The challenges faced by the Canadian Armed Forces (CAF) vary greatly from one theatre to another. Different types of adversaries require altered unit command strategies. The Afghanistan campaign demonstrated that static headquarters (HQ) can be effectively used against non-peer enemies with limited offensive capability (i.e., Taliban, Al-Qaeda, etc.). Today’s Ukraine conflict, however, proves static headquarters are vulnerable to near-peer enemy weaponry.
Dispersed headquarters (DHQ), with communication and technology components distributed across armored command units, can successfully alleviate static HQ deficiencies. DHQs eliminate a single-point-of-failure, provide redundancy, reduce the probability of detection, and thwart enemy targeting.
DHQs solve a number of concerns associated with static HQs, but simultaneously introduce a new set of challenges. Today’s dispersed unit operations are subject to connectivity and bandwidth limitations. These Denied, Degraded, Intermittent and Limited environments experience recurrent connectivity interruptions from the broader network. Environmental factors, such as space, temperature, and humidity, guide SWaP (Size, Weight, and Power) hardware specifications, and require rugged solutions. Battlefield agility and continuous command vehicle mobility demands reliable and seamless connectivity through a variety of secure spectrum communications and unclassified & classified network transports.
Present-day warfare introduced new concepts, methods, and technology. Combatants adapt technology to preserve their battle worthiness, yet modernization does not come without a cost. Technology impacts combat training requirements and can increase preparation complexity. The transition from analog to digital warfighting exposes units to security and cyber threats. Limited access to specialized hardware and software, however, impedes training results and affects proficiency. The digital warriors of today and tomorrow need realistic training which enables them to fully realize the benefits of digital Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) systems on the battlefield. The CAF requires solutions to train the way they fight, whilst protecting themselves from an ever-changing analog- and cyber-threat landscape.
Tactical Network as a Service (TNaaS)
Without a doubt, CAF's combat power is technologically dependent. Integrated solutions from General Dynamics Mission Systems–Canada, and cloud service providers, can address challenges associated with DHQs, training, and cyber threats. The CAF can utilize General Dynamics' Tactical Network as a Service (TNaaS) solution and extensive mission system integration expertise for global network solutions and security services. In a dispersed headquarters context, integrating cloud services can provide an edge-to-HQ digital information environment for the warfighter in the modern battlefield.
DHQ: Example Use Case (Tactical Network as a Service (TNaaS) with Amazon Web Services (AWS))
As demonstrated at CANSEC 2023, General Dynamics’ TNaaS solution can enable seamless operations between the battlefield and headquarters. Using the Amazon Web Services (AWS) Global Cloud Infrastructure network in our demonstration, we showed how our system improves connectivity from theatres to overseas bases or national headquarters.
Dispersed headquarter units can connect via Low Earth Orbit (LEO) satellites, tactical radios, or LTE connection through a Virtual Private Networks (VPN). As demonstrated in our use case, overseas bases or national HQs can leverage AWS Direct Connect to establish a dedicated cloud infrastructure network connection, without using the internet. In locations where private networks are unavailable, there are services like AWS Global Accelerator which provides access to the congestion free AWS global network and its deterministic routing to AWS Regions.
Data ingested into AWS Regions can be securely stored across three or more redundant Availability Zones. Availability Zones consist of one or more discrete data centers with redundant power, networking, and connectivity. They provide scalable and elastic computing resources, and a rich variety of native AWS services (i.e., AI/ML, Analytics, Backup, Security, etc.). AWS Identity and Access Management (IAM), detective controls, infrastructure security, data protection, and incident response mechanisms enable security-zone modelling and Defense-in-Depth strategies.
TNaaS – Cloud-to-Edge Continuum
TNaaS embraces the cloud to edge paradigm leveraging an Internet of Things (IoT) solution. At the edge, TNaaS could, for example, deploy an AWS Snowball Edge. These rugged edge compute devices are low-weight (49 pounds), tamper resistant/evident, data secured (256-bit encryption), Airdrop-able (handle up to 200 G impact), and meet CCCS Medium, FISMA High, FedRAMP, ITAR, CJIS and US DoD SRG impact level 4/5/6 requirements. TNaaS can use Snowball Edge devices for command unit data persistence and processing, leveraging Snowball Edge secure AWS cloud connectivity to share data. Upon regional ingestion, data becomes available for Machine Learning (ML) inference, and analytics. With TNaaS, CAF can make strategic, data-informed decisions, increasing battlefield situation awareness, and improving tactical edge mission operations.
In light of CAF’s heightened cyber-security requirements, TNaaS could, for example, leverage the AWS Trusted Secure Enclaves (TSE) Sensitive Edition (SE) architecture. TSE SE was designed in collaboration with national security, defense, law enforcement, as well as federal, provincial, and municipal government representatives. The architecture deploys strict security and compliance controls, and was created to align with sensitive and protected level security frameworks such as NIST 800-53, ITSG-33, FEDRAMP Moderate, CCCS-Medium, and Controlled Goods Program (CGP). With TSE SE, CAF always remains in control of their data, and benefits from the architecture’s consistent alignment with cyber-security and compliance requirements.
Data residency and interoperability – Extending the Cloud to on premises
As a NATO and Five Eyes Alliance (FVEY) member, CAF shapes its C4ISR projects by the doctrinal ambition of Joint All-Domain Command and Control (JADC2). JADC2’s ambitious strategy aims to not just resolve interoperability challenges experienced with network-centric warfare technologies, it also addresses how data, coupled with artificial intelligence, will improve decision making. Interoperability challenges of network-centric warfare systems ask for a truly consistent hybrid experience and solutions that allow extension of cloud services to run on premises. AWS outposts running on TNaaS, for example, could provide a range of fully managed services delivering infrastructure and services to virtually any premises or edge location. In order to really benefit from information and intelligence produced by the many Land, Maritime, Air, Special Operations Forces (SOF) and Cyber capabilities, CAF could use a private cloud, like Outpost, as an on-premises compute, storage, and database resource which provides low latency, local data processing, and satisfies data residency needs. CAF can deploy TNaaS in close proximity to its information technology infrastructure to collect, examine, and return results to commanders and effectors.
Setting foundation for training
Modern warfare has surpassed boundaries as a consequence of fast paced technological advancements. Modernized military equipment enhances the operational effectiveness of man and machine. In addition to physical and psychological preparation, present-day training needs to cover high-tech weapon systems, specialist gear, surveillance, electronic and cyber warfare solutions. It becomes increasingly important to employ realistic and integrated training across all domains of warfare. While modern technology and expensive weapon systems and equipment are preserved for actual operation, it is essential to introduce the modern training aids that today’s science and technology can provide. TNaaS’ cloud integration, as well as its scalable, modular nature allow CAF to train the way it fights – using the same solutions and infrastructure, whether it’s at training base or in theatre. Unlike current settings, where consistent access to training environment is limited, training solutions built on the cloud are available on demand. The cloud infrastructure used for training can be decommissioned, and restored on a per-need basis.
Conclusion
The TNaaS solution, as demonstrated with AWS, offers a comprehensive and integrated approach to address the challenges associated with dispersed headquarters, training, and cyber threats. TNaaS ensures the integrity of the tactical network through resilient and secure data transfer. By leveraging broader global networks and security capabilities, CAF can establish seamless connectivity between the battlefield and HQ. Inspired by the Cloud-to-Edge Continuum, TNaaS makes use of rugged edge compute devices, to reliably facilitate data persistence, processing, and analysis at the tactical edge. Outposts extend AWS services to on-premises environments, where TNaaS can address the interoperability of data, forming a foundation ready for exploitation by artificial intelligence and advanced algorithms, and visualized through tactical applications. Ultimately, TNaaS, coupled with the AWS cloud in this demonstration, offers CAF the ability to train in realistic and integrated environments, giving on-demand access to sophisticated training aids, and reducing costs. Overall, General Dynamics provide CAF with the tools and capabilities to adapt to modern warfare challenges while maintaining security and maximizing operational effectiveness. With TNaaS, CAF gains improved situational awareness, enhanced decision-making capabilities, and better coordination of assets across all domains.