Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Reengineering the GIG to support the warfighter

1,053 views

Published on

Talk given to the IEEE communications society Boston Chapter in Jan 2009.

Published in: Technology, Business
  • Be the first to comment

Reengineering the GIG to support the warfighter

  1. 1. Reengineering the GIG to Support the Warfighter John Chapin IEEE COMSOC Boston Chapter 8 January 2009 Version 9: 8 Jan 2009
  2. 2. GIG 2.0 <ul><li>The current GIG (Global Information Grid) </li></ul><ul><ul><li>DOD worldwide network </li></ul></ul><ul><ul><li>Includes tactical wireless, global SATCOM, worldwide fiber core (GIG-BE) </li></ul></ul><ul><ul><li>Provides global IP data connectivity </li></ul></ul><ul><ul><li>Call this GIG1 </li></ul></ul><ul><li>In 2008, significant effort began on “GIG 2.0” </li></ul><ul><ul><li>Led by Vice Admiral Nancy Brown, J-6 of the Joint Staff </li></ul></ul><ul><ul><ul><li>Director for Command, Control, Communications and Computer Systems </li></ul></ul></ul><ul><ul><li>Call this GIG2 </li></ul></ul><ul><li>Key features of GIG2 </li></ul><ul><ul><li>“ Global access to required data in order to achieve the Information Advantage” </li></ul></ul><ul><ul><li>Not an acquisition program </li></ul></ul><ul><ul><li>Following two slides are from VADM Brown’s presentation </li></ul></ul><ul><ul><li>AFCEA Solutions: Information Assurance , September 9-10, 2008, Washington DC </li></ul></ul>
  3. 5. Examples of GIG2.0 features <ul><li>Discovering relevant information </li></ul><ul><ul><li>A ground tactical leader entering an area can quickly find all recent video generated by any asset </li></ul></ul><ul><ul><li>without knowing in advance who collected the video </li></ul></ul><ul><li>Establishing connections </li></ul><ul><ul><li>A pilot can send a text message to the commander-in-charge of an asset she observes on the ground </li></ul></ul><ul><ul><li>An intelligence analyst can publish updates to all affected commanders </li></ul></ul><ul><ul><li>without knowing in advance who that is </li></ul></ul><ul><li>Sharing information across organizational boundaries </li></ul><ul><ul><li>Warfighters from separate forces assigned to a joint mission can establish a local gateway and safely share information </li></ul></ul><ul><ul><li>without an active connection to remote authentication / authorization servers </li></ul></ul>GIG2 is an information environment for the warfighter. GIG2 features are application-layer information services.
  4. 6. GIG2 services cannot be built as an application on top of GIG1 <ul><li>GIG1 does not provide critical features needed by GIG2 services </li></ul><ul><ul><li>Support for network-aware distributed information services </li></ul></ul><ul><ul><li>Reliable efficient transport over heterogenous secure networks </li></ul></ul><ul><ul><li>Global coordination of heterogenous subnetworks </li></ul></ul><ul><li>Building GIG2 services without reengineering GIG1 will result in failure in one or more ways </li></ul><ul><ul><li>Robustness </li></ul></ul><ul><ul><li>Scalability </li></ul></ul><ul><ul><li>Security </li></ul></ul><ul><ul><li>Manageability </li></ul></ul><ul><ul><li>Cost-effectiveness </li></ul></ul><ul><li>This is a personal view </li></ul><ul><li>It does not necessarily reflect the view of MIT or the DOD </li></ul>
  5. 7. Critical GIG2 requirements not supported by GIG1 <ul><li>Support for network-aware distributed information services </li></ul><ul><li>Reliable efficient secure transport over heterogenous networks </li></ul><ul><li>Global coordination of heterogenous subnetworks </li></ul>
  6. 8. <ul><li>Voice </li></ul><ul><ul><li>5 kilobits/sec per user </li></ul></ul><ul><li>Still images, chat, shared whiteboards </li></ul><ul><ul><li>100 kilobits/sec per user </li></ul></ul><ul><li>Video surveillance, UAV ops </li></ul><ul><ul><li>1 – 5 megabits/sec per user </li></ul></ul>Tactical bandwidth use is growing rapidly Harris Corporation PEO Soldier PEO Soldier
  7. 9. Innovative tactical wireless networks support the new uses 1000x the old network bandwidth SRW, WNW TTNT WNW
  8. 10. Beyond Line Of Sight capacity will not keep up 1000x the old network bandwidth Commercial C/Ku/Ka Connexion/INMARSAT ETP WGS Int Polar MILSTAR IRIDIUM AEHF/EHF ADV/ Polar BLOS capacity grows slowly and is very expensive SRW, WNW TTNT WNW
  9. 11. BLOS congestion impairs access to information services Generates critical data that tactical leaders can’t discover Can’t get latest intelligence covering operational area Can’t collaborate with on-shore units Can’t see synthesized operational picture GigBE Out of theater In theater Servers major bases CONUS Congested GIG1 information services rely on out of theater servers Creating services and adding tactical net capacity will fail to deliver the planned benefits of GIG2
  10. 12. Network-Aware Distributed Information Services (NDIS) <ul><li>GIG2 information service implementations must be: </li></ul><ul><li>Network-aware </li></ul><ul><ul><li>Provide optimal possible service at minimum network load given current bandwidth and connection topology </li></ul></ul><ul><ul><li>Adapt in real-time as network configuration changes </li></ul></ul><ul><ul><li>Service optimizes the most limited resource: network bandwidth </li></ul></ul><ul><li>Distributed </li></ul><ul><ul><li>Service runs both on central server and on multiple tactical edge nodes </li></ul></ul><ul><ul><li>Data generated and used locally stays local </li></ul></ul><ul><ul><li>Service can be provided even when network performance is poor </li></ul></ul><ul><ul><ul><li>BLOS congestion </li></ul></ul></ul><ul><ul><ul><li>Intermittent connectivity </li></ul></ul></ul><ul><ul><ul><li>Slow legacy networks </li></ul></ul></ul>
  11. 13. Network support for GIG2 NDIS <ul><li>NDIS must interact with network control plane </li></ul><ul><ul><li>Discover changes in topology, congestion, per-link capacity </li></ul></ul><ul><ul><li>Dynamically adjust prioritization of flows, retransmission trade-offs </li></ul></ul><ul><li>NDIS benefits strongly from pre-deployed computation and storage resources near network gateways and hub points </li></ul><ul><ul><li>Quickly discover and respond to network status changes </li></ul></ul><ul><ul><li>Move data along optimal topological paths </li></ul></ul><ul><ul><li>Modify content in flight </li></ul></ul><ul><li>Supporting these requires significant GIG1 changes </li></ul><ul><ul><li>Control plane interactions </li></ul></ul><ul><ul><ul><li>Standard APIs for notification and control </li></ul></ul></ul><ul><ul><ul><li>New authorization mechanisms, defense against new potential attacks </li></ul></ul></ul><ul><ul><li>Deployed storage and computation resources </li></ul></ul><ul><ul><ul><li>Capacity, resource management in network nodes </li></ul></ul></ul><ul><ul><ul><li>Standard operating environment for NDIS software components </li></ul></ul></ul>
  12. 14. Critical GIG2 requirements not supported by GIG1 <ul><li>Support for network-aware distributed information services </li></ul><ul><li>Reliable efficient secure transport over heterogenous networks </li></ul><ul><li>Global coordination of heterogenous subnetworks </li></ul>
  13. 15. Reliable transport in the commercial internet <ul><li>A layer 3 service: TCP (Transport Control Protocol) </li></ul><ul><li>TCP provides </li></ul><ul><ul><li>end-to-end reliability </li></ul></ul><ul><ul><li>congestion management </li></ul></ul><ul><ul><li>efficient utilization of wireline links </li></ul></ul><ul><li>TCP does not provide </li></ul><ul><ul><li>security </li></ul></ul><ul><ul><li>efficient utilization of noisy links with high delay-bandwidth product </li></ul></ul><ul><ul><li>efficient utilization of links with rapidly varying capacity or latency </li></ul></ul><ul><ul><li>E.g. SATCOM, BLOS reachback, tactical wireless, multihop wireless </li></ul></ul>Best effort IP datagram service TCP IP TCP IP
  14. 16. Transport layer in GIG1: middleboxes For security: intercept TCP at edge of red enclave with HAIPE box TCP IP HAIPE IP TCP IP PEP TCP IP PEP TCP is de-facto obsolete as an end-to-end protocol for tactical use For performance: intercept TCP at edge of challenged link with PEP box TCP IP TCP IP HAIPE IP TCP IP TCP IP TCP IP
  15. 17. GIG is evolving towards a “black core” Joint network infrastructure Army user Army user Army user Army network infrastructure IC network infrastructure IC user IC user gateway Army user Army crypto IC user IC crypto Army user Army crypto IC user IC crypto Legacy systems: Crypto is part of the network. Dedicated infrastructure for groups of users with same priveleges Future systems: Crypto is part of the end device Joint infrastructure shared by users with different priveleges
  16. 18. GIG1 reliable transport cannot evolve to a black core IP PEP Single tent, vehicle or device Joint tactical wireless network PEP fails since it cannot operate on (encrypted) TCP headers. Giving it all session keys is undesirable. IP SATCOM PEP fails because dynamics of the tactical network interfere with its ability to manage satellite link effects. SATCOM terminal TCP IP TCP IP HAIPE IP TCP IP TCP IP HAIPE + PEP IP
  17. 19. GIG1 transport solution has multiple showstoppers <ul><li>A full solution to the transport problem must provide </li></ul><ul><ul><li>reliability exact data transfer between communicating nodes </li></ul></ul><ul><ul><li>efficiency exploit full bandwidth of available links, manage congestion </li></ul></ul><ul><ul><li>security protection against malicious behavior </li></ul></ul><ul><ul><li>manageability monitoring and control of network usage and behavior </li></ul></ul><ul><li>The GIG1 approach cannot grow to provide a full solution </li></ul><ul><ul><li>Each middlebox solves a single problem; they interact poorly when combined </li></ul></ul><ul><ul><li>Proprietary protocols are often used </li></ul></ul><ul><ul><li>PEPs are designed to prevent TCP congestion management from activating </li></ul></ul>If we use TCP plus GIG1 boxes: GIG2 information services will be inefficient, insecure, and unmanageable
  18. 20. Appropriate transport solution for GIG2 <ul><li>A new, open standard, layer 3 transport protocol </li></ul><ul><ul><li>convert to TCP at boundary between GIG and COTS networks or apps </li></ul></ul><ul><li>Designed to provide reliability, efficiency, security, manageability on top of a network that has </li></ul><ul><ul><li>interference-caused packet loss (in addition to congestion loss) </li></ul></ul><ul><ul><li>high delay-bandwidth links with rapidly varying capacity </li></ul></ul><ul><ul><li>heterogenous subnetworks (wired, wireless, SATCOM, optical) </li></ul></ul><ul><ul><li>applications with tight delay requirements </li></ul></ul><ul><li>Key design features that enable doing better than TCP </li></ul><ul><ul><li>support from routers </li></ul></ul><ul><ul><ul><li>see for example XCP papers by Katabi et al </li></ul></ul></ul><ul><ul><li>support from gateways between heterogenous subnetworks </li></ul></ul><ul><ul><ul><li>red-side proxy and PEP equivalent at SATCOM terminal work together </li></ul></ul></ul>
  19. 21. Critical GIG2 requirements not supported by GIG1 <ul><li>Support for network-aware distributed information services </li></ul><ul><li>Reliable efficient secure transport over heterogenous networks </li></ul><ul><li>Global coordination of heterogenous subnetworks </li></ul>
  20. 22. Importance of network management for the GIG <ul><li>To achieve high quality of service: </li></ul><ul><li>Commercial wireline networks rely on overprovisioning </li></ul><ul><ul><li>typical max load: 30% of capacity </li></ul></ul><ul><ul><li>nearly all offered traffic is delivered </li></ul></ul><ul><li>DOD GIG relies on intelligent network management </li></ul><ul><ul><li>typical max load: 100% of capacity </li></ul></ul><ul><ul><li>too expensive to overprovision (SATCOM, tactical wireless) </li></ul></ul><ul><ul><li>prioritization of applications and flows </li></ul></ul><ul><ul><li>reserved routes for some classes of traffic </li></ul></ul><ul><ul><li>real-time monitoring of offered traffic, status, congestion </li></ul></ul><ul><ul><li>real-time optimization of resources in response to changes in operational conditions, commander priorities, or network capabilities </li></ul></ul><ul><li>Two kinds of network management </li></ul><ul><ul><li>automatic real-time control plane </li></ul></ul><ul><ul><li>manual support for network operations center </li></ul></ul>
  21. 23. GIG1 net management: independent per subnetwork WGS MILSTAR AEHF/EHF TTNT mgmt SRW mgmt WNW mgmt AEHF mgmt Milstar mgmt WGS mgmt This approach loses effectiveness as internetwork and pass-through traffic flows become significant SRW TTNT WNW
  22. 24. GIG2: unified control plane and NOC? (Bad idea) WGS MILSTAR AEHF/EHF GIG2 network management Each subnetwork type has unique management requirements. It would be expensive and risky to try to replace existing systems. SRW TTNT WNW
  23. 25. GIG2 solution: global coordination by MCP WGS MILSTAR AEHF/EHF TTNT mgmt SRW mgmt WNW mgmt AEHF mgmt Milstar mgmt WGS mgmt Master Control Plane coordinates subnetwork control planes and network operations centers for global optimization Master Control Plane SRW TTNT WNW
  24. 26. Master Control Plane needs network support <ul><li>Cross-network coordination in GIG1: BGPs </li></ul><ul><ul><li>Border Gateway Protocols </li></ul></ul><ul><ul><li>Developed for linking peers in the commercial internet </li></ul></ul><ul><ul><li>Overprovisioning: only loose coordination needed </li></ul></ul><ul><ul><li>Competitive peers: hide proprietary information (e.g. offered load, loss rates) </li></ul></ul><ul><li>GIG2 requires more sophisticated mechanisms than GIG1 </li></ul><ul><ul><li>Heavy internetwork and pass-through flows  more information sharing </li></ul></ul><ul><ul><li>High loading + changing conditions  more responsive control </li></ul></ul><ul><ul><li>Large scale + varied information services  more intelligent management </li></ul></ul><ul><li>Support with new coordination protocols and algorithms </li></ul><ul><ul><li>New, open standard, network control plane coordination mechanism </li></ul></ul><ul><ul><li>Integrated into routers, gateways, subnetwork control plane components </li></ul></ul><ul><ul><li>Effective across the full range of subnetwork types </li></ul></ul><ul><ul><li>High assurance and high security </li></ul></ul>
  25. 27. <ul><li>GIG 2.0 vision </li></ul><ul><ul><li>“ Global access to required data in order to achieve the Information Advantage” </li></ul></ul><ul><li>GIG 2.0 vision can only be realized if today’s GIG is reengineered </li></ul><ul><ul><li>Support for network-aware distributed information services </li></ul></ul><ul><ul><ul><li>Application and network collaborating to overcome degraded links </li></ul></ul></ul><ul><ul><li>Reliable efficient secure transport over heterogenous networks </li></ul></ul><ul><ul><ul><li>Replace TCP and PEP boxes </li></ul></ul></ul><ul><ul><li>Global coordination of heterogenous subnetworks </li></ul></ul><ul><ul><ul><li>Support a Master Control Plane </li></ul></ul></ul>Reengineering the GIG to support the warfighter <ul><ul><li>Information environment optimized for the warfighter </li></ul></ul><ul><ul><li>Access to required information anytime & anywhere </li></ul></ul><ul><ul><li>Agile & versatile information environment </li></ul></ul><ul><ul><li>Global authentication, access control, and directory services </li></ul></ul><ul><ul><li>Information and services “from the edge” </li></ul></ul><ul><ul><li>Joint infrastructure </li></ul></ul><ul><ul><li>Common policies and standards </li></ul></ul><ul><ul><li>Unity of command </li></ul></ul>
  26. 28. <ul><li>Look 25 years out to shape current investments in R&D, standards </li></ul><ul><li>Start with a coherent overarching technical architecture </li></ul><ul><ul><li>Cross-layer and cross-component interactions prohibit distributed design </li></ul></ul><ul><ul><li>Led by a small team (6-8 experts) </li></ul></ul><ul><li>Avoid standardization or acquisition based on paper designs </li></ul><ul><ul><li>Rapid prototyping and field trial loop </li></ul></ul><ul><ul><li>Develop pathfinder NDIS and MCP in parallel with network mechanisms </li></ul></ul><ul><li>Thank you for your attention </li></ul><ul><ul><li>[email_address] </li></ul></ul>The path forwards

×