aerospace and defense customers. He earned a degree in physics from Brigham Young University and has worked in roles as an application engineer, sales engineer, account owner, and product manager. He has worked in the test and measurement industry for more than 25 years and is passionate about providing a path to success for engineers driving the technologies of tomorrow.
NI (formerly National Instruments) • https://www.ni.com/
Cyberdefense: Dealing with evolving threats
The U.S. Department of Defense (DoD)is investing in multiple initiatives including the Joint Warfighting Concept (JWC) and Combined Joint All-Domain Command and Control (CJADC2) to enable coordinated military operations against current and future threats. Because these efforts involve the integration of devices and data streams at the tactical edge, they call for a zero-trust approach to cybersecurity. But achieving zero trust at the edge presents multiple challenges. One path to overcoming these barriers is an automation strategy that enables more rapid and reliable configuration of components and helps achieve data-sharing across echelons with greater security.
Marines with Marine Corps Forces Cyberspace Command are shown in the cyber operations center at the National Security Agency’s campus in Fort Meade, Maryland, home to Marine Corps Forces Cyberspace Command headquarters. Photo by Staff Sgt. Jacob Osborne.
In April 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released version 2.0 of its Zero Trust Maturity Model. The original version, released in 2021, delineated three stages in the maturity journey: “traditional,” “advanced,” and “optimal.” The new version slots in an “initial” stage before “advanced,” recognizing that organizations are struggling to make the shift away from traditional perimeter defenses.
In fact, making that transition is essential: Edge computing is foundational to initiatives including the Joint Warfighting Concept (JWC) and Combined Joint All-Domain Command and Control
More fundamentally, military teams need to be able to seamlessly configure networks and integrate components to meet the unique field capabilities of each mission. Additionally, they need to achieve those goals in a timely manner so that they don’t hinder mission-critical decision-making.
(CJADC2). By definition, the edge extends beyond the conventional network perimeter. The perimeter has become atomized as centralized data centers are augmented by thousands of edge sensors and devices generating and transmitting data. Traditional cyber protections like firewalls are no longer adequate.
What’s needed is a zero-trust approach in which every user, device, or other entity that wants access to networks, systems, or data needs to authenticate itself every time it wants access. But zero trust isn’t a single cyber solution; rather, it’s an end-toend framework – as described in the U.S. Department of Defense (DoD) Zero Trust Strategy – that extends across users, devices, applications, networks, and more.
As challenging as zero trust is to achieve in any DoD environment, it becomes even more arduous to scale in multidomain tactical-edge environments. The mission space is increasingly shared by multiple U.S. service branches – including the Army, Air Force, and Navy – and it’s difficult enough for those mission teams to integrate networks and federate resources. More often than not, missions will include coalition partners such as the militaries of U.S. allies, NATO forces, and other organizations.
Numerous impediments exist to the goal of those organizations sharing information, especially at the edge in near-real time. One hurdle is federated identity, or the linking of a user’s identity across multiple identity-management systems. Each service branch and coalition partner is likely to have its own preferred way of enabling federated identity, and integrating those disparate approaches presents technical challenges.
A related issue is data sovereignty: Data is typically subject to the laws and governance structures of the nation where the data is generated or captured. The European Union (EU), for instance, has strict regulations on how data collected in EU jurisdictions must be managed. That decree has major implications for the cybersecurity controls put in place to protect that data.
More fundamentally, military teams need to be able to seamlessly configure networks and integrate components to meet the unique field capabilities of each mission. Additionally, they need to achieve those goals in a timely manner so that they don’t hinder mission-critical decision-making.
Automation can enable an answer to these emergent problems. At a basic level, automation uses technology to replicate human tasks to accelerate processes and reduce error. In a cybersecurity context, a security engineer working without automation might follow steps in a 100-page manual to harden a device before it can be fielded. In an edge environment that involves thousands of devices, that’s a slow, cumbersome process, with thousands of opportunities for error and vulnerabilities.
That’s just for a single type of device. Now imagine that scenario in a CJADC2 mission environment, with a proliferation of devices and networks continually being added to the network, or multiple networks continually being reconfigured on the fly.
The network effect – mathematically expressed as n(n-1)/2 – dictates that two nodes result in one connection, four nodes make six connections, 40 nodes make 780 connections, and so on. Each device, each application, and so on, requires configuration, and there’s no guarantee that devices are running the same hardware or the same versions of software. The time and complexity involved in integrating and building security controls into those devices can escalate rapidly.
Automation can enable a security engineer to configure and repeatedly update those resources in a more secure manner, near simultaneously, in a repeatable, predictable way. That’s essential for multidomain operations with unique data assets and field requirements that change from one mission to the next.
Reliance on all-in automation implementations does, however, introduce the possibility that a malicious insider or an external attacker could gain control over a large number of resources. Insider threats are a common cybersecurity concern, as are external attackers who steal credentials and then move laterally through a network or escalate privileges to compromise systems and steal data.
A solution to this type of problem is a commercial automation platform. An effective automation platform gives users a central location for storing credentials for devices that need to be managed, along with playbooks to execute tasks that need to be performed on those devices.
Users can look for a platform with a credential-management mechanism to give engineers access only to the domain they need on the devices they manage. CISA recognizes five domains: identity, devices, networks, applications and workloads, and data. For
example, an engineer might have permissions to manage the networking capabilities of a device but no access to the data, identities, or applications on the device.
Using this approach, missions can automate the configuration, management, and security posture of large numbers of multi-domain edge devices while mitigating the risk of introducing new security vulnerabilities.
Of course, the goal of edge sensors and devices isn’t only security. It’s also to enable the generation and sharing of data in near real time to drive intelligent decisions and faster actions that contribute to mission success. An automation platform can also help here.
Connectivity in the battlespace involves overcoming denied, degraded, intermittent, or limited (DDIL) bandwidth. Connections typically are too
Sponsored by Siemens
To reach net-zero emissions by 2050, the aviation sector must rapidly accomplish its complete technology transformation. Achieving this complex technology development and maturation in such a limited period is a unique challenge in industrial history.
In this webcast, industry experts discuss how Simcenter simulation and testing solutions – part of the Siemens Xcelerator portfolio – can help designers address the engineering challenges related to electrified propulsion, alternative fuels, new aerodynamic configurations and structural architectures. (This is an archived event.)
Watch this webcast: https://tinyurl.com/yck4n66r
low-bandwidth and intermittent to transmit gigabytes of sensor data from the battlespace to a centralized data center for analysis, and then ship the analytics output back to the field to be acted on. Instead, analysis and decisionmaking need to occur as close to the source of the data as possible.
The good news is that newer processors with lower size, weight, and power (SWaP) requirements are increasingly available at the edge, along with container technology that combines applications along with their associated configuration, dependencies, and data in a single package, or container. Groups of containers at the edge can be managed in a lightweight version of the open-source Kubernetes container orchestration system to dynamically bring up and take down applications as missions evolve.
This combination of technologies can enable real-time analytics at the edge. An automation platform enables the fast, reliable configuration of the networks, devices, applications, and cyber protections to make edge analytics possible. As an added advantage, the administrator only has to know how to use the platform and needn’t be an expert in all the complex, disparate technologies deployed at the edge.
An automation platform can help the DoD achieve its goals for zero trust at the multidomain, tactical edge; in fact, automation is fundamental to zero trust. In its zero-trust maturity guidance, the National Security Agency (NSA) lists seven zerotrust pillars, one of which is automation. The guidance also suggests that automation is required across pillars for true zerotrust maturity. CISA’s Zero Trust Maturity Model implies the same, mentioning automation more than 85 times.
Multidomain edge environments are essential to JWC and CJADC2; robust security of those environments is vital to the trusted generation, exchange, and analysis of edge data to enable the realtime decisions and actions that drive missions.
Zero trust is how the DoD will protect edge assets reliably – wherever they exist and however they need to be integrated with joint mission teams – and central to that protection is an automation platform that enables military organizations to achieve zero-trust maturity. MES
Christopher Yates is DoD Army chief architect for Red Hat, for which he collaborates with systems integrators, independent software vendors, and partners to develop solutions. He has more than 15 years of experience in the high-tech industry.
Dawn VITA 62 6U AC/DC Power Supply
RUGGED, RELIABLE AND READY, the Dawn VITA 62 compliant 6U AC/DC PSC-6265 operates continuously at 580 watts in diverse environments. Standard model is conduction to wedge lock cooled. Operating range -40°C to +85°C, nonoperating range -55°C to +105°C.
Dawn’s HLD-6262 Holdup Module works in conjunction with our PSC6265 to overcome ‘gaps’ or ‘glitches’ in the normal input power source up to 50 msec, as specified by MIL-STD 704F.
Red Hat Inc. • https://www.redhat.com/en/solutions/public-sector
Cyberdefense: Dealing with evolving threats
Military-grade systems require a high level of security to protect sensitive information and operations from unauthorized access, modification, or disruption. One of the critical components for securing such systems is secure boot, which ensures that only trusted firmware and software can be loaded during system startup and accepted when receiving new updates.
Secure boot is a security feature that verifies the authenticity and integrity of firmware and software before loading them into the system memory during the boot process. The mechanism ensures that only trusted firmware and software are executed and mitigates attacks that aim to modify or replace firmware or software with malicious code. Secure boot uses digital signatures and cryptographic hashes to verify the authenticity and integrity of firmware and software.
The primary purpose of a secure boot mechanism is to guard against several types of attacks, including rootkits, bootkits, and other malware that target firmware and software. These attacks can compromise the system’s security, potentially causing data breaches, denial of service, and other damaging consequences. Secure boot ensures that the system starts in a secure state, making it difficult for attackers to compromise the system’s integrity or confidentiality.
The IETF SUIT [Internet Engineering Task Force Software Updates for Internet of Things] specification for secure boot has been standardized in RFC9019, and it provides a comprehensive approach to designing secure bootloaders and firmware updates. The specification defines a format for firmware images that includes metadata, digital signatures, and cryptographic hashes; this metadata
includes information about the firmware, device, and manufacturer, as well as the hash (verification) and the cryptographic signature of the software, enabling the system to verify the authenticity and integrity of the firmware.
One of the key recommendations from RFC9019 is the use of a secure bootloader that verifies the authenticity and integrity of the firmware image before loading it into memory. The secure bootloader checks the digital signature and cryptographic hash of the firmware image, ensuring that it has not been tampered with or modified.
RFC9019 also recommends the use of a trust anchor or a root of trust (RoT) to store the cryptographic material used for secure boot. A trust anchor may consist of any software or hardware-based mechanism that ensures that the public key used for the verification of the firmware authenticity cannot be modified by an attacker.
A RoT is a specific type of trust anchor that provides a secure environment for generating, storing, and managing cryptographic keys. The RoT ensures that these keys are not compromised or tampered with, and it is typically implemented in hardware to provide a high level of security. The RoT is the foundation of the system’s security, and it is used to establish trust in the system’s firmware, software, and other components.
In the context of secure boot, a RoT can be implemented using several different technologies, such as hardware security modules (HSM) or trusted platform modules (TPM). Executing the cryptographic operations with the assistance of a dedicated hardware component is the most secure option, because it guarantees that the keys are never exposed to the software components, thereby reducing the attack surface for the secure boot module.
Compatibility with the embedded system is an important consideration when selecting a trust anchor or RoT. The RoT must be compatible with the hardware and firmware of the system, ensuring that it can be integrated seamlessly into the boot process. The RoT should also
support the required cryptographic algorithms and protocols, ensuring that it can provide a high level of security for the system. Hardware-based solutions can be more expensive than the software-based counterparts. While for less critical systems a software-based solution may be sufficient and more cost-effective, the cost of implementing a hardwarebased solution is justified for military-grade systems that require a higher level of security.
Retrofitting older systems with secure boot can be difficult and expensive, as it may require both hardware and software upgrades. The cost and feasibility depend on several factors.
One of the main challenges of retrofitting older systems with secure boot is that many legacy systems were not designed with security in mind. This means that the system architecture may not support the necessary security features required for secure boot, such as a FIPS-compliant (a longstanding data-security standard) cryptographic module, or hardware-based RoT or HSM. In some cases it may be necessary to redesign the system boot process to include secure boot stages, which can be a time-consuming and expensive process.
Another obstacle found in retrofitting older systems with secure boot is the availability of existing bootloaders. Many legacy systems use custom bootloaders that do not support secure boot; in these cases, it may be necessary to modify the bootloader(s) to support secure boot. The bootloader must be able to communicate with the trust anchor or RoT and perform the necessary integrity and authenticity verifications during the boot process.
Integrating cryptographic modules to provide the required integrity and authenticity verifications at startup is also an option to consider when retrofitting older systems. The system must be able to store and manage cryptographic keys securely,
ensuring that they are not compromised or tampered with. In addition, the cryptographic modules must be able to perform the necessary cryptographic operations efficiently to minimize the impact on system performance, which – in the case of secure boot – is likely to affect startup times.
Despite these challenges, retrofitting older systems with secure boot is often necessary to ensure the security of critical systems. In many cases, the cost and feasibility of retrofitting a system with secure boot can be reduced by using existing software-based solutions, such as secure boot software that can be installed on existing hardware or integrated in existing legacy bootloaders. However, for militarygrade systems or systems that require a higher level of security, a hardware-based solution is often necessary, which can increase the cost and complexity of the retrofitting process. (Figure 1.)
Among its recommendations, RFC9019 stresses the use of FIPS-compliant cryptography for the algorithm used by secure boot. This is particularly important for military-grade systems. FIPS – the acronym used for Federal Information Processing Standard – is a set of standards developed by the National Institute of Standards and Technology (NIST) expressly to ensure the security of sensitive government information. FIPS-compliant cryptography is designed to be strong and secure, and it has been rigorously tested and validated to ensure that it meets the highest security standards.
While FIPS 140-2 is currently the most widely recognized standard for cryptography, NIST has recently developed a new standard, FIPS 140-3, which updates and will eventually replace FIPS 140-2, introducing new requirements for the validation of cryptographic algorithms and modules. FIPS 140-2 and FIPS 140-3 provide frameworks for the validation of cryptographic modules, which are sets of hardware, software, and/or firmware that implements cryptographic functions, such as encryption and decryption.
The widely adopted FIPS 140-2 standard defines the requirements for the design and testing of cryptographic modules, specifying four levels of security based on the level of protection required for the information being secured. It’s a rigorous process that involves extensive testing of the cryptographic module to ensure that it meets the security requirements specified in the standard. The process includes testing of the cryptographic algorithms used by the module, as well as testing of the physical and logical security mechanisms used to protect the module from tampering or attack.
For military-grade systems, the use of FIPS-compliant cryptography is essential to ensure the security of sensitive information and critical software components. Military systems are typically targeted by sophisticated attackers, and the use of strong cryptography is necessary to protect against attacks that could compromise the integrity, confidentiality, or availability of the system.
In a broader scope, the use of FIPS-grade cryptography can also help to ensure interoperability and compatibility with other systems and components that use standard algorithms to ensure the security of sensitive information and critical systems. The importance of FIPS-certified implementations extends as well in the secure boot domain, due to its critical role in the general security of the entire system that can be mitigated by the adoption of the best-in-class cryptographic countermeasures, recommended by the standards. MES
Daniele Lacamera is a free and open source software technologist, currently based in Italy. His main areas of expertise are embedded systems and TCP/IP communication. He has 20-plus academic publications in the field of transport-layer optimization and is the author of the book “Embedded Systems Architecture.”
Daniele joined wolfSSL as embedded software engineer in 2018, contributing to the development and the integration of wolfSSL on embedded operating systems and custom transport mechanisms. He is the main contributor to wolfBoot, the universal secure bootloader for embedded systems.
WolfSSL • https://www.wolfssl.com/
In an embedded world gone SOSA sensational, one might believe that centralized ATR-style OpenVPX systems are the best way to architect your next rugged system. While these chassis are routinely and successfully deployed, they are big, heavy, costly, and difficult to cool and connect. A better, equally deployable approach uses one or more small form factor (SFF) compute element modules, distributed around a vehicle, interconnected via Intel’s® 40Gbps Thunderbolt™ 4, a commercial open standard that uses USB Type-C connectors with a single, thin bi-directional copper or fiber cable.
For a 3U ATR chassis, 600W is on the low end of systems that can push well over 2,000W in a 200 square inch footprint or less. Assuming one can find the space in the vehicle or platform, cooling it can be difficult. Vetronics or avionics chassis must be bolted to a cold plate – no easy challenge in space-constrained vehicle interiors.
Or the ATR chassis can be air-cooled with fans, exhausting heater-hot air from its vents – sometimes too close to operators. Consider instead sub-dividing all that heat into multiple distributed small form factor (SFF) modules. Breaking the system down into smaller, cooler loads not only improves crew comfort with less heat per SFF, but they’re easier to cool and install or retrofit with their lower-Wattage loads.
Assume an 8-slot OpenVPX ATR chassis has a single-board computer (SBC), a multiport Ethernet switch, a GPU for artificial intelligence, mass storage, low-speed 1553 I/O, and sensor I/O cards – this is notionally four to eight or more functional blocks. Breaking down this centralized system into a distributed multiSFF system requires a robust high-speed connection between modules. This distributed computing architecture physically divides processing nodes and must therefore have a very fast –but long-distance – interconnect scheme that provides data and bus extension.
Thunderbolt 4 is the ideal “cable plant” on top of which to build a distributed SFF computer architecture. An open-standard interface that’s a superset of the open standard USB4, myriad Thunderbolt 4 devices are available and interoperable. Thunderbolt 4 is a thin, bi-directional cable operating at 40Gbps with the USB-IF’s Type-C interface. Most civilian devices can plug into Thunderbolt 4 and at least get power and USB 2.0/3.x data transfer.
What is Thunderbolt 4?
But Thunderbolt 4 is much more than 20Gbps USB4 operating at 40Gbps. Thunderbolt 4 also provides DisplayPort alt mode,
PCI Express 3.0, networking up to 10Gbps, and Power Delivery up to 100W. A single 3mm cable provides two 4K displays, x8 PCIe, 10Gbps networking, and USB data at over 10Gbps. Thunderbolt 4 devices can also be daisy-chained up to six “hops”, and 100W of power is bi-directional, with source or sink a function of available power. Fault-tolerant distributed systems can also be created, overcoming an ATR’s single point of failure.
In a rugged, small form factor architecture, Thunderbolt 4’s Gen 3 PCI Express is a compelling feature, allowing a compact 60W CPU-based mission computer to be installed in one location, and interconnected with a distant GPU or artificial intelligence (AI) co-processor located close to an EO/IR sensor or SDR at the far end of the ship, airplane fuselage or ground vehicle.
Unlike the dense, centralized OpenVPX ATR chassis with its high heat load and single-site cooling requirements, Thunderbolt 4connected small form factor modules can be tucked into any available location on the platform and separated far apart.
Thunderbolt 4’s 40Gbps, PCIe bus extension, and power up to 100W opens new architecture possibilities while easing the cooling requirement as each distributed module now is a fraction of the power of a centralized ATR.
Two rugged small form factor modules interconnected but separated via a single 40Gbps Thunderbolt™ 4 cable. Shown is GMS X9 Spider Host Mission Computer and X9 Spider Storage. Multiple displays and peripherals are natively available via Thunderbolt technology.
By Scott Aken
There exist several challenges and complexities associated with the U.S. Department of Defense (DoD) migration to 5G communication networks. A series of approaches can be studied to address these challenges to ensure the integration of the various technical components of the 5G infrastructure as well as the secure and reliable operation of 5G networks within the DoD’s infrastructure. These solutions depend heavily on early collaboration between military and commercial stakeholders to avoid proprietary “island” solutions that defeat the opportunity of the unifying network approach. Such initiatives also require cooperation to develop new integration and security guidelines to ensure network visibility and security monitoring, demand network security driven by machine learning (ML) and artificial intelligence (AI), and require expansion of training and education for the expansive technical skills needed.
The U.S. Department of Defense (DoD) is actively embracing 5G technology to bolster the military’s communication capabilities and facilitate the integration of new and unique applications. As electronic warfare (EW) and multidomain operations become increasingly prominent, the need for unified networks with 5G at the core is underscored by the U.S. DoD Joint All Domain Command and Control (JADC2) program. The JADC2 program aims to amalgamate applications and sensors from all military branches into a cohesive network to expedite information-sharing and optimize decision-making processes. The Air Force has been designated to spearhead the technology within this program, with the ultimate goal of
rapidly comprehending the battlespace, expediting force deployment, and delivering synchronized combat effects across all domains. Despite its myriad benefits, 5G technology presents substantial security hurdles that warrant a thorough investigation. It is crucial to consider the potential risks of this new technology and develop effective strategies to mitigate them.
5G, unlike the previous mobile network standards such as 3G and 4G, defines an end-to-end delivery system and framework for not just the wireless transport but the entire application infrastructure needed. Referencing several other
standards and guidelines, 5G defines how to connect mobile end-devices safely and fast with applications delivered via a physical, virtual, or cloud infrastructure. This approach offers major benefits, especially for military applications:
› Connects more devices and end users, which is essential when quickly building up massive networks with thousands of devices communicating across a single infrastructure. 5G accounts for the diverse types of end devices beyond just smartphones, including robotic devices such as uncrewed aerial systems (UASs), video surveillance, or sensors monitoring everything from weather data to warfighters’ vital signs.
U.S. Army photo.› High-speed, high-bandwidth interconnect at extremely low error rates is important for data-intensive applications such as video surveillance at high resolution or for augmented-reality/virtual-reality (AR/VR) imagery.
› Low-latency communication is essential for applications that require fast response times and timely delivery of time-sensitive data. Examples include machine control data of robotic devices, including UASs and that used for swarm intelligence, creating decentralized, self-organized systems. Multi-access edge computing (MEC) also benefits from 5G by aggregating and processing mission-critical data on the battlefield, reducing the need for slow and unreliable long-distance connections.
› Operates across a broad spectrum from less than 1 GHz up to 5 GHz that allows it to adjust to its application with a single communication network. Lower frequencies enable larger networks that reach further but are more easily detectable. Higher frequencies, however, create shorter reach for fewer devices (i.e., microcells) and are therefore less likely to be detected.
› Highly secure architecture: 1) All user and control traffic has highly sophisticated encryption methodology such as TLS 1.3, which more securely encrypts both data transport and the initial authentication; and 2) 5G is designed to use software-defined networking to create a highly segmented network to limit lateral movement, separating user and controlling traffic more effectively.
› Efficient energy consumption: 5G enables more efficient energy consumption, which is essential for small devices such as microdrones, UASs, or wearable sensors.
› A worldwide standard enables sharing and communicating across battlefield infrastructures more easily for the varying national military services and allied partners.
The implementation of 5G technology calls for innovative solutions:
1. Scale: To handle the vast scale and complexity of 5G networks, the DoD should adopt automation and orchestration via machine learning-enabled security solutions that can detect and respond to anomalies in real-time. Additionally, leveraging network slicing can provide better resource allocation and isolation, ensuring that critical applications have the required resources and security.
2. Security: Multilayer end-to-end encryption will challenge current monitoring approaches, requiring closer collaboration between encryption and monitoring solutions. The industry needs new security tools that can operate effectively within encrypted environments and will ensure proper key-management solutions are in place. This solution involves sharing encryption keys in real time with monitoring applications and implementing additional end-point protection.
3. Interoperability: Despite detailed 5G wireless standardization, the end-to-end implementation of 5G – in combination with encryption, network virtualization, battlefield technologies, and the monitoring of this infrastructure today – is left to the vendors to figure out. This leads to potential siloed solutions, undermining the intended ubiquitous connectivity that 5G can provide. To address the lack of standard components and implementations across these diverse suppliers and system integrators, military leaders should consider an industry initiative that develops open standards and frameworks for all 5G components for a reliable, high-performing, and secure infrastructure. Such an approach will promote seamless integration of various components and innovation within the 5G infrastructure and encourage industrywide standardization.
4. Training and education: Addressing the lack of required technical skills and expertise is vital for successfully implementing 5G technology. The military should collaborate with academic institutions and industry partners to develop specialized training programs and certifications to enhance the knowledge and
skills of military personnel working with 5G wireless and networking technologies.
To mitigate the issues associated with the DoD’s shift to 5G, collaboration between military and commercial stakeholders is essential. The DoD needs to work closely with the commercial industry to ensure that solutions align with the security and operational requirements of the military while enabling easy interoperability. This reality will require DoD and commercial enterprises to develop common standards in interfaces and APIs that enable seamless integration of various components within the 5G network infrastructure and to promote standardization across the industry. Additionally, the DoD should prioritize the deployment of advanced security-monitoring tools, develop new security standards for end devices, and expand training and education programs. By addressing these aspects of 5G and harnessing the potential of emerging technologies, the DoD can realize the full benefits of 5G technology while safeguarding against potential security risks. MES
Scott Aken is chief executive officer of Axellio. His background includes more than 20 years in cybersecurity and mobile technologies. Previously, Scott was president of Charon Technologies, a subsidiary of CACI International. He has also held key leadership roles in L-3 Communications and SAIC. Scott built his cyber expertise as a Special Agent with the FBI where he conducted numerous cyber counterintelligence computer-intrusion investigations and was a member of their elite Cyber Action Team. Prior to his career at the FBI, Aken spent a decade working in the software and internet industry, holding leadership positions at VeriSign/Network Solutions, GE Information Services, and Manugistics, Inc, a JDA Software company. Axellio https://www.axellio.com/
Cyberdefense: Dealing with evolving threats
The deployed assets of the defense industry are undergoing constant technology improvements, but along with advancement and digital development comes the need to upgrade cybersecurity to support these changes. Some statistics predict that more than 50% of businesses could experience a data breach during 2023, so cybersecurity – particularly in the critical military arena – must keep pace with technological advances in order to secure all assets and associated data. New land, sea, and space technologies will all require a strong cyber backbone.
Many top aerospace and defense (A&D) manufacturers, defense forces, and defense contractors are adopting advanced technologies to keep themselves ahead of hostile forces, ensure that the warfighter is further away from danger, and help military logistics planners exploit these new technologies to the fullest.
Cybersecurity is the cornerstone
The ever-increasing number of digital technologies being used and relied on for manufacturing, operating, and supporting military assets will inevitably lead to more cyber vulnerability.
An underlying software strategy that ensures all new assets and manufacturing processes – including autonomous ships, operating environments, and digital manufacturing operations – have the tightest cybersecurity is crucial. In case of an attack the software must be able to detect, report, and solve security problems efficiently to safeguard operations.
The importance of cybersecurity in 2023 is reinforced within Deloitte’s 2023 aerospace and defense industry outlook: “Most A&D companies are expected to also focus on creating visibility deep into their supply chains to improve supply control and coordination and to better manage third-party risk. Industry players will likely reinforce the need for cybersecurity, cloud privacy, and the resilience of the systems and automation to be prepared effectively for any risks within core operations and with key suppliers.”
Cybersecurity is a key requirement for supporting software infrastructure across the entire military supply chain due to the recent increase in cyber warfare. Organizations’ systems must be pentested and have enough built-in protection to avert and react to attempted data breaches or cyberattacks.
There exist four key areas of potential that can be unlocked in this journey; each development will require software with underlying cybersecurity in place.
1: Three-quarters of A&D organizations look to improve their logistics footprint with additive manufacturing. Quicker repairs of vehicles, ships, and aircraft are now possible as 3D printing is gradually being used more by deployed military forces. In fact, 3D printing is now allowed for design and prototyping of safety equipment and medical supplies for military use in the field. The advancements in the use of 3D printing to help with the construction of bunkers and runways has been bolstered by the U.S. military’s development of the largest 3D printer in the world, which is able to print metal parts 30 feet long, 20 feet wide, and 12 feet high. This breakthrough is only the start of increased use of 3D printing by military forces, as nearly threequarters of the industry leaders polled by IFS believe it will become a standard practice for the defense industry in the next decade.
Traditionally, military forces get their replacement parts from external suppliers, a process that can take as many as 25 days, giving enemy forces precious
time to target supply lines. 3D printing has replaced this long lead time, enabling printing of replacement parts as needed, which bolsters the self-sufficiency of military forces and reducing maintenance wait time. The logistics footprint of forward-thinking bases will be reduced through 3D printing as well, as it enables forces to be deployed in bases in more remote locations due to the minimized requirement to be connected to major supply lines.
Despite all the positives that come with additive manufacturing, depending on where the parts come from it can sometimes cause problems. With the combination of third-party vendor networks and internal additive manufacturing, two traditionally individual fulfillment paths can lead to conflicting asset readiness times due to the difference in speed in which replacement parts can be accessed. This disparity highlights the need for artificial intelligence (AI) and machine learning (ML) tooling to enhance decision-making; the AI/ML tools can aid decisions on the best fulfillment path for a decision which is usually made by traditional logistics personnel.
2: Industry 4.0 technology will help bolster Maritime 4.0 and digital shipyards. Industry 4.0 has accelerated changes in the manufacturing sector and has now moved on to A&D manufacturing sectors – for example, shipbuilding. “Maritime 4.0” is beginning to show benefits in terms of improved efficiency when designing, manufacturing, and constructing ships with better coordination, clearer operations, and maintenance. Despite only being in the adoption stage of its journey, the digital shipyard market is expected to experience rapid growth, with global professional services firm Lloyd’s Register valuing it at $693 million in 2022 with expected growth to $3.967 billion by 2030, for a combined annual growth rate (CAGR) of 19%.
To help with the design and construction of ships, three technologies – artificial intelligence (AI), machine learning (ML), and digital twins – are propelling the development of digital shipyards and Maritime 4.0. Lloyd’s Register states that “the shipbuilding value chain may be empowered to make better decisions and deliver smarter assets by
sharing and integrating data from the influx of new AI and ML-based technologies that are now becoming evident in both shipbuilding and operational sectors.” (Figure 1.)
For its part, the U.K. Department for Transport recently invested £206 million ($270 million) to support the net-zero-emissions goals within the U.K. maritime industry. These Maritime 4.0 technologies – aimed at enabling a green maritime future reducing CO2 pollution and emissions from shipyards – will need the support of cutting-edge software, and it will also need to match expected growth in the sector. The construction of such large assets in increasingly digital shipyards requires an industry-specific and enterprise-breadth-wide software system that is able to manage such a unique construction process.
3: Uncrewed ships set to increase by a third – removing warfighters from danger.
The U.K. Royal Navy recently gained a game-changing testbed ship with a large surface area for launching uncrewed aerial vehicles and autonomous underwater vehicles (UAVs/AUVs) set to be tested by NavyX, the British navy’s autonomous technology accelerator unit. With autonomous vehicles’ reduced need for operating crew, there is room for an operation center and a meeting room aboard the ship. Importantly, the testbed ship will enable the Royal Navy to deploy the MAST-13 AUV, a waterborne drone capable of identifying mines while also gathering information on hostile ships. Meanwhile, in parallel developments, the U.S. Navy is unveiling its third unmanned surface vessel – dubbed “The Mariner” – which is a ship fitted with a governmentfurnished command-and-control system, a virtualized Aegis combat system, and an autonomous navigation system. After a few more upgrades, the Navy says that it hopes The Mariner will deploy sometime during 2023. Going forward, the U.S. Navy Navigation Plan (NAVPLAN) to modernize its fleet includes a desired force level of 523 ships by 2024, including 150 unmanned surface and subsurface vessels, making up nearly a third of the fleet.
Autonomous ships will reduce the number of warfighters sailing into danger when on missions, as uncrewed vessels can enter areas that were previously seen as too dangerous or inaccessible for crewed ships. No longer needing to house personnel means bigger payload capacity, including more fuel, enabling longer deployments or the ability to carry more sensors for advanced surveillance.
For autonomous vessels, maintenance controls must be amplified to ensure full mission capabilities and total asset readiness, as a lack of actual crew aboard has implications for maintenance and sustainment. There is increased criticality of ships’ self-monitoring across systems, and failure projections must be embedded within the design to predict and plan for downtime. Without manned inspections, on-board self-diagnostics and monitoring systems must connect to the broader digital twin ecosystem, a level of automation that cannot be met by yesterday’s systems and processes, which means that systems must be modernized.
4: The next frontier is space, as military forces begin to embark on more space-driven missions.
Space is becoming increasingly demilitarized, and the market is expected to take off over the next couple of years, with a 2023 Fortune Business Insights study predicting growth from $14.21 billion in 2022 to $31.90 billion by 2029, for a CAGR of 12.25%. The space domain is currently being used to navigate and track forces to avoid detection when delivering supplies, enable precise strikes on hostile bases, and improve communication while tracking potential threats. The race is on to get ahead in a more militarized space domain, and intergovernmental organizations such as NATO are getting their priorities in order as military forces gear up for increasing reliance on space-driven operations. In 2022 this mindset led to NATO publishing an “Overarching Space Policy,” which details the fundamental aspects of the space
domain and its importance in preserving the alliance’s security and prosperity.
The document confirms that, as part of its policy, NATO will address space as a coordinator between members with space-based assets. It also identifies some key functional areas of focus for the need for space systems, including space situational awareness; intelligence, surveillance, and reconnaissance (ISR); space-based monitoring of Earthbased domains; satellite communications; position, navigation, and timing (PNT); and shared early-warning assets. The military arena can expect increased focus on the space domain in 2023 and beyond, as more organizations become part of a growing military ecosystem.
As these new and promising areas of technology and operations come to the forefront operations for A&D manufacturers, defense forces, and defense contractors, it is imperative all these advancements rippling through the industry must prioritize the importance of a strong and secure digital backbone. Cybersecurity is a key requirement to enable these developments to advance and thrive. MES
Matt Medley is senior product manager at IFS, tasked with ensuring that solutions meet the demanding needs of defense service and support organizations, defense manufacturers, and defense operators. He has served as a consultant, program manager, and project manager in aerospace and defense organizations. Matt – a graduate of the U.S. Air Force Academy and a certified flight instructor – served for 12 years in the U.S. Air Force, achieving the rank of major and logging 2,500 flight hours in the C-130 aircraft. He holds an MBA from Kennesaw State University and a master’s degree from Webster University and is a certified project-management professional.
Military Embedded Systems focuses on embedded electronics – hardware and software – for military applications through technical coverage of all parts of the design process. The website, Resource Guide, e-mags, newsletters, podcasts, webcasts, and print editions provide insight on embedded tools and strategies including technology insertion, obsolescence management, standards adoption, and many other military-specific technical subjects.
Coverage areas include the latest innovative products, technology, and market trends driving military embedded applications such as radar, electronic warfare, unmanned systems, cybersecurity, AI and machine learning, avionics, and more. Each issue is full of the information readers need to stay connected to the pulse of embedded technology in the military and aerospace industries.
Precision-engineered VPX backplanes designed to the toughest performance standards are essential for the high-speed signal demands prevalent in today’s defense applications. Backplanes are indeed the communication backbones in embedded systems and must be designed to stringent signal integrity standards to ensure timely and accurate data transmission from module to module within a system. For payloads aligned to VPX and SOSA [Sensor Open Systems Architecture] standards, high signal integrity is critical to enable fail-safe operation as systems move to higher serial bit rates supporting 100G-baseKR4 Ethernet, PCIe Gen 4 protocols, and beyond.
Meeting the performance expectations in high-speed backplane design requires practical know-how and deep design experience by teams using the latest connector technology and materials. The most up-to-date design, simulation, and test tools are necessary for validation and verification to measure the results.
The data freeway starts with the backplane
Starting with a firm foundation is essential to backplane performance. Nearly all VPX backplane PCBs are currently manufactured from FR4 materials. FR4 has a record of solid performance over decades and is noted for exceptional thermal tolerance (+180 °C) and a consistent dielectric constant (Dk). Its low coefficient of thermal expansion (CTE) at extreme temperature ranges can be critical given harsh defense environments, not to mention the physical length of backplanes in high-board-count systems. FR4 has its limits, however, when it comes to one key factor in VPX systems and it’s a big one – data rates.
FR4 is the way to go at 8 to 10 Gbits/sec. At 10 Gb per lane, that does the job for 40 GbE (40GBASE-KR4) and PCI Express (PCIe) Gen-3 protocols with signal integrity sufficient to the task. However: Higher-speed EW/RF [electronic warfare/radio frequency] applications in every form now require data rates and network connectivity that surpass those levels. Chip manufacturers continue to respond quickly to market needs and as a result, new Sensor Open Systems Architecture (SOSA) aligned 3U and 6U payload modules now must support 100 GbE (100GBASE-KR4) and PCI Express (PCIe) Gen-4 protocols in processing, FPGA [field-programmable gate array], and switching products. With these advancements, the associated per lane upshift in data rate requirements goes from 10 Gbits/sec to 25 Gbits/sec, well beyond FR4 capabilities in terms of signal integrity.
Faster protocols now being rolled into silicon need faster backplanes – you can’t have a superhighway feeding into a dirt road. While that analogy may be extreme, the fact is that backplane datarate capability needs to keep pace in
order to avoid bottlenecks. Tachyon 100G from Isola is an example of a high-speed laminate that enables scaling current VPX modules and protocols to higher-speed systems through board and backplane designs. Its low loss performance and ultrasmooth copper support high-data-rate applications at 100 GB/sec and beyond. It enables greater stability over a wider frequency and temperature range versus FR4, two very important performance features given the higher speed and hotter system payloads coming into play for VPX systems.
The fiber/resin composite makeup of any PCB is key in ensuring a consistent dielectric constant. Fiber/resin composite PCB materials are inhomogeneous and anisotropic (not uniform/have a grain) and so propagation speed can vary depending on the location of traces. In typical FR4 materials (Figure 1), signals running over traces that cross a fiber-rich area (#1) encounter a different dielectric constant as they traverse the board as opposed to signals traversing combined resin/fiber areas (#2). This can lead to timing skew and signaling errors due to differing propagation speeds from one trace to the other.
High-speed laminate, by comparison (Figure 1a), features a mechanically spread glass makeup and is more electrically uniform compared with FR4. Filaments are spread mechanically in a high-density weave resulting in the elimination of resin gaps and therefore more electrical uniformity. The homogeneity of the material means consistent signal performance regardless of where the trace traverses the board. This consistency helps to ensure similar propagation speeds and dielectric constants and can reduce signal-timing issues.
From silicon to module to connector and beyond, all was well prior to about 2018 when PCIe Gen3 and 40 GbE were the predominant/most-used high end of the datatransmission protocols. Connectors defined by VITA 46 served well for years at the prevailing speeds. As advanced EW/RF applications came along, however, with their inherent increased data rates, PCIe Gen4 and 100 GbE started to find broader application and the limits are being breached. In parallel with board advancements, VPX connector manufacturers introduced long-awaited design improvements that ensured those high-speed signals could make it off the VPX module and across the backplane from slot to slot and slot to I/O with the signal integrity necessary for the application.
In January 2021 the ANSI/VITA 46.30-2020 Higher Data Rate VPX Standard was introduced to address high-speed connector design for 100GbE and PCIe Gen 4 protocols. VITA 46.3, as it’s commonly known, paved the way for 25 Gbaud speeds per wafer, or lane in VPX terms. One lane is also known as an ultrathin pipe; link aggregation in turn converts four lanes into one fat pipe supporting 100 Gbaud and 64 Gbaud per fat pipe link that then achieves the necessary data rates for 100 GbE and PCIe Gen 4, respectively. The R-VPX EV02 from Amphenol and the RT3 connector from TE Connectivity meet the ANSI/VITA 46.30 and are now seeing more use in newer applications running 100 GbE and PCIe Gen 4 protocols. (Figure 2.)
An important difference between the original VITA 46.0 connector and the new higher-data-rate connectors as defined in ANSI/VITA 46.30 is the pin size at board
Figure 2 | Pictured: R-VPX EV02 high-speed connectors from Amphenol Figure 1/1a | Typical FR4 materials compared with high-speed materials. Figure 1termination. Pins are reduced in size so that crosstalk is minimal and impedance discontinuity is reduced at the connector/PCB junction. For the highspeed signals, VITA 46.30 standard points to solder tails instead of smaller compliant pins. Solder tails are terminated in microvias in the PCB to improve signal integrity. The good news is that connectors compliant to VITA 46.30 are backwards-compatible to legacy VITA 46.0 connectors and follow the same form factor. This fact means that 100 Gb-capable VPX modules may be plugged into lower-speed 40 Gbcapable backplanes and vice versa.
Adherence to baseline design principles for successful backplane realization is critical; moreover, the assembly of high-speed backplanes relies on controlled and well-understood manufacturing processes to ensure that the engineering and design work investment is not diminished during the production of the backplane.
Manufacturing: controls are key
Experienced high-speed backplane suppliers know that the production controls for high-speed backplanes are just as important as the upfront engineering efforts. Adherence to baseline design principles for successful backplane realization is critical; moreover, the assembly of high-speed backplanes relies on controlled and well-understood manufacturing processes to ensure that the engineering and design work investment is not diminished during the production of the backplane.
One area of importance is conductor surfaces. Conductors on PCBs do not have perfectly smooth surfaces, but
rough copper improves peel strength of laminate. On the other hand, conductor surface smoothness is key in controlling the consistency and optimization of signal speeds as they pass along the conductive copper foil. Tachyon 100G uses very smooth copper foil – VLP-2 (2-micron) for improved performance.
When the copper surface is rough, the effective conductor length extends as current follows along the contours of the surface along the topography of the copper surface. At high frequencies, the effective resistance of the copper increases relative to the additional distance over which the current travels. Manufacturing methods must balance the need for copper/laminate adhesion with the need for smooth surfaces for consistent signal speeds.
Regarding PCB thickness, maximum thickness is dictated by the minimum connector through-hole diameter. The ratio of board thickness to hole size generally cannot exceed 10:1. High-speed connectors that can handle 25 Gbaud use nano tail pins as mentioned earlier that require smaller holes (0.014 inch) versus standard VPX connectors (0.022 inch). This means that as signal speeds increase and high-speed connectors are introduced in the assembly, through-hole diameters must decrease as does maximum board thickness and hence maximum layer count. This board-thickness limitation forces circuit designers to use board layouts that minimize layer counts yet maximize signal efficiency. (Figure 3.)
Validation – measuring the bumps in the road Testing backplanes for performance at 25 Gbaud requires increased scrutiny as opposed to testing at 10 Gbaud.
Circuit designers understand that s-parameters represent the dynamic response of electronic components and circuits to high-speed signals. Channel parameters are an interpretation of the s-parameter data that can be used to evaluate overall channel performance. In VPX backplanes, channel parameters are used to evaluate signal integrity as signals move between VPX modules – the VPX channel in this case. S-parameters from each channel component are combined to yield overall performance (channel compliance) for insertion loss, return loss, crosstalk, and so on.
For backplane performance at or below 10 Gbaud, ANSI/VITA 68.1-2017 defines a budget-margin criterion for signal integrity that establishes channel compliance. This guideline enables developers to design VITA 68.1-compliant backplanes that support required bit-error rates (BER) for multiple fabric types when the backplane includes components that are also compliant to VITA 68.1 budget criteria. For higher rates with reduced compliance margins, the entire channel must be closely considered, and so the smaller margins cannot be pre-allocated. Validation must therefore involve full channel COM (channel operating margin per IEEE 802.3 Ethernet) and statistical eye diagram analysis for PCIe.
Figure 3 | Backplanes from LCR Embedded Systems use advanced design methods to facilitate high-speed systems aimed at defense applications.That’s where VITA 68.3 comes in: For speeds in excess of 10 Gb/sec VITA 68.3 will use simulations to establish a set of corner-case reference s-parameter models for VPX modules and backplanes. This setup enables simulation of the entire channel without detailed knowledge of exactly what module or what backplane combinations will eventually be connected. Any given design will then need to demonstrate compliance through simulation when inserted into a defined set of end-to-end channels using reference s-parameter models.
Confidence in any high-speed design begins with simulation. The entire endto-end channel must be simulated even when only designing a module at one end or the backplane. Compared to direct measurement, simulation does not rely on external equipment and makes it easier to isolate components and other elements from the rest of the channel for the module or backplane. COM (for Ethernet) and PCIe reference packages are now provided with simulation software and VPX connector modules are available from the connector manufacturers. Post-simulation provides a detailed model of the design that can be shared with customers and vendors per VITA 68 requirements without revealing proprietary design features.
VPX going forward
David Jensen is a senior electrical design engineer at LCR Embedded Systems who has more than 25 years of electronics PCB design and embedded integration experience in the communications (telcom/datacom) and military industries.
Steve Gudknecht is the marketing and communications manager at LCR Embedded Systems. Steve has more than 20 years of experience promoting and managing solutions for the embedded computing industry. Steve also served as a product and marketing manager for Elma Electronic.
Speeds up to 25Gbps
4 points-of-contact – withstands a very rough ride
High-density, configurable in 1-5 bays
Interchangeable molded signal & SMPM RF insulator bays
Tested & qualified based on MIL-DTL-83513 performance requirements
Ideal for Mil-Aero, Space, & Industrial Applications
VPX and the progression towards modular systems architecture has resulted in raised expectations regarding time to market –or, to put it in more absolute terms, time to theater – for new system deployments. There’s an insatiable demand for improved performance and reliability driven by applications requiring high-speed signal processing. Optimal backplane design that results in the highest signal integrity relies on a firm foundation based on a combination of leading-edge materials, connectors, plus test and manufacturing methods. As the VITA Standards Organization plans ahead for everincreasing data rates, system integrators with deep design experience must be experts in every aspect of backplane design. Keeping pace will ensure current and future mission-ready solutions meet the needs of the warfighter. MES airborn.com
LCR Embedded Systems • https://www.lcrembeddedsystems.com/
For critical and intelligent deployed embedded modules, air-flow-through (AFT) cooling describes an approach that brings the coolant much closer to heatgenerating electronics than standard conduction-cooled approaches. As a result, compared to conduction cooling, AFT increases the amount of power that can be cooled and decreases device temperatures.
With air-flow-through (AFT) cooling of deployed electronics, air is contained within the closed duct of the module’s heat exchanger, which is separated from the module’s electronics. The interface between the module and chassis requires an air seal to prevent air escape or contaminant ingress. AFT modules are typically thicker than similar conduction modules due to the AFT heat exchanger, which means that mezzanine cards need connectors to the host card with taller mated heights. This arrangement also provides superior cooling to the mezzanine card, because the primary side of the mezzanine is adjacent to the heat exchanger.
Figure 1 graphically shows the comparison between the two cooling approaches, with a clear reduction in thermal resistance provided via AFT.
In recent years, interest in AFT has gained renewed momentum in the VITA Standards Organization (VSO) and elsewhere. The following AFT standards and/ or Working Groups are currently active in the VSO:
› VITA 48.5 Standard (Mechanical Standard for Electronic Plug-in units Using Air Flow Through Cooling) and VITA 48.5 Revision Working Group (Mechanical Standard for VPX REDI Air Flow Through Cooling, Multi-Pitch)
VITA 48.8 Standard
(Mechanical Standard for VPX REDI Air Flow Through Cooling, 1.0” to 1.5” Pitches)
› VITA 48.9 Working Group
(Mechanical Standard for Electronic VPX Plug-in Modules Using Air Flow Through Cooling –Retractable Seals)
The VITA AFT standards provide excellent approaches for thermal management. In addition to the inherent advantages that AFT delivers, system designers also benefit from the VSO’s adherence to open standards, collaboration, rigor, and professionalism in developing the standards.
The following provides a concise introduction and overview of the VITA AFT standards:
VITA 48.5
VITA 48.5 was originally developed and standardized by Northrop Grumman, with the standard being released as ANSI-approved in 2010. It features a patented air seal that Northrop Grumman has used for decades. VITA 48.5 is now in the process of being revised and updated for wider applicability and better ease of use. For example, 3U OpenVPX modules will be included in the updated standard, whereas VITA 48.5 was previously limited to 6U modules. In addition, specific module pitches will be defined, more detailed guidance for heat exchanger design will be provided, the air seal IP licensing requirement is being reevaluated, and an air seal source of supply will also be included in the revised standard.
VITA 48.8
After VITA 48.5, VITA 48.8 was the next AFT standard to be developed in the VSO. Lockheed Martin developed the approach behind this standard, which has been ANSI-approved since 2017, with a revision in 2022. VITA 48.8 covers both 6U and 3U modules. It is unique among the various AFT standards in that it minimizes plug-in module weight by removing card edge retainers (aka wedgelocks) and replaces front-panel levers with jack screws. A recognized disadvantage of VITA 48.8 is that the air seal material and design are not clearly specified in the standard, so implementers are on their own to develop this critical piece of the AFT puzzle. On the
other hand, for some system developers the freedom to define the air seal can be an advantage, since they can innovate and introduce superior air sealing for VITA 48.8 (although interoperability may ultimately suffer).
VITA 48.9
Adding to system designer options, a new AFT standard is now emerging. VITA 48.9, which features a new air seal, was developed by L3Harris. The VITA 48.9 Working Group in VSO is quite active, with 46 participants signed up, split more or less evenly between producers and users. VITA 48.9 will cover both 6U and 3U plug-in modules, and the new air seal is a two-piece design, one piece for the chassis side, and the other for the module side. There is also a push to standardize modules into pressure drop classes, and a lot of work is being done to bring the new air seal up to higher TRLs [Technology Readiness Levels].
Although there are common elements across each of these AFT standards, the truth is that they are not interoperable. Each approach has its pros and cons, and the companies behind the introduction of the respective standards obviously have an interest in using them for their own systems. Therefore, AFT implementers – in particular module developers – may need to be able to design, model, analyze, prototype, test, and build to each of the standards.
Outside of the VSO, Curtiss-Wright developed another approach for AFT cooling, called fluid-flow-through (FFT). A patented cooling method, like some of the other AFT standards, FFT also brings the coolant much closer to the heat-generating electronics, but with FFT the plug-in module is a common form factor conduction module. The coolant can be either air or liquid, with the heat exchanger being part of the chassis rather than located on the module itself. Like the other AFT cooling approaches, FFT
has advantages and disadvantages. One of its key advantages is the ability to use a common conduction module form factor, and the associated interoperability and cost advantages that provides. A disadvantage of FFT is the increase in pitch and weight that it introduces, although it has been shown that a pitch of 1.1 inch to 1.3 inches can be achieved, and weight is actually less than some module-level designs for high power (e.g., copper frames).
One of the key benefits shared by all the AFT cooling approaches discussed here is the ability to innovate within the standard. This benefit combines some of the best aspects of MOSA [modular open systems approach], namely open standards interoperability and technological innovation. The VITA standards define and control the mechanical interfaces between the plug-in module and the chassis and other required components (e.g., levers, jack screws, etc.). Beyond those parameters, module developers have more or less free rein to design the heat exchanger within the required envelope, enabling cooling innovation to thrive.
Ideally, there would be a single AFT VITA standard that all module, chassis, and system developers would follow. However, the current reality is that three distinct AFT standards within VITA need to be considered – VITA 48.5 Revision, VITA 48.8, and VITA 48.9. Using a common circuit card assembly design for these standards would help minimize costs of AFT modules. Close collaboration with customer system developers is also highly recommended to ensure requirements are met.
An example of an AFT module is the VPX3-652 20-port Ethernet switch card, designed in alignment with VITA 48.8. This Layer-2 managed Ethernet switch provides as many as 20 ports of copper Ethernet connectivity. Models are available with 16 ports
of tri-speed 1000Base-T backplane connections, or with 12 ports of 1000Base-T plus an additional 8 ports of 1000Base-X (SerDes) connections for mixed Base-T/ Base-X environments. An additional 1000Base-T port is available on the front panel for air-cooled modules. All Base-T ports feature auto-negotiation and autoMDI/MDIX to ensure trouble-free interfacing. Base-X (SerDes) ports are typically used for board-to-board interconnects within a system or can interface directly to optical transceivers for external fiber connectivity.
The VPX3-652 3U VPX Ethernet switch supports an extensive set of Layer 2 switching features. Its flexible management interfaces, including a powerful command line interface (CLI) for setup and configuration, as well as SNMP and Web management interfaces, accelerate development time to market and simplify maintenance support. In addition, special features like built-in test (BIT) aim the part squarely at those building tactical deployed networks. MES
Ivan Straznicky is technology director and a technical fellow at CurtissWright, where his responsibilities include advanced thermal and packaging technologies. Ivan has three patents for cooling of rugged electronics and has written several technical papers and articles on the subject. He has a degree in mechanical engineering from McGill University in Montreal, Canada.
“... the current reality is that three distinct AFT standards within VITA need to be considered – VITA 48.5 Revision, VITA 48.8, and VITA 48.9.”
Each issue, the editorial staff of Military Embedded Systems will highlight a different organization that benefits the military, veterans, and their families. We are honored to cover the technology that protects those who protect us every day.
This issue we are highlighting Til Valhalla Project (TVP), an operation started by Marine veteran Korey Shaffer and his wife Tiffany in 2017. In 2016, while grieving the loss by suicide of one of his closest friends from the Marines, Korey made a plaque to honor his fallen friend and gave it to his deceased friend’s mother, who loved it. He realized that making this memorial plaque was an effective coping mechanism for him. Other people started asking for a similar plaque for their lost veterans. Korey and Tiffany started TVP to fund the making of the plaques and to raise money to contribute to mental-health support for veterans.
Korey – now the president and CEO of the Til Valhalla Project – has spearheaded memorial plaque-making, branded garment sales, and fundraising, enabling TVP to donate more than $1.2 million to date toward Mission 22, a nationwide charitable organization focused on raising funds to lower the rate of suicide among veterans. Mission 22 also funds localized and personalized support and access to resources to help veterans and their families with re-entry to society and the workforce, especially following a service-related injury.
According to information on TVP’s website, more than 200 veteran lives have been saved, more than 1,500 memorial plaques have been anonymously delivered, and thousands of loved ones have been honored since TVP was launched. Although TVP is based in Florida, residents of several states have established their own fundraising vehicles – including memorial cycle rallies and other events – to donate to the company and to Mission 22. For additional information, please visit https://tilvalhallaproject.com/.
Sponsored by Keysight Technologies
In the defense and aerospace software-development arena, continuous integration and continuous delivery (CI/CD) have become critical for ensuring high-quality, error-free software releases for military systems such as avionics, radar, communications, and more. Software test automation can help with some of these challenges, enabling defense software system designers to achieve faster and more reliable CI/CD by automating the testing process and deploying technology more quickly into the field.
In this webcast, attendees can explore the benefits of software test automation in CI/CD for military and aerospace applications and the best practices and strategies for implementing it effectively. Topics covered include choosing the right automation tools, creating effective test suites, and integrating automation into the CI/CD pipeline. Additionally discussed are common pitfalls to avoid when implementing test automation and real-world examples of successful automation implementations in defense applications. (This is an archived event.)
Watch the webcast: https://tinyurl.com/jwmn66yc
Watch more webcasts:
https://militaryembedded.com/webcasts/archive/
By Omnetics
Military and commercial space applications such as satellite payloads and positioning systems continue to put pressure on designers for highly reliable interconnect technology that can meet stricter reduced size, weight, and power (SWaP) requirements and handle signal-integrity performance demands. Systems intended for use in space must not only show performance capability but must also remain reliable inextreme environments outside the Earth’s atmosphere.
To meet these demands, space and defense integrators must leverage interconnected solutions that can operate reliably at micro and nano levels in these conditions. This white paper covers how design engineers can navigate changes in industry requirements for connectors for space applications, meet design challenges for wiring and flex boards, address ruggedization obstacles in military and commercial space applications, and manage reduced SWaP requirements with today’s miniaturized connectors.
Read the white paper: https://tinyurl.com/mwe3cuws
Read more white papers: https://militaryembedded.com/whitepapers
Shorten development time and reduce design risk with flexible RFSoC FPGA processors, high-speed data converters, and a robust software design suite. Mercury’s proven COTS direct RF broadband processing solutions deliver real-time actionable data for decision superiority. The SWaP-C modular design is ideal for edge applications used in electronic warfare, radar, and 5G communication applications.
FEATURES
2.5" � 4" module, SFF platforms
SOSA aligned 3U OpenVPX, PCIe
8 A/D and D/A channels
Up to 64 GSPS
Coverage to Ku band
mrcy.com/directrf