WASHINGTON — The U.S. Army program office responsible for developing defensive cyber tools is beginning to field a new platform to installations.
Col. Mark Taylor, the project manager for defensive cyber operations at Program Executive Office Enterprise Information Systems told C4ISRNET that the new platform — called the Garrison Defensive Cyber Operations Platform — is heading to the war fighter in the next year.
A spokesperson for PEO EIS said the platform allows for integration into the global enterprise fabric, an Army enterprise computing environment, and will allow soldiers to work remotely. The Garrison effort started in early 2016, and the platform is being fielded to the Project Manager Defensive Cyber Operations' Cyber Platform and Systems office.
Also in the works at PEO EIS, which has an annual budget of $4.3 billion, are plans to stand up a new network to help cyber defenders collaborate with development teams to fix technological issues while in the field. The new network, called the Defensive Cyber Operations Development Environment Network, will be stood up in the next year, according to Lt. Col. Peter Amara, product lead for applied cyber technologies. The team is still working on the architecture of the platform.
“It is a network or an infrastructure that’s supposed to enable our deployed forces to collaborate with development teams back here and industry and academia, etc.,” Amara told C4ISRNET in an interview before the annual Association of the U.S. Army conference. “When we have teams go out on mission and they encounter issues or problems, how do they talk back to developers to ensure that we actually fix, remediate, take care of that issue immediately without them, you know, actually coming back here before that issue is corrected?”
The Forge and the Armory
Another project under Project Manager Defensive Cyber Operations is the Forge. It was stood up a few years ago to quicken acquisition and innovation while building a stronger relationship with industry. In its first year, the Forge downsized a defensive cyber kit from 100 pounds to a deployable platform that could fit into an airplane’s overhead bin. In the last year, the Forge delivered another dozen software prototypes, Amara said.
The Forge works closely with another little-known project manager capability, called the Armory, which serves as storage for software tools developed by the Forge. When the Forge develops patches for software products, it’s the Armory that installs them.
“This central repository makes it much easier for the [program manager] to work with the the operational forces to keep that weapon system up to date,” Taylor said. “It also provides cost-control measures: Instead of having all those weapons systems all deployed out, we can effectively and efficiently use our resources to provide the cyberwarriors that are out on mission with the most up-to-date capability possible.”
The Armory operates like a traditional arms room for an infantry battalion, but instead of storing weapons, it keeps the deployable defensive cyber operations systems kits. At the Armory, the kits' software and hardware are maintained so they are ready for deployment. That includes updating licenses, patching software, ensuring proper configurations and repairing some of the hardware that might come back from a mission in disrepair in order to ensure that when the system needs to deploy again, it’s ready.
“All that needs to be on the right configuration so it’s all working together properly, [because] when a soldier or cyber defender is out on mission, it could be for an extended period of time," Taylor said. “When that system comes back, It probably needs to be looked at and maintain[ed].”
The Armory fielded more than 100 requests for the deployable defensive cyber operations kits during the coronavirus pandemic, Amara said. “We want to lean forward and do more" by fielding the kits across the regular Army, Reserves and National Guard, he added.
Because it bridges the gap between the Forge and operational forces, the Armory also plays a “critical role” in gathering soldier feedback on systems, Amara said. He explained that when cyber defenders return kits to an Armory location, his team knows the tools that soldiers used, how much they used them, what worked and what didn’t work, and then use that information for future software development cycles.
“By virtue of that contact with the cyber defenders, the Armory plays a critical role as that customer feedback interface for the Applied Cyber Technologies office. Really integrating the Forge with the Armory, the Forge has been able to respond rapidly to the needs of cyber defenders. As those kits are looked at, information that is generated from that process is then sent back to the Forge, [so] if there’s something that we need to develop quicker to make sure that the latest version of the software is enhanced on the kits for the next mission,” Amara said.
Industry and COVID-19
Since its establishment, the Forge has relied on vendors coming to Fort Belvoir, Virginia, to demonstrate products. But the COVID-19 pandemic accelerated a process that leadership at the program office already wanted to implement: virtualizing the demonstration process to protect soldiers, acquisition officials and industry from illness.
But a lot of that meant vendors physically coming to Fort Belvoir to showcase their products. Still, the pandemic has driven more vendors pitch their solutions.
“Now we’re setting up a way to virtually meet with these stakeholders," Taylor said. “That has really opened up the aperture and reduced the barriers to entry on innovation and collaboration, where a lot of vendors that wouldn’t normally have the money and the time to pay somebody to come meet face-to-face, now they can meet virtually to show us the capabilities they have to meet whatever requirements that we need to fill.”
During the pandemic, vendors are using an outward-facing platform hosted by the Forge where they can input their code for evaluation.
“They can actually input it into our pipeline, and it will go through our DevSecOps process,” Amara said. “And then we can see if the tool works, first of all, with any of our systems and where it’s broke. If it doesn’t make it to the end state, we can then, you know, send it back to the vendor.”
Andrew Eversden covers all things defense technology for C4ISRNET. He previously reported on federal IT and cybersecurity for Federal Times and Fifth Domain, and worked as a congressional reporting fellow for the Texas Tribune. He was also a Washington intern for the Durango Herald. Andrew is a graduate of American University.