Friday, January 21, 2011

Can Multiple Acquisitions Support Cyber Operations?

The Navy is proceeding with NGEN acquisitions that divide a potentially $14.5 billion program initially into five contracts: (1) Security Operations, which may be targeted for small business; (2) Infrastructure such as LANs/WANs; (3) Enterprise Services such as supporting and migrating existing thick-client architecture to server farms; (4) Hardware purchases; and (5) Software (purchased through existing contract vehicles). In addition the Navy will depend on DISA for long haul networks, such as provided by GIG. *

Dividing a huge program into separate acquisitions makes it manageable from an acquisition standpoint. However, the question remains how will separate programs add up for delivery of a low cost and high performance capability that supports the Navy’s Information Dominance objectives?

There are tradeoffs to be made between security defenses, infrastructure architecture, configuration of personal computers and servers, operations of data centers and software to support applications. For instance the first line of defense for security assurance can be located either on desktops, in servers, in data centers or be hosted in network switches and routers. The decision where to concentrate security will affect how the Navy network will be structured to protect the core of information operations, which is the safeguarding of databases.

There is a difference whether fail-over redundancy is placed in the LANs, in the WAN’s or on the GIG connected data centers. Hardware purchases will be affected by decisions whether to consolidate the hardware under the control of a few Network Control Centers (NOCs) or to distribute it across the “edge” of hundreds of local network connections for distributed monitoring.

What software to acquire, and accordance with what standards, will have by far the greatest effect on the costs of NGEN. If local small business will make the decisions about security software this will dictate a much larger diversity that in turn will generate the need for more support personnel. Local software options would have to be then accommodated in by a greater variety how critical databases would be managed for enterprise-wide interoperability.

The decision to shift personal computing to greater reliance on server farms, especially where wireless connectivity is involved, will influence how data centers will be organized. That will influence the reliance on the capacity of the GIG to support real-time transactions.

The timing of the five proposed acquisitions is also critical. Navy will be making NGEN acquisitions in the next four years. Whatever is acquired will have a life of well over ten years even though the life of the data contained in the hosted databases will extend over many decades. Meanwhile, the hardware technologies will be changing at a fast rate, with the price/performance of computing equipment improving significantly every 18 months.

NGEN will end up with multiple five-year contracts, mostly to be awarded in 2012. At that time each acquisition will lock in solutions that will at that time meet detailed contractual requirements that were defined up to three years ago. How incremental contracts can support rapidly changing cyber operations well beyond 2020 is not clear. How five short-term and contractually separate acquisitions can preserve for over 50 years Navy essential data without costly re-programming is not apparent. How the planned division of NGEN into five parts can preserve the long-term knowledge capital embodied in applications without creating new generations of “legacy” solutions in the future is not clear.

From the requirements to the final award the NGEN acquisitions it will take over three years. After that the contracts will be in place the dislodging of incumbents will be extremely difficult because variability in software will inevitably creep in.

What ultimately dictate the success of NGEN are not the constantly evolving network needs, the rapidly changing security countermeasures and the infrastructure that will be surely changed by USCYBERCOM.  How NGEN will progress will not be decided by the easy availability of commercial “cloud” data centers or the ready availability of commodity hardware to support millions of personal computers and ten thousands of servers.

What will ultimately persist is the quality of the support for a rapid turnover workforce. What endures is the training of NGEN operators. NGEN should be seen not as an information technology solution but as a means for the preservation of intellectual capital of the Navy. What matters is the capacity of Navy personnel to learn how to respond to increasingly complex situations where a total dependence on information systems has become an integral part of all information warfare.

The human factors of NGEN are by far more important than information technologies. The military and civilian operators will always cost a large multiple of the expenses for IT that supports them. What matters is not the wiring or the hardware, but the way software and its supporting databases are deployed.

From the standpoint of the preservation and the capacity to manage a deluge of new data, the conservation of databases will dictate the economics of how to secure, network and manage applications.  Data and their corresponding MetaData have an extremely long life (well over 50 years) and represent the single most costly life-cycle element of NGEN.

From a functional standpoint the NGEN application software in place will have a life that outlasts many times any changes in microprocessors or of electric connections.

From the standpoint of innovation software has to become readily available in a matter of days and not years.

From the standpoint of easy of learning any NGEN software must be offered in a form that is consistent over wide range of applications and over an extended time period.

For these reasons the acquisition of software from an existing huge catalogue of vendor software may not support the objectives laid out for Information Dominance. The choice of how to manage NGEN software, not its networks, not its hardware, becomes the over-arching foundation of how to construct a system that will allow the Navy to attain information dominance.


In view of the experience with migration of software across different technologies my examination of the proposed Navy NGEN acquisition plans now gives rise to concerns about the architecture and design of these programs.  NGEN planners should shift their attention from acquiring physical assets to thinking through how to deliver to the Navy a software environment that will avoid the current proliferation of projects that in the future will require high maintenance plus continuous conversions of legacy codes. The following questions will have to be answered:

Has adequate attention been given to tradeoffs that will minimize the total costs to the Navy, especially during the migration of applications from one hardware environment to the next generation of technologies?

How will a preference in favor of software usability affect the interoperability, reliability and delivered service quality affect customers during the transition that may take more than ten years?

How will short-term savings in increasingly cheaper information technology devices be balanced against long-term expenses for operating and user personnel that are rising?