Prototypes Rapidly Deliver Cyber Capabilities

JUNE 20, 2017, WASHINGTON – Serving as “test drives” for possible Army systems of the future, prototypes are playing an increasingly vital role as a natural bridge between emerging technologies and more mature solutions that are part of official programs of record.

While prototypes are not perfect solutions, they are an essential interim step that deliver initial capabilities to select units who can provide early and frequent feedback, so that the technology can be improved over time or scrapped before significant investments are made.

Prototypes are perhaps most pertinent in the cyber domain, where speed is of the essence.

“The speed of technology, combined with always-changing threats, demand that we go faster in getting capabilities to the field,” said Doug Wiltsie, director of the Army Rapid Capabilities Office (RCO). “The Army needs to act quickly on cyber technologies and prototyping can help expedite that.”

The RCO is working across Army cyber organizations to identify ways that accelerate design and production of capabilities through prototyping efforts that support high-priority operational needs.

Already, the Army has procured and delivered a range of prototypes for defensive cyberspace operations, focused on both the infrastructure and the tools needed to defend against attacks on Army systems and networks. The Army has partnered with industry, academia and government organizations to harness emerging technologies such as deployable and pre-staged cloud enabled hardware, big data analytics, and advanced analytic and visualization tools for military applications.

Cyber capabilities were included into existing operational venues such as the Network Integration Evaluations (NIEs) and Joint Warfighting Assessments (JWAs), and for use by brigade combat teams during Combat Training Center rotations. The Army has also established a flexible model for adapting official cyber programs to keep pace with evolving requirements.

For example, prototype deployable defensive cyberspace operations kits were used to support a training rotation for the 2nd Armored Brigade Combat Team, 1st Infantry Division at the National Training Center (NTC) in California in May. These “fly away” kits were packages of easily transportable software and hardware that enable the Army’s cyber protection teams to provide expeditionary cyber defense of friendly networks and systems when they need to deploy quickly in support of unified land operations around the world.

The Soldiers’ feedback on the kits will inform an Army Cyber Command initiative to define expeditionary cyber capabilities and their integration into operational use. During the NTC rotation, the cyber protection teams used the kit to defend their network in a contested environment.

“The Army is becoming more agile, more maneuverable, and making use of modern technology,” said Maj. Steven Feigh, 152 Cyber Protection Team Lead, Cyber Protection Brigade. “The kit is used to allow a remote capability down to the brigade combat team level that can be accessed anywhere in the world and greatly improves our current defensive posture.”

After initial procurement of the “fly away” kits, advanced prototypes were delivered as a result of the Army’s first Cyber Innovation Challenge, which took place in 2015 and resulted in Other Transaction (OT) agreements with two vendors who have since delivered several iterations of the prototypes for feedback.

The Army is executing a series of OT agreements, which look to industry partners — especially non-traditional defense contractors — to deliver prototype solutions for rapid evaluation. This interaction is facilitated through a consortium of industry, academia and government entities, enabling the Army to solicit, evaluate and purchase limited quantity equipment prototypes. The prototypes are then placed in the hands of cyber Soldiers for evaluation and experimentation.

Now that the Cyber Innovation Challenge series has demonstrated the real value of OT-based rapid prototyping, the Army is incorporating rapid and continuous prototyping into its cyber programs of record. While all prototypes start out as something of an experiment, some will reach the level of feeding into formal programs.

For example, with Defensive Cyber Operations (DCO), the Army’s Product Manager DCO is building an agile acquisition strategy that includes a continuous cycle of rapid prototyping efforts to harness innovative technology for adaption by the program baselines. This complementary process will deliver prototypes every four months to get the emerging capabilities into the hands of Soldiers for initial evaluation and limited use, while also providing feedback to inform the evolution of the longer-term programs of record.

The System of Systems Engineering and Integration (SoSE&I) Cyber Focal is the facilitator, ensuring shared awareness of cyber requirements, synchronizing prototyping activities, and enabling the rapid adoption of innovative technology into programs. The RCO is also involved in the process at key steps to leverage existing initiatives and inject strategic priorities as required.

“With the integration of continuous prototyping into our DCO programs of record, the product manager is well situated to execute RCO priorities in the DCO mission area,” said Col. Bryan Stephens, cyber director for RCO and SoSE&I. “Cyber programs must have a constant element of prototyping to ensure that they remain technically and operationally relevant.”

In April, the Product Manager DCO hosted an industry day at Fort Belvoir, Va., to explain seven individual Requests for Information (RFIs), asking for feedback from industry on requirements for each. By separating the Army’s defensive cyber capability needs into seven RFIs, the Army can inject mobility, speed and agility in creating cyber capabilities. The office also plans to utilize the IT Box model, which provides flexibility to create or update requirements as new Operational Needs Statements arrive from the field.

“With the seven prototype RFIs, we’re trying to do things a little different by getting feedback early to refine our requirements so we know we’re giving the warfighters the best capability,” said Lt. Col. Scott Helmore, Product Manager DCO during the industry day. “Our main focus is on the cyber protection teams. Every day they are doing operations and we can’t be delivering a capability to them three years down the line. With the IT Box, we can change our requirements over time and we can add to it. It’s a more flexible approach.”

To ensure the operational aspect of these advancing cyber capabilities, the Army is utilizing exercises such as the NIEs and JWAs. In July, at NIE 17.2 being held at Fort Bliss, Texas, the Army will advance tactics, techniques and procedures for DCO, building on lessons learned during pilots conducted at NIE 16.1, NIE 16.2, and the first Army Warfighting Assessment (now known as the JWA).

The main objectives for cyber operations during NIE 17.2 include capturing lessons learned in the use of DCO at the tactical level, determining technical and procedural requirements for malware analysis and forensics tasks, demonstrating integrated global and regional cyberspace operations, and integrating unit-level Network Operations soldiers that plan, manage and defend the tactical network.

By Nancy Jones-Bonbrest, U.S. Army