Enabled Capability and Security

in Military Federated Networks

NATO C4ISR Industry Conference & TechNet International 2014

Bucharest, 26 March 2014

AMN – Not a Federated Network The Italian Case

• The ISAF transportation network

has been implemented by NATO

prior to the deployment of the

national systems

• IFTS (Interim Force Tracking

System) devices have been

assigned to Coalition Forces to

grant interoperability with US

Commands

• At Brigade Command Post level,

interoperability with Italian FAS

(SIACCON) has been achieved

via NFFI gateways, standard

Ethernet connection and manual

procedures.

As a matter of fact, interoperability is obtained through system homogenization, not through

the integration of networks and orchestration of National Services

© Copyright Selex ES. All rights reserved 2

Information & Integration

Services

Communication

Services

(Layer 2)

(Layer 3)

Policy

Processes Architectures

(Layer 1)

Standardization

Info

rma

tio

n A

ss

ura

nc

eSe

rvic

e M

an

ag

em

en

t Co

ntro

l

Functional Area

Services

(Layer 4)

Users & Missions

(Layer 5)

From a Provider Network to Federated Networks

© Copyright Selex ES. All rights reserved 3

GIG

• No need of pre-existing infrastructure for

immediate deployment

• Use of National Assets

• Deconflict different technologies and

applications as the first step towards real

federated networks

• Sharing Collaborative Services

• Sharing Situational Awareness Data

Application Segments

From a Provider Network to Federated Networks

Seamless Solutions across Systems and Layers

Servizi diGestione

Servizi diSicurezza

Servizi di Rete

TRASMISSIONETRASMISSIONE RADIORADIO

QUALITQUALITÀÀ DIDISERVIZIOSERVIZIO

CORE IPCORE IPEXTERNAL NETWORKSEXTERNAL NETWORKS

MEDIATIONMEDIATION

OPERATING OPERATING SYSTEMSSYSTEMS

SICUREZZA SICUREZZA DELLE INFORMAZIONIDELLE INFORMAZIONI

GESTIONE DEI SERVIZIGESTIONE DEI SERVIZI

ASSISTENZA AGLI UTENTIASSISTENZA AGLI UTENTI

GESTIONE DI RETEGESTIONE DI RETE

Servizi di Infrastruttura

Servizi di Trasporto

CALLCENTER

SUPPORTOSISTEMISTICO

E DI SICUREZZA

FORMAZIONE

GESTIONE DEISERVIZI INFORMATIVI

GESTIONE DEISERVIZI DI SICUREZZA

FAULTMANAGEMENT

MONITORING

CONFIGURATIONMANAGEMENT

PERFOMANCEMANAGEMENT

APPLICATIONAPPLICATION COLLABORATIONCOLLABORATIONMESSAGINGMESSAGINGDISCOVERYDISCOVERY

REGISTRODEI SERVIZI

RICERCA EGESTIONE

DEI CONTENUTI

INFORMAZIONISUGLI

UTENTI

STORAGESTORAGE

POSTAELETTRONICA

MESSAGGISTICAMILITARE

STORAGE ONDEMAND

GESTIONEDEGLI

ARCHIVI

VIRTUALIZZAZIONE(HOSTING)

GRID COMPUTING

TELEFONIASU IP

APPLICATIONSSHARING

CONFERENZAAudio, Video,

Testuale

CONVERSIONEDI FORMATI

SUPPORTOIPv4

TUNNELINGSUPPORTO

IPv6IPv4 ↔ IPv6

GATEWAY

QoS FRAMEWORK

FIBRAOTTICA

SATELLITEPUNTOPUNTO

PUNTOMULTIPUNTO SICUREZZA DI RETESICUREZZA DI RETE

COMSECEncryption,VPN,NAT

SICUREZZA PERIMETRALE

GESTIONE CHIAVI

E CERTIFICATI

AUTENTICAZIONE

HIDS, NIDS

SICUREZZA INFORMATICA

Antivirus, Antispam,

Hardening

ACCOUNTING

TRANSEC

LEASEDLINE

Functional Application ServicesFunctional Application Services

(FAS) Area(FAS) AreaJointFAS

Administrative FASAdministrative FASOperative FASOperative FAS

MatitimeFAS

LandFAS

AirFAS

FinancialFAS

HealthFAS

LogisticFAS

JCOP

Servizi di Core

CROSS COI CROSS COI -- Value Added Value Added Services AreaServices Area

SPECIFIC COI SPECIFIC COI

6a

a-s

r100

073

-01

-i A1

11

0

Service Areas

Servizi diGestione

Servizi diSicurezza

Servizi di Rete

TRASMISSIONETRASMISSIONE RADIORADIO

QUALITQUALITÀÀ DIDISERVIZIOSERVIZIO

CORE IPCORE IPEXTERNAL NETWORKSEXTERNAL NETWORKS

MEDIATIONMEDIATION

OPERATING OPERATING SYSTEMSSYSTEMS

SICUREZZA SICUREZZA DELLE INFORMAZIONIDELLE INFORMAZIONI

GESTIONE DEI SERVIZIGESTIONE DEI SERVIZI

ASSISTENZA AGLI UTENTIASSISTENZA AGLI UTENTI

GESTIONE DI RETEGESTIONE DI RETE

Servizi di Infrastruttura

Servizi di Trasporto

CALLCENTER

SUPPORTOSISTEMISTICO

E DI SICUREZZA

FORMAZIONE

GESTIONE DEISERVIZI INFORMATIVI

GESTIONE DEISERVIZI DI SICUREZZA

FAULTMANAGEMENT

MONITORING

CONFIGURATIONMANAGEMENT

PERFOMANCEMANAGEMENT

APPLICATIONAPPLICATION COLLABORATIONCOLLABORATIONMESSAGINGMESSAGINGDISCOVERYDISCOVERY

REGISTRODEI SERVIZI

RICERCA EGESTIONE

DEI CONTENUTI

INFORMAZIONISUGLI

UTENTI

STORAGESTORAGE

POSTAELETTRONICA

MESSAGGISTICAMILITARE

STORAGE ONDEMAND

GESTIONEDEGLI

ARCHIVI

VIRTUALIZZAZIONE(HOSTING)

GRID COMPUTING

TELEFONIASU IP

APPLICATIONSSHARING

CONFERENZAAudio, Video,

Testuale

CONVERSIONEDI FORMATI

SUPPORTOIPv4

TUNNELINGSUPPORTO

IPv6IPv4 ↔ IPv6

GATEWAY

QoS FRAMEWORK

FIBRAOTTICA

SATELLITEPUNTOPUNTO

PUNTOMULTIPUNTO SICUREZZA DI RETESICUREZZA DI RETE

COMSECEncryption,VPN,NAT

SICUREZZA PERIMETRALE

GESTIONE CHIAVI

E CERTIFICATI

AUTENTICAZIONE

HIDS, NIDS

SICUREZZA INFORMATICA

Antivirus, Antispam,

Hardening

ACCOUNTING

TRANSEC

LEASEDLINE

Functional Application ServicesFunctional Application Services

(FAS) Area(FAS) AreaJointFAS

Administrative FASAdministrative FASOperative FASOperative FAS

MatitimeFAS

LandFAS

AirFAS

FinancialFAS

HealthFAS

LogisticFAS

JCOP

Servizi di Core

CROSS COI CROSS COI -- Value Added Value Added Services AreaServices Area

SPECIFIC COI SPECIFIC COI

6a

a-s

r100

073

-01

-i A1

11

0

Service Areas

Federated Architecture

Same services at different layers regardless

communication & networking technology

COMBAT

NET

RADIOS

BROADBAND

RADIOS

PERSONAL

RADIOS

MANET

FIXED

SEGMENT

DEPLOYABLE

SEGMENT

MOBILE

SEGMENT

AD-HOC

© Copyright Selex ES. All rights reserved 4

Application Segments

From a Provider Network to Federated Networks

Seamless Solutions across Systems and Layers

Integration

Adapting services to the actual

communication & networking “environment”

resulting in a “seamless” use of common

applications

Federated Architecture

Same services at different layers regardless

communication & networking technology

COMBAT

NET

RADIOS

BROADBAND

RADIOS

PERSONAL

RADIOS

MANET

FIXED

SEGMENT

DEPLOYABLE

SEGMENT

MOBILE

SEGMENT

AD-HOC

© Copyright Selex ES. All rights reserved 5

From a Provider Network to Federated Networks

Enterprise vs. Tactical

Enterprise Environment (Net-Centric Enterprise Services)

• Provides strategic and operational planning

• Unconstrained Bandwidth (>10Mbps)

• Stable Communications Infrastructure; no mobility

• Need to pass large amounts of data in a timely manner, QoS through bandwidth over-provisioning

• Need to discover and share data across disparate systems without developing new interfaces

• Works well for NCES enabling technologies (XML, HTTP, TCP/IP, SOAP, etc)

• Typically based on COTS Technology

© Copyright Selex ES. All rights reserved 6

B.de HQ

FOB

A AA

Tactical Environment

• Provides operational execution

• Constrained by low bandwidth (< 10/100 kbps)

• Different radio technologies

• Constrained by unstable, dynamic

communications networks and connections

• Needs information security and transmission

protection

• Only needs the relevant data for their Area of

Responsibility (AOR)

• Need to receive actionable information in a

timely manner that has immediate relevancy

• Based on military equipment and devices

Enabling Technologies: - Advanced Networking - Tactical MANET - SDR Technology

- Waveforms NG, - Legacies

- SOTM X and Ka Bands - Advanced BMS/SA - Protection - Sensors

3 x Land Brigades

Landing Force LDF

© Copyright Selex ES. All rights reserved

Selex ES – Italian MoD Forza NEC Experience on

Full Digitisation of Secure Deployable and Mobile Networks

Multi-layered – Heterogeoneous Technologies

7

Selex ES – An Unparalleled Portfolio

of Solutions and Capabilities

• The Italian Cyber Defense Capability system has been delivered and put

in service by Selex ES in 2013.

• Selex ES in now supporting Italian MoD in the evolution of the capability

framework to be integrated with NATO CIRC.

• Selex ES is supporting the Italian Government to set up the Cyber

collaboration framework at National (Country CERT) and Sector level

(MoD CERT; PA CERT, Critical National Infrastructure CERT, etc.)

Selex ES Company Confidential

Italian Cyber Defense Capability

ITA SDR

Program

• Develop Joint SDR Platforms

• Promote SDR activities in Italy and EU

ESSOR

• EU ESSOR SDR Architecture Leader

• Coalition HDR WF

JTRS MIDS

• Link 16 PA Design

• Terminal integration

EDA SCORED

• Radio market evolution lead

EDA WOLF

• Advanced communications for dismounted nodes in urban environment

WINTSEC• Civil applications

SDR Forum 2.0

• Member WINNF Board

• SCA Steering Committee, SCA-NEXT Team

NATO

• C3SNR SDR WG (5 nations)

• SDRUG

Three Tier CIS Solutions

Deployed Worldwide

In Operation in many theatres

Leader in SDR Technology

NATO, Proprietary and

New Generation Waveforms

Global Player for Information Security

NATO NCIRC Programme undergoing

© Copyright Selex ES. All rights reserved 8

INTEROPERABILITY and for

networks with high realibility and

capacity of links, limited topology

variation

Fit for tactical networks with

mission critical data/high mobility of

users and nodes/ unreability of

network links/Low capacity

BGP (Border Gateway Protocol)

OSPF (Open Shortest Path First)

PIM-SM...

Ad-Hoc Routing IETF-TACOMS

(Proactive Routing Protocols)

Below the Mb/s Bit rate

CNR, NBWF, WBNF, Soldier Radios

OTM operation

Above the Mb/s Bit rate

SR, LR LOS,SAT

ATS operation

Deployable Segment

Mobile Segment

AD-HOC REACTIVE

PCN Aware

Connection Oriented

Connectionless

Radio Aware

Routing

MANET

Routing

MULTINATIONAL OPERATIONS

Selex ES – An Unparalleled Portfolio

of Solutions and Capabilities - NETWORKING

Switches/Routers

IOP’s

Light Vehicles

Nodes Armoured Vehicles Nodes

© Copyright Selex ES. All rights reserved 9

™ Manpack, 2 Ch.s

™ Vehicular 1 Ch

™ Handheld

Selex ES – An Unparalleled Portfolio

of Solutions and Capabilities – Software Defined Radios

NB, WB WF’s NATO, Popr.

™ Vehicular 4 Ch.s

© Copyright Selex ES. All rights reserved 10

2G

Selex ES – An Unparalleled Portfolio

of Solutions and Capabilities – Satellite Comms

Manportable

X Band

FDMA/DVB

Deployable Communications

Civil Segment,

Ku/Ka Bands

Sheltered Tactical Hub

X/Ku/ka Bands – FDMA/DVB

SOTM/X

DVB

UHF Tacsat

Military Segment

X/Ka Band

UHF Band

Mobile terminals

X/Ku Bands – FDMA/DVB

• Wide variety of multiband term.s

• Leader in SOTM/PAA Technology

• DVB/RCS-S2 Secure Modems

• Launching Ka-band Systems

(Athena Fidus)

• National Backbone fully integrated

with Expeditionary Assets

• Implementing NATO Satellite

Ground Segment (SGS)

© Copyright Selex ES. All rights reserved 11

Defense Communication Systems Military Radio Solutions

A complete Portfolio

Selex ES – An Unparalleled Portfolio

of Solutions and Capabilities – Ground LOS/BLOS Comms

• HF Land, Naval and Maritime (BRASS)

Solutions for long haul links; full support

of NATO STANAG’s – Evolving to SDR

• Large footprint worldwide with SW

programmable PRR/SSR radios now

complemented with NG SDR solutions

• NG Military Radio Links supporting ALL-

IP and Legacy Networks

• Introducing LTE technology for wireless

comms. at Command Posts level

65 M

34 M

8 M

2 M

128K

9.6K

0 50 100 >1000 Km

Bit/sec

15

HF HF HF

HIGH POWER

VHF

LOS

BLOS/OTH

100 M

VEHICULAR

V/UHF

Wide Band

SOLDIER

V/UHF

Wide Band

BLOS /OTH

RADIO RELAYS – UHF

LOS RADIO RELAYS

UHF/SHF

TAC LTE

WIRELESS

BROADBAND ACCESS

© Copyright Selex ES. All rights reserved 12

Federated

Mission

Networks

TACOMS Compliancy

Military QoS

Real Time

Data

End-to-End Security

Information Protection

Ruggedness

Tactical

Services

SDR Technology

© Copyright Selex ES. All rights reserved 13

Selex ES

Selex ES S.p.A.

Via Tiburtina Km 12,400

00131 Rome, Italy

Tel. +39 06 4150.1