July 26, 2022
The vision of hardware interoperability at the tactical edge, from air platforms to ground vehicles to base stations, is now being realized. Because MOSA [modular open systems approach] is an approach and not itself a standard, solutions that support this vision can be achieved through many different means as long as interfaces and communications protocols are based on open standards. There remains a key area to address, though, to achieve seamless interoperability between heterogeneous systems. Consider, for example, the Sensor Open Systems Architecture (SOSA) Technical Standard: While most aspects of sensor processing system architectures are well-defined within SOSA, one area that has not been rigidly defined is the network configuration and operational environment of individual cards and modules.
The embedded system industry is at a turning point now that it can provide government customers with true modular open systems approach (MOSA)-based hardware for warfighter communications in a variety of hardware form factors, from ultra-compact line replaceable units to the VITA standard- based rugged chassis and plug-in-cards (PICs) aligned with standards such as SOSA [Sensor Open Systems Architecture]CMOSS [C4ISR/EW Modular Open Suite of Standards] and OpenVPX.
Most PICs support user-defined configuration and options via the software and firmware and many cards in the same profile will likely support similar functionality. While the VICTORY [Vehicle Integration for C4ISR/EW Interoperability] The standards body has attempted to consolidate and standardize on some status communication it will inevitably not cover every configuration option available from every vendor. As an example, a PIC conforming to the data/control plane switch profile may be powered by Cisco, Broadcom, or Microsemi switching ASICs [application-specific integrated circuits] that use different command sets or configuration languages. The commands required to assign a port to a VLAN [virtual local area network] are different for these vendors, and while that is a simple example, a full network configuration might reasonably require a highly trained person with professional-level IT certification in those technologies. Engineers with this level of expertise typically have more than five years of professional experience, yet still require months (or in some cases years) of vendor-specific training.
The goal of MOSA and the SOSA standard is that, in the near future, a SOSA conformant switch that uses a particular profile can be swapped out for any other SOSA conformant switch that uses that same profile. (Figure 1.) While the industry is rapidly approaching the realization of this goal for hardware, considerable work remains on the software and configuration side to make this vision a reality. What is needed is a configuration “Rosetta Stone” that can take the system designer or operator’s functional requirements and seamlessly configure the disparate hardware installed in the system.
[Figure 1 | Shown: MOSA-style hardware in an Army SAVE-compliant mounting frame. Standardized A-Kit/Vehicle Envelope [SAVE] is a physical SWaP [size, weight, and power] connector standard for fielding C5ISR capabilities.]
A unified network communications management solution eliminates the need for the customer to know how to configure network hardware from multiple vendors, whether from Cisco, Broadcom, or Microsemi, for example. Instead, with the unified network communications management taking care of network configuration translations, the end customer only needs to know what the mission is, while the system-management software handles all configuration language tasks.
Without a unified network communications management solution, it requires much time, effort, and expertise to configure the different configuration languages so they can share data and inter-communicate on the battlefield. Network personnel must be trained and educated – and reducated – to keep up with the fast-changing world of network communications and how a particular device functions. In addition, it takes a nontrivial amount of time to integrate that network device into an existing system. What’s needed is an overriding piece of software that can handle the numerous and important discrepancies that exist between network configuration languages used by different network vendors.
The purpose of MOSA, and we can use SOSA as an example, is to enable far more rapid deployment of new capabilities to the warfighter. In the case of SOSA, the goal is to deliver new algorithms and sensor-processing capabilities to the field more quickly by defining interoperability at the module and system level. The challenge of configuring and managing a polyglot environment of network configuration languages can introduce a significant weak link – one that adds unwanted time delays, costs, and personnel requirements – into the goal of interoperability.
Without a unified system management solution in place to “translate” disparate network languages, regardless of how effective and open standards based the rest of the battlefield communications hardware might be, the polyglot reality of heterogeneous hardware can introduce detrimental stress points.
What’s more, embedded standards are now increasingly looking to use high-assurance software, a move that promises to dramatically increase costs and reduce options for government customers. If every aspect of system management needs to go through aerospace software-level certification, the costs for military software could rise by hundreds of millions of dollars. A true modular open system approach that extends to network operations software would allow for a design whereby software modules or components are held to appropriate Design Assurance Level (DAL) for their role in system operations. Network functions, such as visualizations and indications, and log viewers, etc., are not critical since they are essentially a translation and view layer that resides over the top of the software or firmware running on the PICs. Designs such as this will enable government and industry to use rapid-development techniques such as Agile and DevSecOps to speed time to market and reduce cost, while true safety-critical systems can use the often slower, more costly development methodologies to achieve higher DALs.
While there are efforts such as VITA 46.11 to introduce system-management standardization into CMOSS and SOSA chassis, those standards don’t (or are unlikely to) apply to non-VITA-standard based MOSA equipment. Providing an interface layer that can handle all of the various network configuration languages and support multiple sets of equipment will become increasingly important. Imagine a soldier who is assigned to a Stryker vehicle for a particular engagement and is expected to operate the communications equipment on that platform. In the next engagement, the same soldier may be assigned to another vehicle that has different comms equipment onboard. By providing a common unified network operations framework, a soldier can be equally effective at their job regardless of the communications hardware instantiation associated with any particular vehicle.
An example of a proven and fielded unified network communications management software solution is Curtiss-Wright’s PacStar IQ-Core Software package, which has been successfully deployed across Army PEO C3T. (Figure 2.) This “single-pane-of-glass” interface can manage a wide range of communications equipment in a multitude of hardware form factors from multiple vendors, and continually adds support for additional devices. As industry moves toward virtual functions, we are seeing a need for more general-purpose computing in the field. PacStar IQ-Core Software can manage virtual functions, regardless of the MOSA general-purpose computing hardware being used. PacStar IQ-Core Software can manage this. Its toolset includes open standards such as SSH, SNMPv3, HTTPS, along with published APIs – including APIs for web services such as REST and SOAP – to interface with various elements of communications equipment.
[Figure 2 | PacStar IQ-Core Software demonstrates its capabilities as a single-pane-of-glass for unified network communications management.]
Without a unified network communications management solution, personnel must develop expertise in all of these network standards and APIs or configure alternate tools. Moreover, all of these tools are constantly updated, making it essential, too, that users have to be constantly retrained and educated on upgrades and changes to these tools. A unified network communications management solution eliminates the need for that never-ending education and training cycle.
The single-pane-of-glass approach enables users to be agnostic when it comes to learning network-configuration languages since they don’t need to become fluent in every single one. An independent research company conducted a user study to measure the impact of using a unified network communications management solution to configure and manage complex networking equipment. In the study, twenty-two untrained end users were asked to perform the same two tasks, once using PacStar IQ-Core Software and once using the equivalent manual method (eg, command line). The results showed that using a unified network communications management solution to do these tasks greatly improved the participants’ ability to complete them successfully, and drastically reduced the time spent, errors committed, and support needed. This was true regardless of the person’s level of computer and networking expertise. Using unified network communications management software, participants:
- Performed the VPN setup task 10 times faster and the backup task 2.5 times faster
- Had nine times fewer errors
- Were twice as successful in completing both tasks in the allotted time
- Felt twice as confident about performing other tasks on the equipment
One of the next things for the industry to consider and for customers to be aware of is that the system-management problem is critical for realizing the promise of the MOSA model. If extrapolated horizontally across disparate hardware types, a unified network communications management approach enables a path for realizing the goal of network communications interoperability in heterogeneous environments. Using an intuitive user interface makes communications setup and operation quick and easy to learn; reduces configuration errors by assisting organizations in maintaining uptime, performance, and compliance with cybersecurity requirements; and simplifies troubleshooting with tools for both entry-level and advanced network administrators.
Dominic Perez, CISSP is the CTO at Curtiss-Wright Defense Solutions and a Curtiss-Wright Technical Fellow; he was with PacStar since 2008 and joined Curtiss-Wright through its acquisition of PacStar in 2020. Dominic currently leads the teams developing Curtiss-Wright’s PacStar Commercial Solutions for Classified, Modular Data Center, and Tactical Fusion System product lines. Prior to PacStar, Dominic worked for Biamp where he created automated testing infrastructure for the hardware, firmware, and software powering its network distributed audio, teleconferencing, and paging systems. Dominic studied mechanical engineering and computer science at Oregon State University. He currently holds multiple professional certifications from VMware in Data Center Administration; Cisco in Design, Security, and Routing/Switching; and EC Council and ISC2 in Security.
Curtiss-Wright Defense Solutions