Commercial-Based Software To Harden Global Information Grid
from Avionics MagazineIf all goes well with a military-sponsored R&D program, commercial-based software products eventually will provide some of the core components needed to make the Pentagon's vision of network centric operations a reality.
The MILS program at the U.S. Air Force Research Laboratory (AFRL) is working to establish and promote an architecture that would allow computers to process and communicate data at multiple security levels, while assuring that sensitive data doesn't leak into unauthorized channels. Key components of the MILS architecture-short for Multiple Independent Levels of Security-include commercial-based real-time operating systems (RTOS) and partitioning communications systems (PCS). Three different RTOS vendors and one PCS supplier so far are working to meet MILS standards.
A recent event sponsored by the Open Group standards organization featured a demo of how MILS technology could support a Global Hawk unmanned air vehicle (UAV) reconnaissance mission. The demo simulated communications at two security levels between three UAVs and a ground station. The bottom line was that the simulated ground station, using a MILS operating system and PCS communications middleware, was able to process the data transmitted by the UAVs and maintain separation between security levels. The data coming from the UAVs included notionally top secret images collected by onboard sensors and secret-level mission data. The PCS software enabled the data levels to be kept separate on the network and to be securely transmitted over a single line.
Two commercial avionics standards are fundamental building blocks for MILS technology-DO-178B for flight critical software, and ARINC 653 for partitioning operating systems. These specifications allow the design of avionics systems in which software applications at different levels of flight criticality can coexist safely on the same processor. The MILS architecture would take that achievement a step further, adding the ability to process and communicate information at multiple security levels on the same hardware. Today data at different security levels is separated via hardware, which increases the size, power consumption and cost of implementation. MILS security guidance includes ISO-15408, also known as the Common Criteria, and DCID 6/3, an accreditation standard for systems that handle sensitive intelligence data.
Two aircraft already have a MILS requirement-Block 30 F-22As and forthcoming F-35s, according to Jahn Luke, who manages the MILS effort. The MILS program is looking for additional support from within the Defense Department (DoD), as well.
At the Open Group event Luke presented data supplied by Lockheed Martin that compared the cost of ownership of a MILS vs. a proprietary operating system. The company came up with a 10-year total program cost of about $16 million for a proprietary operating system vs. $6.6 million for a commercial-based MILS operating system. The Lockheed data further suggests that the cost to migrate a MILS operating system to five DoD programs would be about $13 million vs. $80 million for a proprietary solution.
MILS capabilities could become foundational elements of the Global Information Grid (GIG), the Pentagon's vision for network centric operations. "We're into IT [information technology] and information exchange," declared Lt. Col. Brett Telford at the conference. Telford, the deputy director of the Open Systems Joint Task Force, continued, "The next paradigm shift starts with security. You have to protect the information." While MILS software is based on commercial technology, it must be approved by both the National Security Agency and the National Information Assurance Partnership, something that has not yet been achieved.
Network centric operations involve sharing information at all levels-from top secret/secure-compartmented down through unclassified-between new and legacy systems, as well as between U.S. and coalition partners, Luke explains. Information flowing within and between military systems needs to be shared securely in order to protect the forces and their missions. Thus the MILS architecture could embrace not only new platforms but legacy systems that must be modified to interoperate with the GIG.
MILS researchers are talking with a number of program offices, including the Joint Tactical Radio System (JTRS), CV-22 tiltrotor, the B-2 bomber, Global Hawk and Crypto Modernization. JTRS has a multiple single-level security (MSLS) requirement, which means that the devices have to separate data securely and simultaneously. MILS components possibly could be integrated into the radios through an auxiliary processor, Luke says.
The Special Operations Command (SOCOM) has been interested enough in the MILS approach to cosponsor a risk reduction study with AFRL. This Multiplatform Open System Transition study is looking at the potential of the MILS architecture to manage operational flight software partitions, according to Luke. He says the next phase will look at security aspects.
The MILS concept was originally developed by SRI International's John Rushby in the early 1980s. It was later adopted by the National Security Agency and AFRL, as microprocessor technology made the scheme more practical.
- Charlotte Adams