Army Battle Command System Overview Marie Collins mcollins@mitre. org 732 -389 -5691 13 March 2002 Pete Dugan pdugan@mitre. org 732 -389 -6701 MITRE 1
Background: Digitization MITRE “Digitization will enable the Army of the 21 st Century to win the information war and provide deciders, shooters, and supporters the information each needs to make the vital decisions necessary to overwhelm and overcome their adversary and win the overall campaign. ” Major General Joe Rigby Commander’s Intent and Assessment Situation Awareness Directives Intelligence. and Engagement Data Combat Service Support XX XX III II X X II II X 2
Tactical Internet Communications MITRE BDE TOC DIV TOC Upper Echelon Communications • Much greater bandwidth required for ABCS, VTC, collaborative planning, . . . • Primarily point-point communications between TOCs MSE ATM BDE TOC Router-based architecture BN TOC BDE TOC NTDR BN TOC Lower Echelon Communications EPLRS SIP • Much lower bandwidth limits traffic to JVMF (bit oriented) messages • Primarily broadcast/multicast communications between vehicles • Much greater mobility required Based on the standards and architecture used in the Internet 3
The Army Battle Command System MITRE 4
ABCS: Past, Present, and Future ABCS 6. 2 Inter-TOC ABCS 7. 0 BAS Common Svcs Peer-2 -Peer Model: Everyone is a server Inter-TOC BAS Common Svcs Network BAS TOC Server Inter-TOC Network BAS TOC Server BAS Common Svcs BAS Inter-TOC BAS Light Client Component Model: TOC server hosts the BAS Components Centralized Model: TOC server provides common services Light Client BAS Common Svcs ABCS 8. 0 MITRE ABCS 9. 0 (FCS) Network Server Integrated Model: Server hosts integrated BAS Systems BAS BA BA BAS Light Client BA BA Light Client Light Client 5
MCS Overview MITRE JOINT CHIEFS & DEFENSE DEPARTMENT GCCS d. B files d. B files THEATER OF OPERATIONS XXXX JTF ARMY CJTF MCS ATCCS ASAS AMDWS CSSCS FBCB 2 files OTHER SERVICES/ SYSTEMS GCCS-A AFATDS files MISSION: MCS is the Army Battle Command GCCS-A System's (ABCS) Functional Subsystem that directly supports the combined arms force commander and staff by providing automated d. B support for planning, coordinating, d. B controlling and using maneuver functional area assets and tasks. The System coordinates and synchronizes the supporting arms in the conduct of operational planning, field operations and training. files • Create and manage the Common Tactical Picture • Enhance and shorten the decision-making cycle across the operational continuum • Respond to the Commander’s Critical Information Requirements (CCIRs) • Supervise execution of operations • Integrate information from other ABCS, joint and combined systems • Enhance planning operations and the OPORD process • Operate in the tactical and garrison environments 6
MCS Hardware MITRE MCS-Light MCS-Heavy • CHS-2 HCU or VCU • 333 or 440 MHz CPU • Removable SCSI 18 GB (HCU), 14 GB (VCU) or larger hard disk • 256 MB RAM • Solaris 7. 0 • SUN PCI Card • MCS-Light compatible software • • 333 MHz CPU or better laptop computer 750 MB free hard-drive space 128 MB RAM Windows NT 4 or Windows 2000 Office 97 or 2000 Internet Explorer 5. 0 or higher Acrobat Reader 3. 0 or higher 7
MCS Functional Summary MITRE • Acts as a gateway between Battle Command systems and Echelon Above Corps Systems – Mapping and routing between different architectures • Common tactical picture (CTP) – Receive information from reporting platforms and manage the common tactical picture – Manage Overlays from other functional overlays • Enhance planning operations and the OPORD process – Provide an ability to see the plan in action – Overlays indicate planned positions • Alerts to Commander’s Critical Information Requirements (CCIRs) – Commander’s track specific items – Alert operator when some condition occurs • Provides the task organization – Organizes units to perform a mission 8
MCS Enhancements MITRE • Common Object Request Broker Architecture (CORBA) – More use of CORBA internal to MCS • Extensible Information Systems (XIS) – Data Source Interface (XML, SQL, etc to common format) – Info-aware Java Bean • Java Common Tactical Picture (J 2 EE) • Web services – Symbology manager – XML • Informix Enterprise Replicator (IER) – Used to replicate the common database across the network 9
MCS Security Functionality MITRE • Security is not designed into MCS – Security is provided through use of IA tools (TCP Wrappers, SPI, SWATCH) for MCS Heavy (UNIX) only – IA Tools as a security overlay – No mechanism for remote configuration or monitoring of IA tools • Alerts remain on the local host • Use of OS security guidance – UNIX configuration guidance is followed – Currently applying Windows 2000 security guidance 10
MCS Security Operations Suite MITRE • TCP Wrapper: Prevents external intrusion via FTP, invalid CORBA clients, ‘cracking’ the network, etc. • Change Detection Tool: Verifies integrity of executable files and scripts by monitoring exact file size and date • Swatch: Monitors Log files for suspicious or invalid events • Mc. Afee: Virus Scanner 11
MCS IA Issues/Challenges MITRE • Currently no mechanism to enforce a security policy across MCS systems ( UNIX/NT) • Data proponency/access control not addressed • Authentication of messages is critical – Numerous challenges with use of PKI in tactical environment • Alert analysis and response needs to be automated, and addressed to the host level to determine mission impact 12
FBCB 2 Overview MITRE The principal Digital Command Control System for the Army at Brigade and Below. Consists of ruggedized COTS Appliqué hardware consisting of a 500 MHZ Pentium computer with 128 MB RAM and a 4 Gbyte Hard disk and a USB port. No external media (CD or floppy disk) is included. FBCB 2 software provides Situational Awareness, C 2 messaging and Battle Command tools. Integrated into most platforms at Brigade and below, as well as appropriate Division and Corps slices necessary to support Brigade operations. Interconnects platforms through a communications infrastructure called the Tactical Internet, based on commercial IP and made up of existing EPLRS and SINCGARS radios and the INC router. 13
FBCB 2 Enhancements MITRE • Pure IP Networking – Challenge: Agents specific to radio nets – Benefit: Network/Comms independence • XML based message processing – Challenge: Bit oriented messages (JVMF) – Benefit: Flexibility, format, open standards • Database merge capability – Challenge: Databases take months to build – Benefit: Capability to merge databases • More platform independence – Solaris X 86 currently – Migrating to Linux possibly Windows – Lynxs Real Time OS 14
Dismounts Iridium MILSATCOM MITRE Sanctuary CONUS PDA Wireless LAN PDA 15
FBCB 2 Security Functions MITRE • Most network protocols disabled – ftp – http • Software security protection to prevent uncleared users from receiving secret data. • Password protection • Investigating use of Biometrics • Remote disable – Lockout – Zeroize • Security extensions protocol to allow for use of digital signatures for security messages only ( remote disable) • Security logs • Closed System – No external media – No console windows 16
FBCB 2 IA issues MITRE – Network is secret, uncleared users are required to use the systems on the network – Most systems are left unattended even though they should never be or run the risk of being overrun. Users have to be periodically re-authenticated. • Tradeoff between authentication process/security and user frustration interaction without confining movement – Use of Solaris X 86 has limited the availability of add-on IA Tools • Port to LINUX may offer more options – Need authentication of all command control messages – Dismounted (PDA) Purge tools • Flash memory • Determine that it has been compromised 17
MITRE Questions? ? 18
Скачать презентацию Army Battle Command System Overview Marie Collins mcollins mitre
16f3ab0a0c396191a2af221bac8c156a.ppt