Tag Archives: electronic warfare

Asia-Pacific, Capability Analysis, Cyber War

The Strategic Support Force: China’s Information Warfare Service

Leave a comment

This piece was originally published by the Jamestown Foundation. It is republished here with permission. Read it in its original form here.

By John Costello

Gao Jin (高津) is the PLASSF’s Commander. Note that he was promoted to major general in June 2006 and to lieutenant general occurred in July 2013. (Xinhua)

On December 31, 2015, Xi Jinping introduced the People’s Liberation Army Rocket Force (PLARF; 火箭军), Strategic Support Force (PLASSF; 战略支援部队), and Army Leadership Organ. The move came just within the Central Military Commission’s deadline to complete the bulk of reforms by the end of the year. Most media coverage has focused on the Rocket Force, whose reorganization amounts to a promotion of the PLA Second Artillery Force (PLASAF) to the status of a service on the same level of the PLA Army, Navy, and Air Force. However, by far the most interesting and unexpected development was the creation of the SSF.

According to official sources, the Strategic Support Force will form the core of China’s information warfare force, which is central to China’s “active defense” strategic concept. This is an evolution, not a departure from, China’s evolving military strategy. It is a culmination of years of technological advancement and institutional change. In the context of ongoing reforms, the creation of the SSF may be one of the most important changes yet. Consolidating and restructuring China’s information forces is a key measure to enable a number of other state goals of reform, including reducing the power of the army, implementing joint operations, and increasing emphasis on high-tech forces.

The Strategic Support Force in Chinese Media

Top Chinese leadership, including President Xi Jinping and Ministry of Defense spokesman Yang Yujun have not provided significant details about the operational characteristics of the SSF. Xi has described the SSF as a “new-type combat force to maintain national security and an important growth point of the PLA’s combat capabilities” (MOD, January 1).

On January 14, the SSF’s newly-appointed commander, Gao Jin (高津) said that the SSF will raise an information umbrella(信息伞) for the military and will act as an important factor in integrating military services and systems, noting that it will provide the entire military with accurate, effective, and reliable information support and strategic support assurance (准确高效可靠的信息支撑和战略支援保障) (CSSN, January 14). [1]

Senior Chinese military experts have been quick to comment on the SSF, and their interviews form some of the best and most authoritative insights into the role the new force will play in the Chinese military. For instance, on January 16th, the Global Times quoted Song Zhongping (宋忠平), a former PLASAF officer and a professor at the PLARF’s Equipment Research Academy, who described SSF as as a “fifth service” and, contrary to official reports, states it is not a “military branch” (兵种) but rather should be seen as an independent military service (军种) in its own right. [2] He continues by stating that it will be composed of three separate forces or force-types: space troops (天军), cyber troops (网军), and electronic warfare forces (电子战部队). The cyber force would be composed of “hackers focusing on attack and defense,” the space forces would “focus on reconnaissance and navigation satellites,” and the electronic warfare force would focus on “jamming and disrupting enemy radar and communications.” According to Song, this would allow the PLA to “meet the challenges of not only traditional warfare but also of new warfare centered on new technology” (Global Times, January 16).

By far the most authoritative description of the Strategic Support Force comes from People’s Liberation Army Navy (PLAN) Rear Admiral Yin Zhuo (尹卓). As a member of both the PLAN Expert Advisory Committee for Cybersecurity and Informatization (海军网络安全和信息化专家委员会) and the All-Military Cybersecurity and Informatization Expert Advisory Committee (全军网络安全和信息化专家委员会, MCIEAC) formed in May 2015, Yin is in the exact sort of position to have first-hand knowledge of the SSF, if not a direct role in its creation.

In an interview published by official media on January 5th, 2016, Yin stated that its main mission will be to enable battlefield operations by ensuring the military can “maintain local advantages in the aerospace, space, cyber, and electromagnetic battlefields.” Specifically, the SSF’s missions will include target tracking and reconnaissance, daily operation of satellite navigation, operating Beidou satellites, managing space-based reconnaissance assets, and attack and defense in the cyber and electromagnetic spaces” and will be “deciding factors in [the PLA’s] ability to attain victory in future wars” (China Military News, January 5).

Yin also foresees the SSF playing a greater role in protecting and defending civilian infrastructure than the PLA has in the past:

“[The SSF] will play an important role in China’s socialist construction. Additionally, China is facing a lot of hackers on the internet which are engaging in illegal activities, for example, conducting cyber attacks against government facilities, military facilities, and major civilian facilities. This requires that we protect them with appropriate defense. The SSF will play an important role in protecting the country’s financial security and the security of people’s daily lives” (China Military News, January 5).

Yang Yujun, MND spokesman, also suggested that civilian-military integration will form a portion of the SSF’s mission, but stopped short of clarifying whether this meant the force will have a heavy civilian component or will be involved in defending civilian infrastructure, or both (CNTV, January 2).

Yin noted that the SSF will embody the PLA’s vision of real joint operations. In Yin’s view, military operations cannot be divorced from “electronic space,” a conceptual fusion of the electromagnetic and cyber domains. The SSF will integrate “reconnaissance, early warning, communications, command, control, navigation, digitalized ocean, digitalized land, etc. and will provide strong support for joint operations for each military service branch.” Indeed, this view was also echoed by Shao Yongling (邵永灵), a PLARF Senior Colonel who is currently a professor at the PLA’s Command College in Wuhan. She suggested that the SSF was created to centralize each branch of the PLA’s combat support units, where previously each service had their own, resulting in “overlapping functions and repeat investment.” Consolidating these responsibilities in a central force would allow the military to “reduce redundancies, better integrate, and improve joint operational capabilities” (China Military News, January 5).

Taken together, these sources suggest that at its most basic, the SSF will comprise forces in the space, cyber, and electromagnetic domains. Specifically, sources indicate the SSF will most likely be responsible for all aspects of information in warfare, including intelligence, technical reconnaissance, cyber attack/defense, electronic warfare, and aspects of information technology and management.

Force Composition

Rear Admiral Yin’s comments in particular suggest that at a minimum the SSF will draw from forces previously under the General Staff Department’s (GSD) subordinate organs, to include portions of the First Department (1PLA, operations department), Second Department (2PLA, intelligence department), Third Department (3PLA, technical reconnaissance department), Fourth Department (4PLA, electronic countermeasure and radar department), and Informatization Department (communications).

The “Joint Staff Headquarters Department” (JSD) under the Central Military Commission will likely incorporate the 1PLA’s command and control, recruitment, planning, and administrative bureaus. Information support organs like the meteorology and hydrology bureau, survey and mapping bureau, and targeting bureau would move to the SSF.

The GSD’s intelligence department, the 2PLA will likely move to the SSF, although there is some question as to whether it will maintain all aspects of its clandestine intelligence mission, or this will be moved to a separate unit. The Aerospace Reconnaissance Bureau (ARB), responsible for the GSD’s overhead intelligence, surveillance, and reconnaissance mission will most likely form the center of the SSF’s space corps. The 2PLA’s second bureau, responsible for tactical reconnaissance, will also move to the SSF. This will include one of its primary missions: operating China’s long-range unmanned aerial vehicles (UAV).[3]

The SSF will unify China’s cyber mission by reducing the institutional barriers separating computer network attack, espionage, and defense, which have been “stove-piped” and developed as three separate disciplines within the PLA. The 3PLA’s technical reconnaissance and cyber espionage units will likely move, including the national network of infamous technical reconnaissance bureau’s (TRB), the most famous of which is Unit 61398. The 4PLA’s electronic countermeasures mission will likely form the core of a future electronic warfare force under the SSF, and the its secondary mission of computer network attack (CNA) will also likely also move under the SSF.

Finally, the entirety of the Informatization Department will likely move to the SSF. This will unify its mission, which has expanding over the years to include near all aspects of the support side of informatization, including communications, information management, network administration, computer network defense (CND), and satellite downlink.

Drawing the bulk of the SSF from former GSD organs and subordinate units is not only remarkably practical, but it is also mutually reinforcing with other reforms. Firstly, it reduces the power and influence of the Army by removing its most strategic capabilities. Previously the PLA Army was split into two echelons, its GSD-level headquarters departments (部门) and units (部队) and Military Region-level (MR; 军区) operational units. GSD units did not serve in combat or traditional operational roles, yet constituted some of China’s most advanced “new-type” capabilities: information management, space forces, cyber espionage, cyber-attack, advanced electronic warfare, and intelligence, reconnaissance, and surveillance. The creation of the Army Leadership Organ effectively split the Army along these lines, with lower-echelon forces forming the PLA Ground Forces and the higher-echelon units forming the Strategic Support Force.

Secondly, separating these capabilities into a separate SSF allows the PLA Army to concentrate on land defense and combat. Nearly all personnel staffing the supposedly joint-force GSD units were Army personnel and by-and-large these units were considered Army units, despite serving as the de facto joint strategic support units for the entire PLA military. Giving the SSF its own administrative organs and personnel allows the PLA Army to concentrate solely on the business of ground combat, land defense, and fulfilling its intended roles in the context of China’s national defense strategy.

Finally and most importantly, separating the second, third, fourth, and “fifth” departments—as the Informatization Department is sometimes called—into their own service branch allows them to be leveraged to a greater degree for Navy Air Force, and Rocket Force missions. More than anything, it allows them to focus on force-building and integrating these capabilities across each service-branch, thereby enabling a long-sought “joint-force” capable of winning wars.

In many ways, taking GSD-level departments, bureaus, and units and centralizing them into the Strategic Support Force is making official what has long been a reality. GSD-level components have nearly always operated independently from regional Group Army units. Separating them into a separate service is less of an institutional change and more of an administrative paper-shuffle.

Integrated Information Warfare

The Strategic Support Force will form the core of China’s information warfare force, which is central to China’s strategy of pre-emptive attack and asymmetric warfare. China’s new military reforms seek to synthesize military preparations into a “combined wartime and peacetime military footing.” These “strategic presets” seek to put China’s military into an advantageous position at the outset of war in order to launch a preemptive attack or quickly respond to aggression. [4] This allows China to offset its disadvantages in technology and equipment through preparation and planning, particularly against a high-tech opponent—generally a by-word for the United States in PLA strategic literature.

These presets require careful selection of targets so that a first salvo of hard-kill and soft-kill measures can completely cripple an enemy’s operational “system of systems,” or his ability to use information technology to conduct operations. Achieving this information dominance is necessary to achieve air and sea dominance, or the “three dominances.” [5] A PLA Textbook, The Science of Military Strategy, (SMS) specifically cites space, cyber, and electronic warfare means working together as strategic weapons to achieve these ends, to “paralyze enemy operational system of systems” and “sabotage enemy’s war command system of systems.” [6] This includes launching space and cyber-attacks against political, economic, and civilian targets as a deterrent. The Strategic Support Force will undoubtedly play a central role as the information warfare component of China’s warfare strategy, and will be the “tip of the spear” in its war-plans and strategic disposition.

Remaining Questions

Despite what can be culled and answered from official sources and expert commentary, significant questions remain regarding the structure of Strategic Support Force and the roles it will play. For one, it is unclear how the Strategic Support Force will incorporate civilian elements into its ranks. Mentioned in 2015’s DWP and the more recent reform guidelines, civilian-military integration is a priority, but Chinese official sources have stopped short in describing how these forces will be incorporated into military in the new order (MOD, May 26, 2015). Previously, the General Staff Department research institutes, known as the “GSD RI’s,” acted as epicenters of civilian technical talent for strategic military capabilities. If the Strategic Support Force is primarily composed of former GSD units, then these research institutes will be ready-made fusion-points for civilian-military integration, and may take on a greater role in both operations and acquisition. Even so, the civilian piece is likely to prove vital, as they will undoubtedly serve as the backbone of China’s cyber capability.

Secondly, it is unknown specifically what forces will compose the Strategic Support Force, or the full extent of its mission. When official sources say “new-type” forces, they could mean a wide range of different things, and the term can include special warfare, intelligence operations, cyber warfare, or space. At a minimum, a consensus has emerged that the force will incorporate space, cyber, and electronic warfare, but the full extent of what this means is unclear. It is also unknown, for instance, if the space mission will include space launch facilities, or whether those will remain under the CMC Equipment Development Department, a rechristened General Armament Department. Where psychological operations will fall in the new order is also up for debate. Some sources have said that it will be incorporated into the SSF while others have left it out entirely.

Finally, although it is clear that the SSF will act as a service, it remains unclear if the CMC will also treat it as an operational entity, or how the CMC will operationalize forces that are under its administrative purview. It is unlikely that the military theaters will have operational authority over strategic-level cyber units, electronic warfare units, or space assets. These capabilities will likely be commanded directly by the CMC. This logic flies in the face of the new system, which requires that services focus on force construction rather than operations and warfare. The solution may be that the SSF, as well as the PLARF, act as both services and “functional” commands for their respective missions.

Conclusion

Ultimately, the strategic support force needs to be understood in the broader context of the reforms responsible for its creation. On one hand, the reforms are practical, intending to usher China’s military forces into the modern era and transform them into a force capable of waging and winning “informatized local wars.” On the other hand, the reforms are politically motivated, intending to reassert party leadership to transform the PLA into a more reliable, effective political instrument.

The Strategic Support Force, if administered correctly, will help solve many of the PLA’s problems that have prevented it from effectively implementing joint operations and information warfare. The creation of an entire military service dedicated to information warfare reaffirms China’s focus on the importance of information in its strategic concepts, but it also reveals the Central Military Commission’s desire to assert more control over these forces as political instruments. With the CMC solidly at the helm, information warfare will likely be leveraged more strategically and will be seen in all aspects of PLA operations both in peace and in war. China is committing itself completely to information warfare, foreign nations should take note and act accordingly.

John Costello is Congressional Innovation Fellow for New American Foundation and a former Research Analyst at Defense Group Inc. He was a member of the U.S. Navy and a DOD Analyst. He specializes in information warfare, electronic warfare and non-kinetic counter-space issues.

Notes

1. A Chinese-media report on Gao Jin’s military service assignments can be found at <http://news.sina.com.cn/c/sz/2016-01-01/doc-ifxneept3519173.shtml>. Gao Jin’s role as commander of the SSF is noteworthy in two respects: One, he is a career Second Artillery officer, so his new role muddies the waters a bit in understanding whether the SSF will be a force composed of Army personnel but treated administratively separate from the Army—not unlike the former PLASAF-PLA Army relationship—or will be composed of personnel from various services and treated administratively separate from all forces. Secondly and more important to this discussion, before his new post as SSF commander, Gao Jin was head of the highly-influential Academy of Military Sciences (AMS) which besides being the PLA’s de facto think-tank (along with the National Defense University), is responsible for putting out the Science of Strategy, a wide-reaching consensus document that both captures and guides PLA strategic thinking at the national level. The most recent edition published in 2013 was released under his tenure as commandant of AMS and many of the ideas from that edition have found their way into the 2015 defense white paper, December’s guide on military reforms, and many of the changes made to China’s national defense establishment. His new role could be seen as CMC-endorsement of SMS’s views on China’s strategic thought.

2. Song’s description of the SSF contradicts official-media descriptions of the service, which had suggested that the service will occupy a similar echelon to that of the PLASAF before it was promoted to full military service status equal to the other branches.

3. Ian M. Easton and L.C. Russell Hsiao, “The Chinese People’s Liberation Army’s Unmanned Aerial Vehicle Project: Organizational Capacities and Operational Capabilities,” 2049 Institute, March 11, 2013. p. 14.

4. The Science of Military Strategy [战略学], 3rd ed., Beijing: Military Science Press, 2013. p. 320.

5. Ibid. p. 165.

6. Ibid. p. 164.

Featured Image: Soldiers of the Chinese People’s Liberation Army 1st Amphibious Mechanized Infantry Division prepare to provide Chairman of the Joint Chiefs of Staff Adm. Mike Mullen with a demonstration of their capablities during a visit to the unit in China on July 12, 2011. (DoD photo by Mass Communication Specialist 1st Class Chad J. McNeeley/Released)

Cyber War, Future War

21st Century Maritime Operations Under Cyber-Electromagnetic Opposition The Finale

1 Comment

The following article is part of our cross-posting partnership with Information Dissemination’s Jon Solomon.  It is republished here with the author’s permission.  You can read it in its original form here.

Read part one, part two, and part three of the series.

By Jon Solomon

Candidate Principle #6: Technical Degradation is Temporary, Psychological Effects can be Enduring

It must be appreciated that the greatest damage caused by an adversary’s successful cyber-electromagnetic attack may not be in how it degrades a system or network’s performance, opens the door to kinetic attacks against a force, or even tricks commanders into making operationally or tactically-sub-optimal decisions. All of these are generally temporary effects and can be recoverable with flexible plans, resiliency-embracing doctrine, and crafty tactics. Rather, as renowned naval analyst Norman Friedman has hypothesized, it could very well be the shattering of commanders’ and operators’ trust in their systems and networks that is most destructive. If personnel are not conditioned to anticipate their systems’ and networks’ disruption in combat, an attack’s lasting effect may be a morale-corroding fatalism. Likewise, if they are deceived just once by a manipulated situational picture, and even then not necessarily in a majorly harmful way, they may still hesitate to take needed actions in subsequent engagements out of fear of deception even when none is present. Either of these consequences could result in ceding the tactical if not operational initiative. In a short conflict, this might be catastrophic. Doctrinal collapse might also result, which would be especially debilitating if force structure is designed so tightly around a given doctrine that it severely limits options for creating or adapting operating concepts on the fly.[i]

Interestingly, similar effects might conceivably occur even when a system’s or network’s electronic protection and information assurance measures cause a cyber-electromagnetic attack to only achieve a relatively minor degree of immediate ‘damage.’ In fact, near-continuous cyber-electromagnetic harassment in the form of noise jamming, incessant yet readily parried cyber penetration attempts, situational picture-manipulation attacks that the target’s operators can quickly discover and reverse, intermittent system crashes or network connectivity interruptions that are quickly recovered from, or even severe disruptions of non-critical systems and network services may wear a force’s commanders and crews down mentally even if their critical systems and networks remain fully capable. A clever adversary might actually find this psychological degradation more exploitable (and more likely to be available for use at any given time) than technical degradation. Indeed, cyber-electromagnetic warfare’s psychological applications may well be where it finds its greatest utility.

Assessing the Implications

As the Chief of Naval Operations and others have asserted, the cyber and electromagnetic domains have become equally important to the physical domains in waging modern war.[ii] The cyber-electromagnetic fight will extend throughout all phases of major future conflicts, may begin well before open hostilities break out as an adversary attempts to ‘prepare’ the battle space, and accordingly may be particularly pivotal during a war’s opening phase. Indeed, high-impact anti-network operations with major maritime strategic implications date back as far as the opening moments of the First World War. Just as a belligerent might not be able to win a war with naval dominance alone but could easily lose without it, so it will be for cyber-electromagnetic dominance. It follows that a naval force’s ability to operate within a contested maritime zone will be highly questionable if it cannot effectively suppress or exploit the adversary’s force-level networks while simultaneously parrying the adversary’s own cyber-electromagnetic attacks. This will even extend to operations featuring stealth platforms, as such assets have long needed direct EW support to achieve maximal effectiveness.[iv] Should the U.S. Navy under-appreciate a potential adversary’s integration of cyber-electromagnetic warfare within combined arms doctrine, in a future conflict it would risk facing attrition rates on par with what it endured in the Solomon Islands from summer 1942 through summer 1943—something that its contemporary force structure simply could not endure.[v]

Assuming the candidate principles we have outlined are validated, they will influence future maritime warfare in at least five general ways. First, they will confirm leading tactical theorist Wayne Hughes’s hypothesis from over a decade ago that the next major maritime fight will be defined by the belligerents’ struggle for scouting superiority.[vi] This will represent a drastic change from the U.S. Navy’s post-Second World War combat experiences, in which the absence of threats to its sea control allowed it to focus on maximizing the efficiency and persistence of power projection ashore. Regardless of whether a tactical action pits two naval battleforces against each other, or one against a land-based force, the victor will likely be the side that is able to achieve high-confidence classification, identification, and targeting against his opponent’s forces first, thereby enabling effective attack.[vii] Cyber-electromagnetic discipline and capabilities will clearly be central to the success of the scouting/anti-scouting phases of any future operation.

Second, the above signifies that a force will need to extend its effective scouting and anti-scouting reach beyond that of its opponent. This is not achieved solely by covering a given area with more sensors than the opponent, or deploying scouts at greater ranges than the opponent. Rather, as suggested earlier, a sensor network’s effectiveness is equally a function of its architecture. This means the availability of difficult-to-intercept communications pathways and backup communications infrastructure will be just as important as raw coverage volume, lest key sensors be cut off from the network or the situational picture they feed be decisively manipulated. This also means the network must employ multiple sensor types. For surveillance, this translates into multi-phenomenology sensors positioned (or covering areas) as far as possible forward within the battle space, with some using sensing methodologies and platform characteristics that allow them to avoid (or at least delay) counter-detection. For reconnaissance, this requires sensors capable of penetrating the opponent’s force to support the confident confirmation of a given contact’s classification and identity. The U.S. Navy simply cannot afford to waste precious inventories of advanced weapons by falling for deception in a future battle. In this light, the Navy’s proposed Unmanned Carrier Launched Airborne Surveillance and Strike (UCLASS) system could be a critical enabler for effectively employing the proposed Long Range Anti-Ship Missile (LRASM), beyond visual range anti-air missiles, and similar network-enhanced standoff-range maritime weapons. It should not be overlooked that UCLASS, a scouting and attack asset that will be organic to the battleforce, can be designed to support expanded operations on interior lines of networking.

Third, if there is to be a reasonable chance that any degradation will be graceful, cyber-electromagnetic resilience must become a defining attribute of systems’ and networks’ designs. Strong electronic protection and information assurance features are certainly vital, with the latter applying just as much to ‘engineering plant’ systems as to the warfare systems they support. Nevertheless, as no system or network can ever be unexploitable, those central to a force’s tactical capabilities must contain additional design features that allow for quick restoration, graceful degradation, or capability expansion when subjected to withering cyber-electromagnetic attacks. Systems’ avoidance of network-dependency will also help greatly to this end.

Fourth, operations within opposed cyber-electromagnetic environments will demand C2 decentralization, as a higher echelon’s ability to assert direct, secure control over subordinate units under such circumstances will be dubious. Even if possible, this kind of close control will almost certainly be inadvisable if only for force concealment and counter-exploitation considerations. Instead, maritime forces will need to re-embrace ‘command-by-negation’ doctrine, or rather the broad empowerment of lower-level commanders to exercise initiative in accordance with their higher commander’s pre-disseminated intentions, if they are to fight effectively. Relatedly, aggressive experimentation will be needed to find the proper balance between operating on interior and exterior lines of networking when inside a contested zone—and will probably reveal that the bias should be towards the former.

Lastly, forces capable of operating under command-by-negation and in opposed cyber-electromagnetic environments are not developed overnight. Frequent and intensive training under realistic combat conditions will be needed if the requisite force-wide skills are to be developed.[viii] In particular, much as we have traditionally done to cultivate physical damage control readiness, commanders and crews on the deck plates must be regularly conditioned to expect, recognize, and fight-through cyber-electromagnetic attacks. A force’s cyber-electromagnetic resilience will depend in no small way upon its personnel’s technical, tactical, and psychological preparation for operating with critical systems and networks degraded if not compromised, and with situational pictures that have been manipulated. Likewise, a force’s ability to successfully deceive the adversary—not to mention successfully employ countermeasures against the adversary’s weapons—will depend upon the cyber-electromagnetic tactical skills the force’s personnel cultivate through routinized peacetime training. Emission control discipline, decoy placement relative to defended assets, precision evasive maneuvers, precision timing and sequencing of tactics, and the like require frequent practice if commanders and crews are to gain and then maintain just the minimum proficiencies needed to survive in modern maritime battle. The Navy’s next Strategy for Achieving Information Dominance needs to make it clear that cyber-electromagnetic competence must not be isolated to its Information Dominance Corps, and instead must be ingrained within the total force.

While cyber-electromagnetic risks hardly invalidate the use of advanced sensor and networking technologies, they do caution us not to take for granted that our systems and networks will be secure, functional, and reliable when needed. Our doctrine, contingency operational plans, and tactics must be structured around the assumption each of our warfare systems contain exploitable cyber-electromagnetic vulnerabilities that may prevent us from using them to their fullest—or at all—when most needed. We must not allow ourselves to build and field a force that can only fight effectively when its systems and networks are unhindered and uncompromised.

Jon Solomon is a Senior Systems and Technology Analyst at Systems Planning and Analysis, Inc. in Alexandria, VA. He can be reached at jfsolo107@gmail.com. The views expressed herein are solely those of the author and are presented in his personal capacity on his own initiative. They do not reflect the official positions of Systems Planning and Analysis, Inc. and to the author’s knowledge do not reflect the policies or positions of the U.S. Department of Defense, any U.S. armed service, or any other U.S. Government agency. These views have not been coordinated with, and are not offered in the interest of, Systems Planning and Analysis, Inc. or any of its customers.

[i] Norman Friedman. “Trust but Verify.” Naval Institute Proceedings 134, No. 11 (November 2008), 90-91.

[ii] ADM Jonathan Greenert, USN. “Imminent Domain.” Naval Institute Proceedings 138, No. 12 (December 2012), 17.

[iii] LCDR James T. Westwood, USN. “Electronic Warfare and Signals Intelligence at the Outset of World War I.” U.S. National Security Agency, undated, accessed 1/31/14, http://www.nsa.gov/public_info/_files/cryptologic_spectrum/electronic_warfare.pdf

[iv] See 1. ADM Jonathan Greenert, USN. “Payloads Over Platforms: Charting a New Course.” Naval Institute Proceedings 138, No. 7 (July 2012), 18-19; 2. Gordon and Trainor, 213-215, 217; 3. Arend G. Westra. “Radar Versus Stealth: Passive Radar and the Future of U.S. Military Power.” Joint Forces Quarterly 55 (October 2009), 136-143.

[v] Thomas G. Mahnken. “China’s Anti-Access Strategy in Historical and Theoretical Perspective.” Journal of Strategic Studies 34, No. 3 (June 2011), 310.

[vi] CAPT Wayne Hughes, Jr, USN (Ret). Fleet Tactics and Coastal Combat, 2nd Ed. (Annapolis, MD: Naval Institute Press, 2000), 201-202, 210-212.

[vii] Ibid, 40-44.

[viii] Solomon, “Maritime Deception and Concealment,” 104-106.

Cyber War, Future Tech, Future War

21st Century Maritime Operations Under Cyber-Electromagnetic Opposition Part Three

1 Comment

The following article is part of our cross-posting series with Information Dissemination’s Jon Solomon.  It is republished here with the author’s permission.  You can read it in its original form here.

Read part one and part two of the series.

By Jon Solomon

Candidate Principle #4: A Network’s Operational Geometry Impacts its Defensibility

Networked warfare is popularly viewed as a fight within cyberspace’s ever-shifting topology. Networks, however, often must use transmission mechanisms beyond physical cables. For field-deployed military forces in particular, data packets must be broadcast as electromagnetic signals through the atmosphere and outer space, or as acoustic signals underwater, in order to connect with a network’s infrastructure. Whereas a belligerent might not be able to directly access or strike this infrastructure for a variety of reasons, intercepting and exploiting a signal as it traverses above or below water is an entirely different matter. The geometry of a transmitted signal’s propagation paths therefore is a critical factor in assessing a network’s defensibility.

The Jominian terms interior and exterior lines of operations respectively refer to whether a force occupies positions within a ‘circle’ such that its combat actions radiate outwards towards the adversary’s forces, or whether it is positioned outside the ‘circle’ such that its actions converge inwards towards the adversary.[i] Although these terms have traditionally applied solely within the physical domains of war, with some license they are also applicable to cyber-electromagnetic warfare. A force might be said to be operating on interior lines of networking if the platforms, remote sensors, data processing services, launched weapons, and communications relay assets comprising its battle networks are positioned solely within the force’s immediate operating area.
Interior+Lines+of+networking

While this area may extend from the seabed to earth orbit, and could easily have a surface footprint measuring in the hundreds of thousands of square miles, it would nonetheless be relatively localized within the scheme of the overall combat zone. If the force employs robustly-layered physical defenses, and especially if its networking lines through the air or water feature highly-directional line-of-sight communications systems where possible or LPI transmission techniques where appropriate, the adversary’s task of positioning assets such that they can reliably discover let alone exploit the force’s electromagnetic or acoustic communications pathways becomes quite difficult. The ideal force operating on interior lines of networking avoids use of space-based data relay assets with predictable orbits and instead relies primarily upon agile, unpredictably-located airborne relays.[ii] CEC and tactical C2 systems whose participants exclusively lie within a maneuvering force’s immediate operating area are examples of tools that enable interior lines of networking.

Conversely, a force might be said to be operating on exterior lines of networking if key resources comprising its battle networks are positioned well beyond its immediate operating area.

Ext+Lines+of+Networking-1

This can vastly simplify an adversary’s task of positioning cyber-electromagnetic exploitation assets. For example, the lines of communication linking a field-deployed force with distant entities often rely upon fixed or predictably-positioned relay assets with extremely wide surface footprints. Similarly, those that connect the force with rear-echelon entities generally require connections to fixed-location networking infrastructure on land or under the sea. Theater-level C2 systems, national or theater-level sensor systems, intelligence ‘reachback’ support systems, remotely-located data fusion systems, and rear echelon logistical services that directly tap into field-deployed assets’ systems in order to provide remote-monitoring/troubleshooting support are examples of resources available to a force operating on exterior lines of networking.

Clearly, no force can fully foreswear operating on exterior lines of networking in favor of operating solely on interior lines.[iii] A force’s tasks combined with its minimum needs for external support preclude this; some tactical-level tasks such as theater ballistic missile defense depend upon direct inputs from national/theater-level sensors and C2 systems. A force operating on interior lines of networking may also have less ‘battle information’ available to it, not to mention fewer processing resources available for digesting this information, than a force operating on exterior lines of networking.

Nevertheless, any added capabilities provided by operating on exterior lines of networking must be traded off against the increased cyber-electromagnetic risks inherent in doing so. There consequently must be an extremely compelling justification for each individual connection between a force and external resources, especially if a proposed connection touches critical combat system or ‘engineering plant’ systems. Any connections authorized with external resources must be subjected to a continuous, disciplined cyber-electromagnetic risk management process that dictates the allowable circumstances for the connection’s use and the methods that must be implemented to protect against its exploitation. This is not merely a concern about fending off ‘live penetration’ of a network, as an ill-considered connection might alternatively be used as a channel for routing a ‘kill signal’ to a preinstalled ‘logic bomb’ residing deep within some critical system, or for malware to automatically and covertly exfiltrate data to an adversary’s intelligence collectors. An external connection does not even need to be between a critical and a non-critical system to be dangerous; operational security depends greatly upon preventing sensitive information that contains or implies a unit or force’s geolocation, scheme of maneuver, and combat readiness from leaking out via networked logistical support services. Most notably, it must be understood that exterior lines of networking are more likely than interior lines to be disrupted or compromised when most needed while a force is operating under cyber-electromagnetic opposition. The timing and duration of a force’s use of exterior lines of networking accordingly should be strictly minimized, and it might often be more advantageous to pass up the capabilities provided by external connectivity in favor of increasing a force’s chances at avoiding detection or cyber-electromagnetic exploitation.

Candidate Principle #5: Network Degradation in Combat, While Certain, Can be Managed

The four previous candidate principles’ chief significance is that no network, and few sensor or communications systems, will be able to sustain peak operability within an opposed cyber-electromagnetic environment. Impacts may be lessened by employing network-enhanced vice network-dependent system architectures, carefully weighing a force’s connections with (or dependencies upon) external entities, and implementation of doctrinal, tactical, and technical cyber-electromagnetic counter-countermeasures. Network and system degradation will nonetheless be a reality, and there is no analytical justification for assuming peacetime degrees of situational awareness accuracy or force control surety will last long beyond a war’s outbreak.

There is a big difference, though, between degrading and destroying a network. The beauty of a decently-architected network is that lopping off certain key nodes may severely degrade its capabilities, but as long as some nodes survive—and especially if they can combine their individual capabilities constructively via surviving communications pathways as well as backup or ‘workaround’ processes—the network will retain some non-dismissible degree of functionality. Take Iraq’s nationwide integrated air defense system during the first Gulf War, for example. Although its C2 nodes absorbed devastating attacks, it was able to sustain some localized effectiveness in a few areas of the country up through the war’s end. What’s more, U.S. forces could never completely sever this network’s communications pathways; in some cases the Iraqis succeeded in reconstituting damaged nodes.[iv] Similarly, U.S. Department of Defense force interoperability assessments overseen by the Director of Operational Test and Evaluation during Fiscal Year 2013 indicated that operators were frequently able to develop ‘workarounds’ when their information systems and networks experienced disruptions, and that mission accomplishment ultimately did not suffer as a result. A price was paid, though, in “increased operator workloads, increased errors, and slowed mission performance.”[v]

This illustrates the idea that a system or network can degrade gracefully; that is, retain residual capabilities ‘good enough,’ if only under narrow conditions, to significantly affect an opponent’s operations and tactics. Certain hardware and software design attributes including architectural redundancy, physical and virtual partitioning of critical from non-critical functions (with far stricter scrutiny over supply chains and components performed for the former), and implementation of hardened and aggressively tested ‘safe modes’ systems can fail into to restore a minimum set of critical functions support graceful degradation. The same is true with inclusion of ‘war reserve’ functionality in systems, use of a constantly-shifting network topology, availability of ‘out-of-band’ pathways for communicating mission-critical data, and incorporation of robust jamming identification and suppression/cancellation capabilities. All of these system and network design features can help a force can fight-through cyber-electromagnetic attack. Personnel training (and standards enforcement) with respect to basic cyber-electromagnetic hygiene will also figure immensely in this regard. Rigorous training aimed at developing crews’ abilities to quickly recognize, evaluate, and then recover from attacks (including suspected network-exploitations by adversary intelligence collectors) will accordingly be vital. All the same, graceful degradation is not an absolute good, as an opponent will assuredly exploit the resultant ‘spottier’ situational awareness or C2 regardless of whether it is protracted or brief.

In the series finale, we assess the psychological effects of cyber-electromagnetic attacks and then conclude with a look at the candidate principles’ implications for maritime warfare.

Jon Solomon is a Senior Systems and Technology Analyst at Systems Planning and Analysis, Inc. in Alexandria, VA. He can be reached at jfsolo107@gmail.com. The views expressed herein are solely those of the author and are presented in his personal capacity on his own initiative. They do not reflect the official positions of Systems Planning and Analysis, Inc. and to the author’s knowledge do not reflect the policies or positions of the U.S. Department of Defense, any U.S. armed service, or any other U.S. Government agency. These views have not been coordinated with, and are not offered in the interest of, Systems Planning and Analysis, Inc. or any of its customers.

[i] “Joint Publication 5-0: Joint Operational Planning.” (Washington, D.C.: Joint Chiefs of Staff, 2011), III-27.

[ii] For an excellent technical discussion on the trade-offs between electronic protection/communications security on one side and data throughput/system expense on the other, see Cote, 31, 58-59. For a good technical summary of highly-directional line-of sight radio frequency communications systems, see Tom Schlosser. “Technical Report 1719: Potential for Navy Use of Microwave and Millimeter Line-of-Sight Communications.” (San Diego: Naval Command, Control and Ocean Surveillance Center, RDT&E Division, September 1996), accessed 10/15/14, www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA318338

[iii] Note the discussion on this issue in “Joint Operational Access Concept, Version 1.0.” (Washington, D.C.: Joint Chiefs of Staff, 17 January 2012), 36-37.

[iv] Michael R. Gordon and LGEN Bernard E. Trainor, USMC (Ret). The Generals’ War: The Inside Story of the Conflict in the Gulf. (Boston: Back Bay Books, 1995), 256–57.

[v] “FY13 Annual Report: Information Assurance (IA) and Interoperability (IOP),” 330, 332-333.

[vi] See 1. Jonathan F. Solomon. “Cyberdeterrence between Nation-States: Plausible Strategy or a Pipe Dream?” Strategic Studies Quarterly 5, No. 1 (Spring 2011), Part II (online version): 21-22, accessed 12/13/13, http://www.au.af.mil/au/ssq/2011/spring/solomon.pdf; 2. “FY12 Annual Report: Information Assurance (IA) and Interoperability (IOP),” 307-311; 3. “FY13 Annual Report: Information Assurance (IA) and Interoperability (IOP),” 330, 332-334.

Cyber War, Future Tech, Future War

21st Century Maritime Operations Under Cyber-Electromagnetic Opposition Part Two

1 Comment

The following article is part of our cross-posting partnership with Information Dissemination’s Jon Solomon.  It is republished here with the author’s permission.  You can read it in its original form here.

Read part one of this series here.

By Jon Solomon

Candidate Principle #2: A Network’s Combat Viability is more than the Sum of its Nodes

Force networking generates an unavoidable trade-off between maximizing collective combat capabilities and minimizing network-induced vulnerability risks. The challenge is finding an acceptable balance between the two in both design and operation; networking provides no ‘free lunch.’

This trade-off was commonly discounted during the network-centric era’s early years. For instance, Metcalfe’s Law—the idea that a network’s potential increases as the square of the number of networked nodes—was often applied in ways suggesting a force would become increasingly capable as more sensors, weapons, and data processing elements were tied together to collect, interpret, and act upon battle space information.[i] Such assertions, though, were made without reference to the network’s architecture. The sheer number (or types) of nodes matter little if the disruption of certain critical nodes (relay satellites, for example) or the exploitation of any given node to access the network’s internals erode the network’s data confidentiality, integrity, or availability. This renders node-counting on its own a meaningless and perhaps even misleadingly dangerous measure of a network’s potential. The same is also true if individual systems and platforms have design limitations that prevent them from fighting effectively if force-level networks are undermined.

Consequently, there is a gigantic difference between a network-enhanced warfare system and a network-dependent warfare system. While the former’s performance expands greatly when connected to other force elements via a network, it nevertheless is designed to have a minimum performance that is ‘good enough’ to independently achieve certain critical tasks if network connectivity is unavailable or compromised.[ii] A practical example of this is the U.S. Navy’s Cooperative Engagement Capability (CEC), which extends an individual warship’s air warfare reach beyond its own sensors’ line-of-sight out to its interceptor missiles’ maximum ranges courtesy of other CEC-participating platforms’ sensor data. Loss of the local CEC network may significantly reduce a battle force’s air warfare effectiveness, but the participating warships’ combat systems would still retain formidable self and local-area air defense capabilities.

Conversely, a network-dependent warfare system fails outright when its supporting network is corrupted or denied. For instance, whereas in theory Soviet anti-ship missile-armed bombers of the late 1950s through early 1990s could strike U.S. aircraft carrier battle groups over a thousand miles from the Soviet coast, their ability to do so was predicated upon time-sensitive cueing by the Soviet Ocean Surveillance System (SOSS). SOSS’s network was built around a highly centralized situational picture-development and combat decision-making apparatus, which relied heavily upon remote sensors and long-range radio frequency communications pathways that were ripe for EW exploitation. This meant U.S. efforts to slow down, saturate, block, or manipulate sensor data inputs to SOSS, let alone to do the same to the SOSS picture outputs Soviet bomber forces relied upon in order to know their targets’ general locations, had the potential of cutting any number of critical links in the bombers’ ‘kill chain.’ If bombers were passed a SOSS cue at all, their crews would have had no idea whether they would find a carrier battle group or a decoy asset (and maybe an accompanying aerial ambush) at the terminus of their sortie route. Furthermore, bomber crews firing from standoff-range could only be confident they had aimed their missiles at actual high-priority ships and not decoys or lower-priority ships if they received precise visual identifications of targets from scouts that had penetrated to the battle group’s center. If these scouts failed in this role—a high probability once U.S. rules of engagement were relaxed following a war’s outbreak—the missile salvo would be seriously handicapped and perhaps wasted, if it could be launched at all. Little is different today with respect to China’s nascent Anti-Ship Ballistic Missile capability: undermine the underlying surveillance-reconnaissance network and the weapon loses its combat utility.[iii] This is the risk systems take with network-dependency.

Candidate Principle #3: Contact Detection is Easy, Contact Classification and Identification are Not

The above SOSS analogy leads to a major observation regarding remote sensing: detecting something is not the same as knowing with confidence what it is. It cannot be overstated that no sensor can infallibly classify and identify its contacts: countermeasures exist against every sensor type.

As an example, for decades we have heard the argument ‘large signature’ platforms such as aircraft carriers are especially vulnerable because they cannot readily hide from wide-area surveillance radars and the like. If the only method of carrier concealment was broadband Radar Cross Section suppression, and if the only prerequisite for firing an anti-carrier weapon was a large surface contact’s detection, the assertions of excessive vulnerability would be true. A large surface contact held by remote radar, however, can just as easily be a merchant vessel, a naval auxiliary ship, a deceptive low campaign-value combatant employing signature-enhancement measures, or an artificial decoy. Whereas advanced radars’ synthetic or inverse synthetic aperture modes can be used to discriminate a contact’s basic shape as a classification tool, a variety of EW tactics and techniques can prevent those modes’ effective use or render their findings suspect. Faced with those kinds of obstacles, active sensor designers might turn to Low Probability of Intercept (LPI) transmission techniques to buy time for their systems to evade detection and also delay the opponent’s development of effective EW countermeasures. Nevertheless, an intelligent opponent’s signals intelligence collection and analysis efforts will eventually discover and correctly classify an active sensor’s LPI emissions. It might take multiple combat engagements over several months for them to do this, or it might take them only a single combat engagement and then a few hours of analysis. This means new LPI techniques must be continually developed, stockpiled, and then situationally employed only on a risk-versus-benefit basis if the sensor’s performance is to be preserved throughout a conflict’s duration.

Passive direction-finding sensors are confronted by an even steeper obstacle: a non-cooperative vessel can strictly inhibit its telltale emissions or can radiate deceptive emissions. Nor can electro-optical and infrared sensors overcome the remote sensing problem, as their spectral bands render them highly inefficient for wide-area searches, drastically limit their effective range, and leave them susceptible to natural as well as man-made obscurants.[iv]

If a prospective attacker possesses enough ordnance or is not cowed by the political-diplomatic risks of misidentification, he might not care to confidently classify a contact before striking it. On the other hand, if the prospective attacker is constrained by the need to ensure his precious advanced weapons inventories (and their launching platforms) are not prematurely depleted, or if he is constrained by a desire to avoid inadvertent escalation, remote sensing alone will not suffice for weapons-targeting.[v] Just as was the case with Soviet maritime bombers, a relatively risk-intolerant prospective attacker would be compelled to rely upon close-in (and likely visual) classification of targets following their remote detection. This dependency expands a defender’s space for layering its anti-scouting defenses, and suggests that standoff-range attacks cued by sensor-to-shooter networks will depend heavily upon penetrating (if not persistent) scouts that are either highly survivable (e.g., submarines and low-observable aircraft) or relatively expendable (e.g., unmanned system ‘swarms’ or sacrificial manned assets).

On the expendable scout side, an advanced weapon (whether a traditional missile or an unmanned vehicle swarm) could conceivably provide reconnaissance support for other weapons within a raid, such as by exposing itself to early detection and neutralization by the defender in order to provide its compatriots with an actionable targeting picture via a data link. An advanced weapon might alternatively be connected by data link to a human controller who views the weapon’s onboard sensor data to designate targets for it or other weapons in the raid, or who otherwise determines whether the target selected by the weapon is valid. While these approaches can help improve a weapon’s ability to correctly discriminate valid targets, they will nevertheless still lead to ordnance waste if the salvo is directed against a decoy group containing no targets of value. Likewise, as all sensor types can be blinded or deceived, a defender’s ability to thoroughly inflict either outcome upon a scout weapon’s sensor package—or a human controller—could leave an attacker little better off than if its weapons lacked data link capabilities in the first place.

We should additionally bear in mind that the advanced multi-band sensors and external communications capabilities necessary for a weapon to serve as a scout would be neither cheap nor quickly producible. As a result, an attacker would likely possess a finite inventory of these weapons that would need to be carefully managed throughout a conflict’s duration. Incorporation of highly-directional all-weather communications capabilities in a weapon to minimize its data link vulnerabilities would increase the weapon’s relative expense (with further impact to its inventory size). It might also affect the weapon’s physical size and power requirements on the margins depending upon the distance data link transmissions had to cover. An alternative reliance upon omni-directional LPI data link communications would run the same risk of eventual detection and exploitation over time we previously noted for active sensors. All told, the attacker’s opportunity costs for expending advanced weapons with one or more of the aforementioned capabilities at a given time would never be zero.[vi] A scout weapon therefore could conceivably be less expendable than an unarmed unmanned scout vehicle depending upon the relative costs and inventory sizes of both.

The use of networked wide-area sensing to directly support employment of long-range weapons could be quite successful in the absence of vigorous cyber-electromagnetic (and kinetic) opposition performed by thoroughly trained and conditioned personnel. The wicked, exploitable problems of contact classification and identification are not minor, though, and it is extraordinarily unlikely any sensor-to-shooter concept will perform as advertised if it inadequately confronts them. After all, the cyclical struggle between sensors and countermeasures is as old as war itself. Any advances in one are eventually balanced by advances in the other; the key questions are which one holds the upper hand at any given time, and how long that advantage can endure against a sophisticated and adaptive opponent.

In part three of the series, we will consider how a force network’s operational geometry impacts its defensibility. We will also explore the implications of a network’s capabilities for graceful degradation. Read Part Three here.

Jon Solomon is a Senior Systems and Technology Analyst at Systems Planning and Analysis, Inc. in Alexandria, VA. He can be reached at jfsolo107@gmail.com. The views expressed herein are solely those of the author and are presented in his personal capacity on his own initiative. They do not reflect the official positions of Systems Planning and Analysis, Inc. and to the author’s knowledge do not reflect the policies or positions of the U.S. Department of Defense, any U.S. armed service, or any other U.S. Government agency. These views have not been coordinated with, and are not offered in the interest of, Systems Planning and Analysis, Inc. or any of its customers.

[i] David S. Alberts, John J. Garstka, and Frederick P. Stein. Network Centric Warfare: Developing and Leveraging Information Superiority, 2nd Ed. (Washington, D.C.: Department of Defense C4ISR Cooperative Research Program, August 1999), 32-34, 103-105, 250-265.

[ii] For some observations on the idea of network-enhanced systems, see Owen R. Cote, Jr. “The Future of Naval Aviation.” (Cambridge, MA: Massachusetts Institute of Technology Security Studies Program, 2006), 28, 59.

[iii] Solomon, “Defending the Fleet,” 39-78. For more details on Soviet anti-ship raiders dependencies upon visual-range (sacrificial) scouts, see Maksim Y. Tokarev. “Kamikazes: The Soviet Legacy.” Naval War College Review 67, No. 1 (Winter 2013): 71, 73-74, 77, 79-80.

[iv] See 1. Jonathan F. Solomon. “Maritime Deception and Concealment: Concepts for Defeating Wide-Area Oceanic Surveillance-Reconnaissance-Strike Networks.” Naval War College Review 66, No. 4 (Autumn 2013): 88-94; 2. Norman Friedman. Seapower and Space: From the Dawn of the Missile Age to Net-Centric Warfare. (Annapolis, MD: Naval Institute Press, 2000), 365-366.

[v] Solomon, “Defending the Fleet,” 94-96.

[vi] Solomon, “Maritime Deception and Concealment,” 95.