23 December 2017

Army’s new cyber requirements will be based on battlefield needs

By: Mark Pomerleau 

The Army is changing the way it buys cyber solutions as a way to get new technologies – especially those based on battlefield needs - into soldiers’ hands faster.

“There’s been a fundamental shift inside the Army on the way we try to do acquisition,” Maj. Gen. John Morrison, commander of the Cyber Center of Excellence, said during an event hosted Dec. 13 by the Association of the U.S. Army in Arlington, Virginia.

In the past, requirements for new solutions were too prescriptive and technical, often outlining maximum and minimum standards solutions had to meet at the extreme ends of each spectrum.

“You’re not going to see requirements documents coming out of the Army, at least for the foreseeable future, that are very technical in nature saying we want to be able to do this, this and this up to 5k, very, very prescriptive requirements,” Morrison said. “What you’re going to see inside these documents are operationally based requirements. This is the operational effect that we are trying to achieve.”

One way this is bearing out is with the Army’s cyber protection brigade. Morrison said the requirements and doctrine writers are embedded inside those operational units to see what operators are doing and then codifying those in requirements documents and in doctrine.

He added that the focus going forward is to put capabilities into the hands of soldiers in order to get feedback and refine requirements form there. Gone are the days of trying to “hit a home run with a monolithic program of record that takes 10 years” to build, he said. The Army is going to follow a “buy, try, decide,” approach instead.

This philosophy will allow the Army to do iterative development within the technology space — think cyber and the Army’s communication’s network — where solutions and capabilities are continuously changing.

When it comes to the network, the Army has charted out an “adapt and buy” strategy, that seeks to leverage capabilities that already exist and get them to operational units on the fly.

“In this space everything is going to be evolving over time and we’ve got to have that inherent flexibility … because, quite frankly, our adversaries are not following the [Joint Capabilities Integration and Development System] and locking in a program of record for the next 20 years. Neither can we,” Morrison said.

Officials, especially when talking about the network, have hinted at doing away with large programs of record that not only take a long time to write requirements for, but take years to field and can lead to vendor lock making inserting programmatic updates difficult.

“This idea of a program of record is going to migrate to a standards-of-record kind of mindset,” Lt. Gen. Bruce Crawford of CIO/G6, which heads Army network modernization, told reporters Oct. 9 at the Association of the U.S. Army’s annual conference.

“That allows us to take advantage of open architectures. It allows us to take advantage of other commercial and industry standard vice this program of record mindset that we’re going to field for 35 or 40 years in our formations.”

No comments: