Slide 1

An Open Architecture/Open Business Model Solution for Multi-Level Collaborative Environment

Kent LindellTodd MaxcyMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(1)Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Mission Integration SystemsMission systems engineering and integrationHigh assurance and mission critical software and hardwareHigh performance computing Platform integrationMission planning and management systemsTraining and simulation systems Unique production and repair Advanced Mission ComputersCommon Display System (CDS)Common Network Interface (CNI)Data Storage SystemsJoint High Speed Vessel (JHSV)Independence-Class Littoral Combat Ship (LCS)SSBN / SSGN Weapon SystemSubmarine Weapon Control System (WCS) and Tactical Control System (TCS)Surface Electronic Warfare Improvement Program (SEWIP)CapabilitiesKey Solutions and Programs

Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)

Platforms

Operation Centers

Networks General Dynamics C4 Systems: Platform Security SolutionsCyber and Mission Assurance solutions Core-to-EdgeHigh assurance security solutions for all warfighting platformsSystem security engineeringSecurity architecture, design, and IntegrationRisk managementCertification and accreditationNSA Type 1, FIPS 140-2DIACAP, NISCAP, DoDIIS, SABI/TSABI Unified Cross-Domain Management OfficeST&E and CT&E testingSystem anti-tamper (AT)Key products and technologiesMulti-level and cross-domain network solutionsData-at-rest encryption Key and identity management solutions Avionics and tactical Comms encryption High-speed IP (HAIPE), ATM, and SONET encryptors Family of Advanced Core Cryptographic Technologies (FAC2T)

Products

Security For:

Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)October 11, 20103GDC4S is world class in information assuranceExample: The ability to optimize applications to the network with seamless security. Secure Avionics General Dynamics C4 Systems has been designing and building Type 1, high-grade, programmable encryption systems for major aircraft platforms and mission planning for over 15 years Embedded AIM is a programmable, embeddable, VLSI chip that provides high-grade, high assurance cryptographic capability for virtually any communications or data handling device. sCore is a cryptographic architecture that consists of software cryptography executing in a highly secure manner on COTS hardware.Encryption GDC4S has a world class family of encryption products including Taclane, the leading Type 1 encryptor.Key Management GDC4S provides the most trusted certificate management infrastructure to verify the identity, authority and integrity involved in each transaction. Messaging Systems GDC4S provides military and commercial users comprehensive and secure electronic messaging for all classifications from unclassified to sensitive to SECRET from the convenience of a workstation. Wireless/wireline products General Dynamics C4 Systems provides a secure wireless and wireline product line with hardware and software architecture that protects information classified Top Secret and belowfor the Department of Defense. We also make a line for commercial customers with cryptography and key management appropriate for sensitive but unclassified industrial and commercial use. vIPer - Sectra vIPer universal secure phone provides the latest technology for secure, end-to-end Voice over IPand PSTN networks.Using SCIP/FNBDT signaling and commercial open standards, it iscertified to protect information classified Top Secret and below. The vIPer phone is a cost-effective STU/STE replacement.Secure Mobile Environment The Sectera Edge Smartphone was developed under theNational Security Agency's Secure Mobile Environment Portable Electronic Device (SME PED) contract. The Edge is a handheld device for government, military and homelandsecurity, which will provide securewireless voice and data communications, includingaccess to SIPRNET/NIPRNET, e-mail,instant messagingand file viewing. IFF The IFF systems we develop are being deployed as part of the worlds most advanced fighter aircraftG.H.O.S.T. (General Dynamics High Assurance Open Scalable Technologies): The entire family of Enterprise Security Solutions where HAP falls under. GD will have there own derivative technologies of the government programs we have worked on. There are three technologies under G.H.O.S.T:Trusted Network Environment - TNE(R)Trusted Virtual Environment - TVE (HAP Derivative)Trusted Embedded Environment- TEETNE - TNE is a scalable suite of Multi-level Security (MLS) applications, servers, databases, gateways and services. It allows integration of an enterprise into a single network.

Transition to Net-Centric Collaborative WarfareSNAP enables collaborative tactical network operationsand assured interoperability

Support for IP data links and MANETSupport for link translationsSupport for computer network defenseSupport for QoS and traffic managementSupport of collaborative warfare applicationsSupport for service oriented architecturesSupport for border services and network aware applicationsSupport of multi-level securityNeed to protect legacy environmentSupport for HAIPE Black NetworksTraditional Warfare Collaborative WarfareMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Secure Network Architecture and Processing (SNAP) IntroductionSNAP provides a robust high assurance information assurance infrastructureProvide a MLS Network supporting MILS/MLS processingBased on secure labeling which is cryptographically boundCore Trusted Security Engine (TSE) is reused across the multiple security elements providing mandatory access controlSNAP benefitsProvides Open Architecture/Open Business modelAllows applications to be ported without the knowledge of underlying securityLeverages COTS industry investmentReduce system costsReduced certification costs and risksLow SWaPScalable solutionProvides a very flexible IA infrastructureMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)SNAP MandatesGuiding Principles/IssuesGeneral DynamicsApproachBenefitCertifiableSupport cost sensitive platformsSupport incremental IA additionsProvide IA flexibility to meet large number of mission profilesCertified HA security elementsLoosely coupled architecture Standards basedReduced certification costsReduced logistic cost due to reuseAllows incremental IA additions based on fiscal realityChange IA paradigm Mission Enabler ConfigurableSupport wide variety of platforms - UAV to Surface/SubLow SWaP architectureMezzanine based security elementsCOTS-based network/ processing elementsStandards basedReduced NRE cost due to reuse of architecture across multiple platformsRisk reduction due to reuseReduced scheduleScalableSupport advance platforms and legacy platformsSupport for economical technology insertions1Gbps / 10 Gbps COTS based network/ processing elementsRe-use certified HA security elementsAffordably increase system capability to meet changing requirementsMinimize obsolescence riskHigh assurance infrastructure that is: certifiable, configurable, and scalableSNAP Guiding PrinciplesMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Security Segregation Enables a Cost Effective IA InfrastructureInformation Assurance SegregationCOTS/NDI base cards provide basic functionalityHigh assurance functions provide by separate composable, loosely coupled HW and SW elements. Coupling to COTS occurs over open interfacesAllows evolutionary, scalable approach and minimizes recertification costsCan add / upgrade processing elements with mitigated impact to deployed systemsCOTS/NDIHigh Assurance (HA)Platform CustomizedLegend:MLSSwitchMLSHAIPEPlatformCDSMLSNICOpenNetworkInterfaceCOTS Processor

PlatformCDSMLSNICMILS &MLSProcessingCOTS ProcessorBlack Router& LinkControllerCOTS ProcessorMLSNICOpenPlatformInterfaceCOTS ProcessorI/OMezzI/OModuleMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)

Command and Control

Tactical Platforms

5th GenerationPlatforms

Small Form Factor

Scalable and Configurable for Airborne, Sea, Land, and UnderseaArchitecture must be scalable, configurable, reprogrammableand flexible to support the legacy to net-centric missionMLS NICMLS Switch HA Composable ComponentsMLS HAIPE

Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)

High Assurance Multi-Level Platform Solutions:CertifiableConfigurableScalableMLS NIC and MLS SwitchLabeled IP OptionComputer Network Defenses (IPS, Firewalls)SOA ComponentsTranslations SoftwareNetwork ManagementSignificant SWaP BenefitEnabler for Support of High Number of Security EnclavesEncrypted StorageMinimal Declassification TimeSupports mobile classified dataFlexible approaches for new solutions or major modificationsScalable processingScalable mass memoryVirtualized processing functionsSecure Network Architecture and ProcessingCross Domain SolutionGuards, Diodes, Graders, Down GradersNecessary for moving data into MLS ApplicationsTransfers data from System High to Multi-Level EnvironmentTactical BrowserSecure OS AgnosticProcessor Agnostic x86 or PPCMaximizes the Processing EfficiencyReduction in costs by consolidation of processorsMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Secure Network Architecture and Processing Notional Tactical ImplementationAdding net-centric computingto legacy platformsNet-centric applicationsIP-based functions enable cross platform translationDistribution of data increases effectivenessMinimize impact to legacy platformsNet-Centric applications can be supported with the supplemental processingScalable functionsSNAP architecture enables control points for computer network defense SNAP is an evolutionary, high-speed, low-latency, multi-level solution

Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Notional Wide Body C-2 Platform Implementation

Support for legacy networksCan incrementally add multi-level infrastructureCan leverage existing capabilitiesSupport for sensors and roll-on palletsCan support single level or multi-level roll-on applications by setting MLS Switch security policy appropriatelyCan support single level legacy sensors or new multi-level sensor by setting security policy appropriatelyMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)SNAP Supports Spiral Security Insertionsto Support Fiscal ConstraintsIA infrastructure enables collaborative information exchangeAn evolutionary secure networkarchitecture allows affordable securitytechnology insertionsFramework to support current andfuture applications; e.g., collaborativewarfare applications such as NCCTMLS Architected-System HighModerate Collaboration WarfareADD: MLS HAIPE, MLS Switch, HA Control Interface SoftwareADD: HA SK, MLS NIC, Multi-Level WorkstationSwitchOpenNetworkInterfaceCOTS ProcessorCOTS ProcessorRouter& LinkControllerCOTS ProcessorOpenPlatformInterfaceCOTS ProcessorI/OModuleCOTS/NDIHigh Assurance (HA)Platform CustomizedLegend:MLSSwitchMLSHAIPEPlatformCDSMLSNICOpenNetworkInterfaceCOTS Processor

PlatformCDSMLSNICMILS &MLSProcessingCOTS ProcessorBlack Router& LinkControllerCOTS ProcessorMLSNICOpenPlatformInterfaceCOTS ProcessorI/OMezzI/OModuleCOTS/NDIHigh Assurance (HA)Platform CustomizedLegend:MLSSwitchMLSHAIPEPlatformCDSOpenNetworkInterfaceCOTS Processor

PlatformCDSMILS &MLSProcessingCOTS ProcessorBlack Router& LinkControllerCOTS ProcessorOpenPlatformInterfaceCOTS ProcessorI/OMezzI/OModuleCOTS/NDIHigh Assurance (HA)Platform CustomizedLegend:High Collaboration WarfareMilitary Aviation Architecture Conference September 21-22, 2010RCC-2825(#)General Dynamics MLS EffortsPlanned assurance levelsType 1 for HAIPEHigh robustness, high assurance for key TSE components of the architectureType 1 for data-at-rest

Trusted labeling studyPerforming on contract for trusted labeling investigationResearching existing trusted labeling and make recommendations on modification to support a standardized approach to multi-layer secure networksSeeking to harmonize labeled network, internal research and development with trusted environment

Active member in FACE Consortium

Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Technology DemonstrationJoin us in the exhibit areaSNAP demonstrationhighlights the operationalbenefits of high-assurance,multi-level, networksolutions ideal for SWaPconstrained platformsSNAP extends recent advancements in multi-level computing to the network, including high-assurance, multi-level network encryptionIncludes General Dynamics Close Air Support and situational awareness applications running on MILS COTS processors

Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)Points Of Contact TechnicalKent Lindell952-921-6328kent.lindell@gd-ais.com

Michael Hohman480-441-6861michael.hohman@gdc4s.com

All other product and service names are the property of their respective owners. Reg. U.S. Pat. & Tm. Off. Business DevelopmentMark Grovak952-921-6115mark.Grovak@gd-ais.com

Tom Plachecki480-441-8477tom.plachecki@gdc4s.com Military Aviation Architecture Conference September 21-22, 2010RCC-2825(#)15MLSNetwork

Sensors

Roll On Apps

Single Level Inputs

Sensors

HAIPE

EncryptedNetwork