PDC and Data-Centricity: Creating a Joint Posture of Deterrence￼
Given the recent crisis in Ukraine, there has never been a greater demand for the world to work together in a combined effort to stop this tragedy with a unified front. This is not an easy task – activities are easier when there is no one else to coordinate one’s actions with, but the impact of these singular activities may be significantly weaker than the combined action with others. In the military domain, the activity of working and communicating together is termed Pan-Domain Capability (PDC). PDC enables different military services, security agencies, and coalition partners to share operational data. The challenge is timing, and to quote the late Jim Ready, “the right data late, is wrong”. For data to have the highest value, it needs to be delivered in real-time, enabling command and control decisions to be executed in seconds to minutes, not in hours to days. This reduces time in the OODA (Observe, Orient, Decide, Act) Loop and delivers immediate responses to adversarial threats.
From the operational perspective, PDC will increase the speed of engagement, seamlessly transiting target, and situational data through C2 nodes to the forward edge of battle, gaining a force multiplier effect and warfighting advantage. This problem is very complex and is hampered by the current implementation of thousands of brittle, stove–piped, legacy systems and equipment. These dedicated networks support singular security domains, and a variety of data structures with hard–coded, proprietary interfaces that require data unpacking, translation, and repackaging on a tactical network. This legacy approach incurs significant overhead, throttling real–time military networks and impeding the speed of engagement — at a time when real–time information delivery is paramount and can mean the difference between success or failure.
The good news is that the technology to accomplish the delivery of real-time data across different operational domains exists today, and this can be deployed using proven commercial hardware and software components. The key element in these systems is not hardware or software – it is the delivery of real-time data. This has been recently underscored by the US Department of Defense (DoD) with the release US DoD Data Strategy in September 2020 titled “Unleashing Data to Advance the National Defense Strategy” that states the US DoD is going to evolve into a data-centric enterprise, and that “It is the responsibility of all DoD leaders to treat data as a weapon system and manage, secure, and use data for operational effect”. The vision for this directive is to transform the DoD into a “data-centric organization that uses data at speed and scale for operational advantage and increased efficiency”.
This strategy also defined a framework for the quality of data to make it visible, accessible, understandable, linked, trustworthy, interoperable, and secure. We have a new acronym, VAULTIS, to deliver this message efficiently.
Within the data centric PDC environment, securing data is mandatory. In the past we have tried to secure servers and compute platforms in the network, and then tried to secure all the endpoints. This is not working in our ever-expanding distributed networks where the compute nodes are getting too complex and brittle to respond to new threats. The endpoints are simply too distributed and numerous to trust that all of them are properly secured. Given this reality, we have developed a strategy called Zero Trust that assumes that adversaries are everywhere in the network.
A Zero Trust network architecture must support securing data from all operational domains across the delivery environment – this cannot be accomplished using traditional Single-Level-Security (SSL) that locks down and restricts compute containers and data-in-motion to only one security domain in a network pipe. To enable the rapid sharing of data, individual data topics from each security domain need to be secured with unique data authentication and encryption strategies so only parties with appropriate credentials can access these topics. Multiple dedicated network pipes can no longer be a requirement. Instead, multiple military domains must be able to securely share data on optimized network pipes as permitted, enabling high network efficiency and lower operations costs. This entire environment must be standards-based for high scalability and rapid deployment by all domains.
Now that we have a foundation of secure real-time data, what else is required? I have compiled a list of the Top 10 Data Requirements for PDC that is freely available to download and describes the primary attributes for a PDC system.
For more information, reach out to firstname.lastname@example.org