a systems analysis of u.s. army operations in cyberspace
TRANSCRIPT
A Systems Analysis of U.S. Army Operations in Cyberspace
by Thomas P. Dirienzo
B.S. in Computer Science, May 2004, United States Military Academy
A Thesis submitted to
The Faculty of The School of Engineering and Applied Science
of the George Washington University in partial fulfillment of the requirements
for the degree of Master of Science
August 31, 2015
Thesis directed by
Julie J. C. H. Ryan Associate Professor of Engineering Management and Systems Engineering
ii
Acknowledgements
I would like to express my sincerest appreciation to my advisors Dr. Stephen Chaney
and Dr. Julie Ryan, as well as to Phil Sisson, Ian Hall, Nathan Krishnan, and Keith
Thomas. Surely, without their guidance and assistance this endeavor would not have
been possible.
iii
Abstract
A Systems Analysis of U.S. Army Operations in Cyberspace
Operations in and through the Cyberspace Domain are transforming the ways in
which the U.S. Army must conduct Unified Land Operations. The Army is reorganizing
to address the convergence of combined arms maneuver, electromagnetic spectrum
activities, and cyberspace operations. This paper provides a structural analysis of the
cyberspace domain in relation to the functions of the U.S. Army. The research goal is to
provide a construct that the Army may use to better visualize functions, understand
interactions of land and cyber, and organize effectively for operations.
This research effort required the application of multiple research methods. A
historical evaluation of the air and space domains provides insights for cyberspace as it
relates to domains. An evolutionary view of the ‘cyberspace domain’ reveals an
operational definition of the term. Decomposing domain elements using ontological
methods provided a structural framework for discussing the cyberspace domain. Finally,
applying systems modeling methods provides an organizational understanding of the
cyberspace domain.
Critical findings of this research include the need to better understand the future of
convergence within the information environment, including cyber and electromagnetic
operations. This research suggests that might be best guided through integration group
strategies. This would require designating operations that fall into these categories as
Information Technology Operations, and broadening the definition of the cyberspace
domain. Redefining the cyberspace domain to the area of responsibility that supports
information technological elements used to effect information systems would account for
iv
this understanding. Aligning to reflect this view would also improve the military’s
current organizational design to properly resource the domain with the required
professionals.
v
Table of Contents
Acknowledgements ........................................................................................................... ii Abstract ............................................................................................................................. iii
List of Figures .................................................................................................................. vii List of Tables .................................................................................................................. viii
Glossary of Terms ............................................................................................................ ix List of Acronyms ............................................................................................................... x
Chapter 1 – Introduction .................................................................................................. 1 1.1 Statement of the Problem ......................................................................................... 1 1.2 Organization of the Document ................................................................................. 1 1.3 Background .............................................................................................................. 2 1.4 Purpose ..................................................................................................................... 3 1.5 Significance .............................................................................................................. 3 1.6 Scope and Limitations .............................................................................................. 3 1.7 Summary of Findings ............................................................................................... 4
Chapter 2 - Literature Review ......................................................................................... 6 2.1 Understanding the Battlespace ................................................................................. 6 2.2 The Environment vs. The Domain ........................................................................... 8 2.3 An Ontological Approach ...................................................................................... 14
Chapter 3 - Research Methods ...................................................................................... 17 3.1 Research Goal ........................................................................................................ 17 3.2 Research Questions ................................................................................................ 17 3.3 Research Analysis Approach ................................................................................. 17
Chapter 4 - Evolving the U.S. Army’s Operations in Cyberspace ............................. 19 4.1 Understanding Military Domains Through Historical Analysis ............................ 19
4.1.1 The Air Domain .............................................................................................. 19 4.1.2 The Space Domain .......................................................................................... 21 4.1.3 A Domain Comparison ................................................................................... 26 4.1.4 The Cyberspace Domain ................................................................................. 27
4.2 A Systems Analysis of Cyberspace Through an Ontology .................................... 30 4.2.1 A Conceptual Domain Model ......................................................................... 30 4.2.2 Web Ontology Language and Metamodel ....................................................... 32 4.2.3 OWL’s Analysis Capabilities ......................................................................... 35
4.3 Integration of U.S. Army Operations in Cyberspace ............................................. 41 4.4 Organizational Integration of the U.S. Army Cyberspace Design ......................... 43
Chapter 5 - Conclusion ................................................................................................... 47 5.1 Findings .................................................................................................................. 47 5.2 Recommendations .................................................................................................. 49 5.3 Conclusion ............................................................................................................. 51 5.4 Areas for Additional Research ............................................................................... 52
vi
Bibliography .................................................................................................................... 54 Appendix A ...................................................................................................................... 62
Appendix B ...................................................................................................................... 64 Appendix C ...................................................................................................................... 67
Appendix D ...................................................................................................................... 68
vii
List of Figures
Fig. 1: Physical vs. Information Environment (Paul et al., 2013) .................................... 10
Fig. 2: Traditional Military Domains vs. the Cyber Domain (Paul et al., 2013) .............. 11
Fig. 3: Information Environment ...................................................................................... 13
Fig. 4: Layered Ontology (Semy et al. 2004) ................................................................... 15
Fig. 5: Systems Engineering V-Methodology .................................................................. 18
Fig. 6: Triggering Events in Cyberspace .......................................................................... 29
Fig. 7: Military Cyberspace Domain Model ..................................................................... 31
Fig. 8: Cyberspace Taxonomy Viewed in Protégé Ontology Editor ................................ 33
Fig. 9: Ontology Object Properties ................................................................................... 34
Fig. 10: Linking Ontology Instances ................................................................................ 34
Fig. 11: OWL Query Command ....................................................................................... 36
Fig. 12: OWL Query Results ............................................................................................ 36
Fig. 13: Electronic Device Link ........................................................................................ 38
Fig. 14: Equivalency Statements Added to a Class in OWL ............................................ 38
Fig. 15: OWL Generated RDF XML Elements ................................................................ 39
Fig. 16: Results of Running HermiT Reasoner on Ontology ............................................ 40
Fig. 17: Visual Interpretation of HermiT Reasoner .......................................................... 40
Fig. 18: Cyber/EW Threshold (Pavadore, 2013) .............................................................. 42
Fig. 19: Overlapping Network Warfare and Defense Tasks ............................................. 63
Fig. 20: Matrix Organization (Ancona et al., 2009) ......................................................... 64
Fig. 21: C/EM Expertise Map (C/EM Contest 2010) ....................................................... 66
viii
List of Tables
Table 1: Example Network Warfare Soldier Tasks .......................................................... 67
Table 2: Example Network Defender Tasks ..................................................................... 67
ix
Glossary of Terms
“Cyber Electromagnetic Activities (CEMA): activities leveraged to seize, retain, and exploit an advantage over adversaries and enemies in both cyberspace and the electromagnetic spectrum, while simultaneously denying and degrading adversary and enemy use of the same and protecting the mission command system (ADRP 3-0). CEMA consist of cyberspace operations (CO), electronic warfare (EW), and spectrum management operations (SMO)” (FM 3-38, 2014). “Cyberspace: is a global domain within the information environment consisting of the interdependent network of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Operations in cyberspace contribute to gaining a significant operational advantage for achieving military objectives” (JP 3-12, 2013). “Cyberspace Operations: the employment of cyberspace capabilities where the primary purpose is to achieve objectives in or through cyberspace. Cyberspace operations consist of three functions: offensive cyberspace operations, defensive cyberspace operations, and Department of Defense information network operations” (JP 3-0, 2011). “Information Environment: the aggregate of individuals, organizations, and systems that collect, process, disseminate, or act on information. This environment consists of three interrelated dimensions, which continuously interact with individuals, organizations, and systems. These dimensions are the physical, informational, and cognitive” (JP 3-13, 2012). “Information Operations: the integrated employment, during military operations, of information related capabilities in concert with other lines of operation to influence, disrupt, corrupt, or usurp the decision making of adversaries and potential adversaries while protecting our own” (JP 3-13, 2012). “Operational Environment: is a composite of the conditions, circumstances, and influences that affect the employment of capabilities and bear on the decisions of the commander. It encompasses physical areas and factors (of the air, land, maritime, and space domains) and the information environment (which includes cyberspace)” (JP 3-0, 2011). Operational Definitions: Domain: is that which consists of all operational activities and responsibilities related by closely associated knowledge specialties, technologies, and organizational processes associated with an environment. Cyberspace Domain: the area of responsibility that supports information technological elements used to effect information systems. Desired effects can be systems or people that transmit, receive, store, or manipulate equipment, or processes, that depend on the information systems.
x
List of Acronyms
ADRP Army Doctrine Reference Pubication ARCYBER Army Cyber ARPA Advanced Research Projects Agency BFO Basic Formal Ontology BG Brigadier General CCRP Command and Control Research Program CBA Capabilities Based Assessment CYBERCOM Cyber Command CEMA Cyber Electromagnetic Activities CO Cyber Operations DoD Department of Defense DOTMLPF Doctrine, Organization, Training, Materiel, Leadership, Personnel, and Facilities DHS Department of Homeland Security DA Department of the U.S. Army EMS Electromagnetic Spectrum EMSO Electromagnetic Spectrum Operations EW Electronic Warfare FM Field Manual FSO Full Spectrum Operations IO Information Operations ITO Information Technology Operations IRC Information-Related Capabilities JP Joint Publication JOPP Joint Operation Planning Process MI Military Intelligence NASA National Aeronautics and Space Administration OWL Web Ontology Language RDF Resource Description Framework SWRL Semantic Web Rules Language SC Signal Corps SPARQL Simple Protocol and RDF Query Language SPIN SPARQL Inferencing Notation SMO Spectrum Management Operations SUMO Suggested Merged Upper Ontology UML Unified Modeling Language XML Extensible Modeling Language
1
Chapter 1 – Introduction
1.1 Statement of the Problem The U.S. Army requires a detailed understanding of the cyberspace domain in order
to effectively integrate land and cyber operations. This paper uses a logic-based
approach to develop a standardized ontology and establish a foundation for understanding
Cyberspace Operations.
1.2 Organization of the Document The first chapter is an introduction to the topic of cyberspace as it relates to the U.S.
Army, and the associated problem statement. In Chapter 1, the background is identified
and the purpose and scope of the research are described. Lastly, a summary of the
findings are detailed.
The second chapter is a review of the current literature related to the research, first
focusing on the military’s organizational history within cyberspace. Next, focus is given
to the significant distinctions between a ‘domain’ and an ‘environment’. With this
understanding, a description of the evolution of the cyberspace domain is provided and
closes by suggesting the need to refine the service’s current understanding of the domain
with a visual representation. In chapter three the research goals and research methods of
the thesis are presented. As well as questions to be answered through the systems
analysis of the cyberspace domain.
Chapter four begins with an analysis of the air and space domains to better understand
the linkage to that of the cyberspace domain. From this understanding, a more detailed
definition of the military domain is provided. To support the expanded boundaries of the
definition offered, the chapter applies a systems analysis of cyberspace by decomposing
2
its functions using a domain ontology. Lastly, insight is given into organizational
necessities for cyberspace based on this decomposition.
Chapter Five concludes with the findings of the thesis and provides subsequent
recommendations, with insights given to motivate the relevance of the topic.
Conclusions are drawn from the research and areas for future studies are offered.
1.3 Background The military operates in the four physical domains of air, land, maritime, and space;
and one virtual domain: cyberspace. These domains are relatively easy to understand
because they are based on physical traits, such as oceans and landmasses. Cyberspace is
different. It includes aspects that are physical (servers, cables, antennas) but also aspects
that transcend physical aspects. The distinction of cyberspace as a military domain
emphasizes its significance, and the critical nature with which cyberspace interacts with
other domains.
The Army developed the LandCyber Whitepaper to recognize the rapid convergence
of, effects between, and areas of overlap in the cyberspace and land domains. Integrating
cyberspace capabilities into the U.S. Army’s warfighting functions is pivotal to the
success of the LandCyber solution. The premise for this framework is the converging
direction of land with cyberspace operations. This convergence further creates
interdependence in both domains, increasing the intricacy of operations.
To manage this difficult problem, it is necessary to understand not only the areas of
convergence, but use these areas to maximize effects in the domain. Supporting this
integration relies on a greater understanding of the constitution of the cyberspace domain
so as to be able to support the transformation. An ontology offers a valuable way of
3
understanding the cyberspace domain and provides a systematic approach for
standardizing the domain through a ‘computational logic-based language’ (OWL, 2012).
1.4 Purpose The challenges associated with this research included language, intricacy, and
newness. The purpose is to provide a construct that the Army will use to better visualize
functions, understand interactions of land and cyber, and organize effectively for
operations. The research, therefore, aids in determining how to effectively organize,
train, and equip forces for cyberspace operations.
1.5 Significance The U.S. Army is rapidly integrating cyberspace capabilities into its domain, while
technology advances at the pace of Moore’s Law. The ontological model introduced in
the research provides a systematic method for interrogating and cataloguing our
knowledge of cyberspace. Expanding and formally adopting this type of model would
create a standard for which to measure domain knowledge from and against. This
standardization aids in such things as capability gap analysis and the development of
Army Universal Task Lists, while also providing a repository to build on for further
analysis.
1.6 Scope and Limitations The scope of this research on cyberspace from a systematic point of view is to make
recommendations for various aspects of U.S. Army doctrine, organization, and training
within the informational environment. The systems engineering decomposition is limited
to the strategic level in order to keep the research bounded to a manageable pursuit.
Also, this research does not attempt to make a full Doctrine, Organization, Training,
Materiel, Leadership, Personnel, and Facilities (DOTMLPF) study of the cyberspace
4
domain, however, the recommendations have implications on specific aspects of the
DOTMLPF framework.
In decomposing the domain, a model is developed and it is suggested to establish a
formalized ontological model in this fashion. Within the context of the modeling and
analysis the research is limited to the first principles examination of tasks, functions, and
services of the cyberspace domain.
The development of a standardized and widely accepted ontology is a significant
undertaking. This research seeks to capture the intricacies of the domain adequately to
demonstrate why the capabilities of an ontology offer a preferred solution. The research,
therefore, does not offer a comprehensive ontology, but rather a model to build from in
pursuing that endeavor.
1.7 Summary of Findings It is a conclusion of this research that the Army is using the build, assess, build
methodology for defining cyber operations. This domain must undergo a continuous
development and refinement process in order to keep up with the changes in technology
and our enemies’ tactics, techniques, and procedures. The military must also doctrinally
define a ‘domain’ to properly distinguish it from an operational ‘environment’.
Subsequently, they should redefine the cyberspace domain to account for its significance
on all technical operations within the information environment.
To clearly understand the boundaries, a formal ontology should be created for the
domain using a structured model. An ontological method provides a representation of a
complex domain. This representation not only aids in a domain understanding, but also
grounds the knowledge of cyberspace and its interrelationships in a rich logic-based
model.
5
The parameters in the cyberspace model are substantiated in a description of the
properties as Information Technology Operations (ITO). Combining Field Manual (FM)
3-36 and FM 3-38 under FM 3-12 would support this grouping. Utilizing areas of
information technological convergence will help identify the multidisciplinary necessities
required for the U.S. Army’s implementation of the LandCyber framework. Lastly, the
military’s organizational design should utilize techniques to properly leverage resources
within this domain.
6
Chapter 2 - Literature Review
2.1 Understanding the Battlespace Maximizing the military’s effectiveness in cyberspace makes understanding required
cyber related capabilities and the means of achieving them an ongoing issue. Increased
awareness of the effects of cyber operations on physical domains, most notably toward
critical infrastructures, necessitates an escalation of effort within the DoD and other
governmental agencies. While those more familiar with cyberspace operations have long
voiced concern over potential large-scale cyber related incidents, only as of late has the
DoD taken significant steps towards protecting against these threats and closing gaps in
operational capabilities.
The evolution of the Department of Homeland Security’s (DHS) Cyber Security
Division over the past decade provides a case study in the government’s struggles to
properly resource for cyber security. The turnover rate amongst Division Chiefs
precipitated largely from concerns of bureaucratic infighting over organizational power
struggles and an inability to receive proper legislative attention (Halliday 2014, Gorman
2009, Lemos 2004). Despite recognizing the ability for significant impacts in
cyberspace, government funding for cybersecurity could not keep pace with the rapidly
advancing technology, creating a capability gap in the nation’s defense.
Aside from ongoing command and control issues between executive departments, the
emphasis on cyber security is at the forefront of policymakers’ minds. In a time of a
shrinking defense spending, the requested $5.5 billion for cybersecurity budget represents
one of the few areas of growth in the 2016 defense budget (McLeary 2014, Sternstein
2015). While funding for military operations in cyberspace is faring better than most
7
other defense appropriations, properly integrating operations into the military structure
continue (Freedberg, 2014).
With the Defense Department’s role in cyberspace evolving, so too is their
understanding of the battlespace itself. As Colonel Olen Kelley discussed in his research
at the U.S. Army War College, the military’s 2001 joint publication on operations
described cyberspace within the five warfighting domains of air, land, sea, space, and
information (Kelley, 2008). This distinction originated from a Command and Control
Research Program (CCRP) conducted in 2001, which contextualizes the aspects of
information as a domain versus an environment (Alberts, et al., 2001). Information as a
domain, however, is what Kelley and others took exception to, asserting that cyberspace
itself is the domain within an information environment.1 The debate over this point is not
one merely of semantics. Understanding the difference between domains and
environment sets the conditions for proper organization and allocation of resources.
Though remaining doctrinally unchanged, the organizational emphasis within the
information environment increasingly went towards that of cyberspace operations,
evidenced by the establishment of the U.S. Cyber Command (CYBERCOM). The focus
on cyberspace as the command perpetuated the assertion that cyberspace constitutes the
emphasis and the actual warfighting domain. The military’s establishment of cyberspace
as an operational domain came officially with the Defense Department’s July 2011
Strategy for Operating in Cyberspace. Strategic Initiative 1 stated the DoD will “treat”
1 Geoffrey F. Weiss USAF “Exposing the Information Domain Myth: A New Concept for Air Force and Information Operations Doctrine.” Air & Space Power Journal 22, no. 1 (2008): 49–62,126. http://proxygw.wrlc.org/login?url=http://search.proquest.com/docview/217773213?accountid=11243. Mr. Weiss argues against the concept of an Information Domain as it bounds the scope of information operations.
8
cyber as an operational domain, making this distinction in order to maximize operations
within it (2011, 5).
As a result, the National Security Strategy formally recognized cyberspace alongside
that of air, land, maritime, and space domain. Though an operational command in 2010,
this initiative formalized CYBERCOM as a Sub-Unified Command responsible for
synchronizing the DoD’s cyberspace operations and delegated the four military service
component Cyber Commands as subordinate (2011, 5). The concept of a cyberspace in
concert with other operational domains, or at least the utility in such a framework draws
question.
RAND Corporation’s Dr. Martin Libicki highlights in his article Cyberspace is not a
Warfighting Domain the discussion behind whether cyber belongs is somewhat
irrelevant, except if its label forces illogical analogies as to its structure and application.
Dr. Libicki argues not against the justification for a domain, but its lack of utility in
helping understand how to conduct operations within it (Libicki, 2012, 322). Thus
cyberspace as a domain can be useful if it helps understand the capabilities, however, the
term cannot be used to connote certain doctrinal or organizational outcomes. More
plainly, the view of cyberspace as a domain helps highlight the significance of operations
within it, though the name itself cannot imply how to operate within it.
2.2 The Environment vs. The Domain Furthering an understanding of the boundaries to cyberspace aids in properly scoping
the areas of operations. Recent widespread attention on cyberspace, however, has also
fostered broad generalizations and often misuse of the term, making the establishment of
a widely agreed upon operational definition difficult. The former Operations Director for
9
Cyber Command, Major General (Ret.) Brett T. Williams, instead created four axioms
that succinctly categorize cyberspace and the role it plays.
Three of the four axioms are most applicable in this context, with the first criticizing
the term Cyberwar as an unproductive word as it detracts planning for Full Spectrum
Operations by promoting a narrow view of conflict (Williams, 2014).2 This tends to draw
policy makers and planners out of strategic and into tactical level of decision-making.
Similarly, the second axiom recognizes that the Joint Operation Planning Process (JOPP)
and current doctrine sufficiently facilitate strategic level planning and operations
(Williams, 2014). Lastly, the fourth axiom recognizes that the misuse of the word
‘cyber’ largely contributes to the difficulty in establishing a common operating picture.
MG Williams clarifies that cyber is neither a verb nor a noun and such usage promotes a
singular vision of offensive cyber operations, as opposed to an integration of all
capabilities (Williams, 2014).
Mentioned previously, the lack of a concise understanding of cyberspace is furthered
when aligning doctrine such as JP 3-0 with the 2011 Strategy for Operating in
Cyberspace. The lack of doctrinal distinction in transitioning from an information
domain, to a cyber domain within an information environment causes the often
mistakenly interchangeable usage. Furthering the difficulty in understanding the
differences is the military’s lack of a formal definition for a ‘military domain’ (Paul et al.,
2013).3
2 The term “Full Spectrum Operations” is no longer doctrinal, however, the point remains that this level of thinking pulls planners away from strategic and operational level thinking into more tactical planning. 3 Though each individual domain has a definition according to JP 1-02. There is still no definition of what an actual domain is. The definition’s, in fact, add more confusion as it suggests little distinction to that of an environment ie. Air Domain: The atmosphere, beginning at the Earth’s surface, extending to the altitude where its effects upon operations become negligible.
10
A RAND Corporation study identifies the difficulties in differentiating between an
environment and a domain, offering succinct depictions to help distinguish. The easiest
way to conceptualize the physical military environments is as the actual atmospheric,
maritime, terrestrial, and space boundaries they encompass (Fig. 1).4 The shapes
demonstrate the physical borders of the environments and their relation to the others.
The tangential relationship of the environments is representative of physical boundaries,
as with that of the sea and a shore or air and space. The information environment,
however, is not of a physical nature, but rather nodes that act on information across those
traditional environments (JP 3-0, 2013).
Fig. 1: Physical vs. Information Environment (Paul et al., 2013)
Utilizing an understanding of operational environments, therefore, allows for a better
supposition of the scope of military domains. As Paul et al. highlight, the doctrinal usage
4 In fact JP 1-02 DoD Dictionary of Military and Associated Terms also identifies an EM environment and a CBRN environment, but for these environments are the widely held terminology when discussing environments in relation to domains.
11
of military domains suggests it is “broader than the environments and are areas of both
operation and responsibility.” Fig. 2 captures this relationship as the domains are
overlaid as ellipses on the environments. The overlapping ellipses connote each service’s
primary responsibility in their environment, while also operating in others. The U.S.
Army, for example, is executor for the terrestrial environment, but its aviation
components are responsible for and operate in the atmospheric as well. The cyber
domain therefore overlaps all domains and connects the nodes of the information
environment. This again suggests a domain encompasses more than its physical
environment, but their similarities explain the terms are incorrect and often synonymous
misuse. Based on this assessment, for this research, an operational definition for domain
is that which consists of all operational activities and responsibilities related by closely
associated knowledge specialties, technologies, and organizational processes associated
with an environment.
Fig. 2: Traditional Military Domains vs. the Cyber Domain (Paul et al., 2013)
12
An understanding of the information environment and the cyber domain provide a
clearer picture of the capabilities they contain, though it is still important to differentiate.
Doctrinally, cyberspace operations are simply categorized as those operations that seek
objectives in or through cyberspace (JP 3-0, 2011). This condition, like the term
cyberspace, perpetuates ambiguity. Attempts to differentiate between cyberspace and
information operations are important in framing the boundaries of the cyber domain,
however, their convergence within this battlespace makes it difficult.
Information operations (IO) are characterized as capabilities such as public affairs,
civil military operations, and strategic communication that either support decision-
making or negatively impact that of our adversaries. The information environment itself
is described as the interaction of physical, cognitive, and informational dimensions.5 The
physical dimension is the material infrastructure, while the informational encompasses
means for which information is utilized (ie. collected, stored, processed), and the
cognitive represents the thought process of those who use the information (JP 3-13, I-2).
Unlike physical environments, as JP 3-13 highlights, IO does not constitute the control of
specific information-related capabilities (IRCs), but combines them to maximize combat
effectiveness. Therefore, information-related capabilities in IO are the means of
influencing target audiences in Fig. 3.
5 “Unfortunately, few people outside the IO community understand the definition—and even fewer…understand how these diverse disciplines are theoretically combined into an effective IO plan. At the service level, each branch understands the term differently—with more or less emphasis based on the individual service competency or viewpoint. For example, most soldiers think of IO as influence operations, and PSYOP is predominant. For the Air Force, it’s mostly about CNO...” (Beebe, 2009 cited in Paul et al. 2013)
13
Fig. 3: Information Environment
Joint Publications 3-0 Operations, 3-12 Cyberspace Operations, and 3-13 Information
Operations distinguish between the specific capabilities, however, they still elude an
accurate representation of cyber operations’ interdependencies as part of IRCs described
within JP 3-13. Prior to 2011, when cyberspace operations remained within the
information domain the construct in Fig. 3 had more validity. With the new doctrine of
JP 3-12 still lacking an operational definition of a domain, cyberspace now represents
operations outside the scope of Information Operations. Rather than establishing a
holistic account of the new domain, attempts to merge concepts of both publications
cause problems in trying to define where cyberspace begins and ends.
As addressed in JP 3-12, Cyber Operations (CO) can be conducted as a stand-alone
capability; however, integrating IRCs are necessary in order to accomplish full spectrum
operations. The publication, however, makes a distinction between CO from that of
Information Operations in cyberspace. As previously stated, CO can be considered the
14
use of cyberspace to provide effects across the physical and cyber domains. Compare
this with Cyber Information Operations, which is a function of integrating IRCs to
achieve desired effects. Therefore, cyberspace is a domain for IRCs in cases of military
deception, psychological operations, public affairs etc. when conducted through that
medium.
This raises a logic question: is the current terminology of IRCs, particularly
electromagnetic spectrum operations, part of cyberspace? If the answer is ‘yes’ then the
domain does not account for them and if ‘no’, the question becomes, what domain
accounts for these actions? This paper intends to show that these functions do belong in
the cyber domain. This will not only account for how to integrate these capabilities, but
also broaden the service’s understanding of cyberspace.
2.3 An Ontological Approach An ontology is a rich visual expression of definitional concepts (Vickery, 1993,
277). An ontological method is a process of categorization to determine ‘what is’ of a
domain. This discipline seeks to represent ‘individuals’ as they exist in reality in order
formulate conclusive classifications of complex structures. In computer science an
ontology is this expression encoded in a way humans can process it, typically using some
form of logic (Horrocks et al., 2004). For this research the term ontology is as used in the
computer science form.
The product of an ontology should result in a clear definition and a common
vocabulary of a domain. A meaningful ontology also relates individuals and events,
allowing individuals to draw inferences from such relationships. Additionally, it
provides a means for applying enhanced reasoning, as well as a visual representation of a
structure. Because of these outputs, the process is beneficial in providing domain
15
terminology that seeks to avoid an “idiosyncratic lexicon” (Mandrick, 2011). In this
manner, the ontological method is useful as a standardized and iterative approach in
categorizing the complexities of cyberspace.
Top-level ontologies are the most basic categories of an entity, while domain
ontologies are mid-level and more specific as they branch from the upper level (Semy et
al. 2004). More specificity allows for greater detail of a structure and better visualization
of interrelations that make up the domain (Fig. 4). These levels should not be confused
with the high and low-level designs of the Systems Engineering V-Methodology.
Fig. 4: Layered Ontology (Semy et al. 2004)
Surveying authoritative references, such as joint doctrinal publications, to provide inputs
for the ontology provides a way of focusing the scope of a domain (Obrst et al., 2012, 2).
These publications offer written expressions of definitions, descriptions, and relations by
subject matter experts, or at a minimum the approved view. One method for establishing
measures of effectiveness for domain ontologies are to place questions about the domain
into five categories: General, Organizations & Agents, Processes, Products & Outputs,
and Purposes (Mandrick, 2011). This framework aids in decomposing the domain and
classifying entities and events by ‘type’ or ‘role’. For example, a house is a ‘type’ of
16
facility and can have certain properties that distinguish it from other types of facilities
(Obrst et al. 2012, Mandrick 2011).
The numerous doctrinal publications on cyberspace make it rich in resources, yet its
intricacy leaves it difficult to comprehend. The lack of a formal process for defining the
‘what is’ of cyberspace makes an ontological approach an appealing option. In
particular, the convergence of cyber-electromagnetic activities has been discussed in
current Army doctrine surrounding the cyberspace domain using definitions in natural
language. These definitions are challenging for a human to understand, visualize, and
validate. Additionally, computers do not understand natural language well.
The value of this framework, therefore, is in standardizing the definitional process to
adhere to a two-part principle. The first part of the definition references the individual’s
parent class such as a building be a type of facility. The second part distinguishes the
entity from individuals in the class as would be distinguishing a house from a hospital
(Mandrick, 2011). As Dr. Mandrick suggests, the process must be iterative, but the value
gained is a systematic approach for which to continuously improve. The final phase in
creating a repeatable process for an ontology is to govern the domain and revise it based
on expert elicitation. The governance of the domain is necessary for maintaining
integrity of the domain by establishing decision authority, adjudication issues, and
change management (Mandrick, 2011).
17
Chapter 3 - Research Methods
3.1 Research Goal The research utilizes systems engineering practices to understand the convergence of
operations within the cyberspace domain in order to discover ideas, constructs, and
opportunities, to assist integration efforts. The research goal is to provide a construct that
the Army will use to better visualize functions, understand interactions of land and cyber,
and organize effectively for operations.
3.2 Research Questions The following questions are answered by systematically exploring an aspect of the
research question to arrive at an answer. Answering each question builds to a final
conclusion that provides a greater understanding of the cyberspace, than offers ways of
optimally organize to support this new understanding:
How does the establishment and consideration of cyberspace as an operational
domain contribute towards maximizing its potential in military operations?
What insights are gained through a systems perspective of the Cyberspace Domain?
How can the cyberspace domain be modeled to contribute to the understanding of the
domain?
How can capabilities be grouped to maximize potential in cyberspace?
3.3 Research Analysis Approach This thesis utilizes the V-Life Cycle System Engineering Methodology as a
framework for conceptualizing the given problem and generating solutions (MITRE SE
Guide, 2014, 2). This approach is most often used in software development, but works
well as an approach for guiding this research. These levels of design are again different
from the ontology levels and are not intended to correlate.
18
Fig. 5: Systems Engineering V-Methodology
The Literature Review in Section 2 is a review of cyberspace as a system, and
understanding its general organization through an analysis of the environment and
domain. The focus of Section 4.1 is to understand from a High Level Design of "how we
fight" and organize in domains by using the air and space domains as reference. In
section 4.2 a functional decomposition of cyberspace is conducted using the ontological
method. Applying an understanding of this decomposition in Section 4.3, solutions are
developed to properly group these individual functions. Building on this grouping than
allows for an analysis on how to develop this construct in Section 4.5. Lastly, utilizing
an understanding of the organizational needs, Section 5 is a final analysis to offer the
appropriate organizational integration to support this construct.
19
Chapter 4 - Evolving the U.S. Army’s Operations in Cyberspace
4.1 Understanding Military Domains Through Historical Analysis
“Air power has rudely upset the traditions of the older services…In the future, no nation can call itself great unless its air power is properly organized and provided for, because air power, both from a military and economic standpoint, will not only dominate the land but the sea as well.”(Mitchell, 1926, x)
4.1.1 The Air Domain
Milestones within military aviation provide context into the evolution of cyberspace
as a warfighting domain. This passage from by Brigadier General (BG) William
Mitchell’s 1926 book proved prescient in artfully capturing the future of aviation. There
are significant parallels in this statement to many echoes of today, particularly when
discussing the rapid advancements in cyberspace that require skilled and dedicated
professionals.
BG Mitchell was an early pioneer in military aviation development. By the end of
World War I he commanded all U.S. air forces in Europe (Mitchell, 1926). Throughout
the war, he observed the speed with which aeronautical technology was progressing and
understood the effects these advancements would have on military operations. Following
the war he became extremely outspoken of the military’s need to modernize its structure
to prepare for the forthcoming transformation in military affairs. Equally important,
Mitchell understood the commercial impact that aviation would have in the development
of nations. This convergence of military and economic stability, through air power,
captures the focus within the information environment towards cyberspace operations, as
it is intrinsically tied with a nation’s success.
From the onset of airplane flight, the military sought to integrate this capability into
military operations. In 1912, Congress appropriated its first major funding for an
aeronautical section organized under the U.S. Army’s Signal Corps branch, becoming the
20
Air Service in 1919 (Prince, 2014). By the end of World War I, airplanes could execute
fairly complex “dog fights” and reconnaissance missions, but saw limited progression in
air to ground integration, leaving many unconvinced of the effects air power would have
on warfare (Tate, 1998, 2).
By 1920, with a peacetime defense budget and significant cuts to the military, the air
forces went from 178,149 to 8,428 enlisted personnel (Prince, 2014). Over the next
several years a debate ensued. The majority holding a view that much like artillery,
aviation would always be in support of ground forces and thus should remain in the U.S.
Army (Tate, 1998, 13; Stavridis and Weinstein, 2014). In 1921, BG Mitchell sought to
prove the contrary by demonstrating how aircraft could be used to destroy “unsinkable”
vessels by sinking a captured German battleship.
This demonstration should have impressed upon senior U.S. Army and Navy leaders
the nascent capabilities of air power. Though popular opinion began to recognize this, it
did little to sway military opinion. In a Joint Board Report by ranking active U.S. Army
and Navy officers they concluded that though capable of being sunk by airpower, the
battleship remained the backbone of the Navy, thus required stronger defense for
protection (Tate, 1998, 17). Military leaders prevailed and the Air Corps Act of 1926
created the U.S. Army Air Corps, giving control of military aviation to the U.S. Army
(Tate, 1998, 47). This represented not only resistance by senior leaders to promote
cultural change, but also the lack of responsiveness such large organizations can have
toward change. (Stavridis and Weinstein, 2014).
The conduct of World War II proved most of what Mitchell stated of the effect rapid
technological advances in aircraft would have on warfare. Twenty years after the
21
publication of his assertion, legislation recognized it in the creation of Department of the
Air Force under the National Security Act of 1947 (Stavridis and Weinstein, 2014). As
stated, the establishment of the Air Force did not uniquely identify an air domain; rather
it was the military’s way to “react logically to changes in state and non-state behavior”.
The capabilities itself escalated to a point, likely prior to World War II, when it became a
warfighting-substantiated domain.
Summarizing the brief history leading up to this point can be characterized in three
periods: 1900s-1919 Basic Capabilities, 1920-1935 Technological Advancements, and
1936-1945 Warfighting Substantiated. In the early 1900s airplanes became viable tools
for integration in military operations. By the end of World War I, air warfare established
tactics and capabilities to substantiate a role in military operations, yet lacked the
technology to clearly define its future. Advancements in the 1920s demonstrated not
only the art of the possible for air warfare, but also the speed with which the technology
progressed. As Sheldon and Gray observe, the development of air power is the first
domain that saw the practice of theorizing about its application during its evolution.
4.1.2 The Space Domain Though cyberspace often draws parallels to the origins of air power, the organization
for space operations more closely reflects the military’s evolution for operations in
cyberspace. Space and cyberspace remain organized as unified and sub-unified
commands within the military, unlike a service specific component established for air
power. While the Cold War space race generally dominates concepts of space history,
viewing spaced-based assets as a means for information related capabilities is more
explanatory of the military’s evolution (Launius, 2011). Though not widely recognized,
22
space-based capabilities are integral and widely applied in military operations (Zubrin,
2011).
Management of space activities predates the establishment of the Air Force, as the
Security Act of 1947 assigned the U.S. Army and Navy joint responsible for the
environment. By 1950, all three services had independent space programs pursuing
similar interests. However, the successful launch of the Soviet’s Sputnik I Satellite in
1957 made clear the U.S.’s need to escalate efforts (Barker, 2006, 3). In response,
President Eisenhower signed the National Aeronautics and Space Act of 1958, founding
government structures for the current national space program (Boehm et al., 2000).
The movement towards centralizing the DoD space research and development started
in 1958, with the establishment of the Advanced Research Projects Agency (ARPA)
(Boehm et al., 2000). The rationale for ARPA was to eliminate interservice rivalries and
duplications of effort. However, reliance on service specific expertise and personnel
resulted in 80% of its funding going to the Air Force. With the founding of the National
Aeronautics and Space Administration (NASA), ARPA lost its brief role as centralized
agency and thus many of its programs (Spires, 1998, 58).
In a 2000 commission to assess U.S. Space Management and Organization, staff
member Bill Savage identified the U.S. military’s integration of space as three eras:
1960-1974 Basic Capabilities, 1976-1990 Connecting Users, and 1991-2000 Battlefield
Integration (Savage, 2000). The first era, Basic Capabilities, of space integration saw a
declining U.S. Army program though it was technically the first U.S. agency in space.
The introduction of new organizations wrested control of U.S. Army assets, and an
escalation in Vietnam detracted focus (Boehm et al., 2000). By the second era,
23
Connecting Users, space capabilities began fulfilling a growing number of land-based
needs in the form of intelligence and communications, the U.S. Army regained space
research activities.
This progression continued and by 1985 an U.S. Army space study made
recommendations for effectively conducting space operations, including the creation of
an U.S. Army Space Command. This led to the establishment of the U.S. Army Space
Agency, which would become U.S. Army Space Command (Mitchell, 1991). By the
third era, Battlefield Integration, an U.S. Army review board on organization and
management recommended the consolidation of skills and functions. This resulted
USARSPACE combining with U.S. Army Strategic Defense Command to form the
Space and Strategic Defense Command. This would eventually become a major U.S.
Army command as the Space and Missile Defense Command (Boehm et al., 2000).
Like the U.S. Army, the first era of space operations saw a decline in the Navy’s role
in space programs with many scientists and engineers being transferred to NASA (Stares,
1985). By the second era they too began to develop a unique space mission, namely to
gain information superiority through strategic communications (Boehm et al., 2000). To
better consolidate organizations the Navy created Naval Space Command in 1983, and to
facilitate new research they created the Naval Center for Space Technology in 1986
under the Naval Research Laboratory (Savage, 2000).
The Air Force’s heavy involvement in Intercontinental Ballistic Missiles and NASA’s
reliance on the Air Force for space boosters, protected them from the same
cannibalization of programs and personnel as their sister services (Barker, 2006). Despite
losing satellite reconnaissance programs in 1960 with the establishment of the National
24
Reconnaissance Office, the Air Force’s first era in space saw them emerge as the
“executive agent” for the military’s space development.
Even with the Air Force’s rapid growth in infrastructure, the decision to consolidate
under a single command did not come about until the second era. With growing scrutiny
from Congress on the DoD’s management of military space operations as well as internal
Air Force studies recommending unifying operations, the Air Force established their
Space Command in 1982. By 1985, in large part from President Reagan’s Strategic
Defense Initiative and the growing role of all services in space systems, DoD established
the U.S. Space Command as the centralized entity (Barker, 2006).
By the “Battlefield Integration” era, space assets became integral to military
operations, highlighted with Desert Storm in 1991 being dubbed the space war for its
effect on the battlefield (Burgess, 1991 cited in Dolman et al., 2011). Whereas only 5%
of aircraft were capable in Desert Storm, by the next Iraq war reliance on space
capabilities grew exponentially and nearly all aircraft were equipped (Cooper et al.,
2011). Space operations have proven vital to military operations, yet experts like Dr.
Dale Hayden still posit, “…whether space has been involved in warfare long enough to
observe best practices?”
In comparison to air power, many wonder where the Mitchell’s of space are, and what
a comprehensive universal space theory would look. As they point out, space is still
quite young and there is simply not enough history to draw upon from our largely
uncontested use of it (Gray and Sheldon, 2011). Though the Cold War and the evolution
of space provide valuable lessons, the main point is that the domain has enjoyed
25
superiority and thus has eluded a comprehensive strategy. It is perhaps too hard to
determine from what point of observation space capabilities are at.
Though arguably lacking as much practical perspective to draw from as air power, the
long history of organizational development for space proves equally fruitful. In 2000 a
Commission deliberated to assess national security space management and organization.
Based on congressionally mandated options for improving management, the commission
arrived at three synthesized courses of action: Transition/Executive Agent, National
Security Space Organization, and Joint options.6
The two organizations most germane to this research are highlighted from each area.
The Transition/Executive Agent option is termed this because it is meant to facilitate a
transition to either a Space Corps or Service. The support for this model is the unifying
need for a holistic view of space programs. Similarly, a joint option would have the same
desired end state, but place that organizational entity in a joint environment (Baker et al.,
2000). The expertise for the field would be absorbed into a joint entity similar to when
NASA took control of all U.S. space programs and personnel.
In a recap ten years on, the original members of the commission weighed in on the
progress since the report. From the overall recommendation of needing a MFP, the
commission described the implementation as a “virtual” MFP that penciled in the
changes to an existing structure (Cambone et al., 2010). By 2006, they noted that any
effort to organize and manage based on the Commission’s finding had completely
vanished, partly due to focus on wars abroad and partly over concern for controlling
costs. Thus, with many becoming increasingly concerned over the “attractiveness” of our
6 The Commission provides no decision of a specific course of action, however, they use each option to represent different aspects of their overall recommendations.
26
space capabilities by our adversaries, the military continues to search for ways to
maximize space operations.
4.1.3 A Domain Comparison An air and space domain analysis elevates the significance of a domain above new
technologies that simply integrate into previously recognized environments. This view
differentiates between the effects of tanks and artillery in advancing warfare from the
effects of aircraft in creating a revolution in military affairs. Recognizing a domain such
as cyberspace, therefore, is acknowledging a technological advancement’s creation of a
new epoch in warfighting. As Admiral (Ret.) Stavridis’ remarks, “Military institutions
do not dictate the degree to which a domain constitutes a venue for warfare; rather,
militaries merely react logically to changes in state and non-state behavior.”
The rapidity at which air power’s organizational changes were seen was due in large
part to the short time span in which air theory, technological evolution, and practical
application all occurred. The realization of air theory in the ‘Third Period’ coincides with
the practical applications in the German Blitzkriegs and Japanese attack on Pearl Harbor.
This “trial by fire” is an important observation, as no other domain theories has had the
luxury of being put into practice and refined through observation in such short order.
Though predictions during the second period of the air domain generally held, the
ability for airpower to completely dominate warfare did not. Col (Ret) John Collins
categorizes those in the “aeronautical school” of thought, such as Gen Giulio Douhet and
BG Mitchell, for incorrectly believing air power alone could supplant all other military
power. Individuals subscribed to this theory believed that airpower would be able to
force any adversary into submission, if left unabated.
27
This theory was also put into practice in World War II through strategic bombing
efforts, with little success. Not to suggest that aerial bombing did not have tactical
successes, only that it failed to support the predictions of the “aeronautical school” in
making protracted combat obsolete (Collins, 2011). Aside from being inaccurate, this
theory underestimated the resilience of populations, not accounting for the difficulty of
delivering a “decisive attack” on critical infrastructures.
The space race provides the closest relation to that of the operational employment of
aircraft in World War II, and by no coincidence the space domain saw the most
significant changes in its organizational structure. In the initial launch of satellite
technology, space substantiated its future as a warfighting domain. The triggering effects
in space evolution, however, are more sporadic than that of air power over a longer time
period.
As a direct result, unlike air power, space still struggles to optimally organize. This is
largely from a lack of hindsight which air power benefited from during World War II.
Space capabilities have clearly evolved to become integral to military operations;
however, the space domain has not been contested in a manner demanding an
organizational reaction. Though space lacks the experience of being cycled through full
scale capacity testing as a major war provides, implementing the findings of the Space
Commission would have negated this need.
4.1.4 The Cyberspace Domain Still doctrinally undefined air and space analysis substantiates the definition provided
in this Literature Review, and builds a framework for understanding the cyberspace
domain. A review of conflict in cyberspace tracks similarly to the periods leading up to
the air domain. Jason Healey categorizes the evolution of cyber conflict in three eras:
28
The Realization 1980s-1998, Takeoff 1998-2003, and Militarization 2003-2012 (Healey,
2013).
The Morris Worm, a primary trigger of the first era, was a college prank that ended
up shutting down 10 percent of the Internet (Healey, 2013, 30). This is the first report of
an attack of this magnitude, which also caused significant financial losses. ‘Moonlight
Maze’ highlights the “Takeoff” era, which was the first major incident of cyber espionage
against the U.S. (Healey, 2013). Lastly, “Militarization” saw the biggest advancement of
cyber related events, including large-scale state sponsored espionage.
One of the most notorious incidents in the last era came from a reportedly joint
venture between the U.S. and Israel that implanted the ‘Stuxnet’ virus in an Iranian
Nuclear Centrifuge. This virus was the first attack that resulted in the destruction of a
physical system (Healey, 2013). This period also saw the first highly publicized use of
cyberspace operations during nation-state conflict. In both Estonia and Georgia, either
directly or through proxy, the Russians utilized deliberate means to deny both countries
internet-based services. These incidents are relational in significance to BG Mitchell’s
1921 destruction of sea craft, by demonstrating ‘the art of the possible’. Though one
event on its own does not complete that connection, combine they substantiate Mitchell’s
thoughts.
BG Mitchell demanded recognizing air power, not just for military necessity, but also
for the transformative effects nationwide. Thus, the future wealth of a nation, and its
ability to project power, was inherently tied to the need for air power. This principle
speaks specifically to the significance of cyberspace operations. Rather than looking at
the previous cyber events chronologically, taking them holistically in shaping the facets
29
of a nation in the way BG Mitchell spoke of. As opposed to a trigger, which merely
executes an action, these attacks were “triggering” events, as each event set a precedence
causing a change in behavior.
Decompose a nation broadly as four stakeholders: the public, government, military,
and private organizations. By looking at the aforementioned cyber events across these
areas, each stakeholder has different responses or affected behavior as a result of the
stimulus (Fig. 6). The figure supplicates in kind what BG Mitchell asserted as to the
societal impacts of air power. It also demonstrates that cyberspace-triggering events can
affect all stakeholders, thus substantiating the claim of its own domain.
Fig. 6: Triggering Events in Cyberspace
As earlier discussed, understanding cyberspace as a military domain acknowledges an
epoch in warfighting. Revisiting the introductory questions within the Literature Review,
how do we account for all EMSOs that could also have significant effects within
cyberspace? With a better understanding of a domain in large, specifically this new
domain, the boundaries of cyber must be broadened. Thus, the cyberspace domain is the
area of responsibility that supports information technological elements used to effect
information systems. Desired effects can be systems or people that transmit, receive,
30
store, or manipulate equipment, or processes, that depend on the information systems.7
This definition acknowledges that the domain is broader than the information
environment and an area of both operation and responsibility.
4.2 A Systems Analysis of Cyberspace Through an Ontology The U.S. Army’s LandCyber concept is a framework for understanding how to
leverage the future of cyberspace operations on all aspects of the U.S. Army. This
framework indicates that the U.S. Army is undergoing significant change as a result of
the ever-increasing convergence of cyberspace on land operations. A full understanding
of the effects of cyberspace requires one to look at each domain individually before they
are considered together, but how does one determine the edges of cyberspace’s seemingly
boundless domain? The review of air and space evolution in the previous section offered
insight into the scope and responsibility of military domains. This section focuses on a
systems engineering approach of functionally decomposing cyberspace to answer this
question. A decomposition of cyberspace according to military expressions offers the
properties for a mid-level ontology that can visually and mathematically express the
military’s understanding of this domain.
4.2.1 A Conceptual Domain Model In this section, a conceptual domain model is provided using a simplified version of
the Unified Modeling Language (UML) data-modeling notation. The purpose of a
conceptual model is to show key entities, or classes, and their relationship to one another.
Conceptual models are not in-depth domain models and are meant primarily to help
7 This definition attempts to capture the broader range of operations that are a part of cyberspace, while also highlighting the significance of the domain. The domain pulls from a definition posited by Dr. Stephen Chaney of the U.S. Army Cyber Center of Excellence. “Cyberspace or Cyber is the boundless and interactive technical domain within the Information Environment where Matter and the Electromagnetic Spectrum are used to transmit, receive, store, and/or manipulate data.”
31
engineers and information professionals understand the key concepts of a domain (Bell,
2003).
Fig. 7: Military Cyberspace Domain Model
The terms of significance for constructing this model are drawn from the definitions in
the U.S. military’s manuals for Cyberspace Operations, Cyber-Electromagnetic
Activities, and Electronic Warfare. Based on this interpretation, the model demonstrates
the importance of distinguishing between capabilities, operations, and effects. This
process suggests that Cyberspace Operations and EW/SM Activities are integrated to
create Cyber/EM Operations. Operations employ ‘capabilities’, and these capabilities
create ‘effects’. SM, EW, and Cyber all have subordinate effects, which seek to achieve
an objective through the Cyberspace Domain. The term ‘operation’ is thus used
interchangeably as a function, while an ‘effect’ is a task. Decomposing the doctrine in
this manner shows the necessity for precision in verbiage, while also suggesting the
ability to standardize the language through the use of this type of ontology.
32
4.2.2 Web Ontology Language and Metamodel Fig. 7 above demonstrated a functional decomposition of high-level military related
cyberspace concepts, based primarily on military doctrinal publications. The output of
this process is a diagram a human is capable of reading, showing the concepts and the
relationships between the concepts; however, a diagram of these relationships (or lack of
there of) cannot be readily quantified for analysis. As a human readable diagram, one
can do little if any formal processing of it with a mathematical formula or with a
machine. Therefore, this section presents a transformation of the conceptual model in
Section 4.2.1 into a format that leverages the benefits of a formal computer science based
ontology.8
The Web Ontology Language (OWL), which is part of the semantic web set of
standards, is used as this modeling language or metamodel for the ontology (RDF Primer,
2014). This language was chosen for several reasons including: it is an open standard, it
is capable expressing axioms from set theory and first order predicate logic, and it has
free tooling available (OWL Primer, 2012).
In building this OWL based ontology, additional abstractions from the initial class
model in Fig. 7 have been added, as well as key classes that intersect with the military
doctrinal domain concepts provided. For example, the class ‘InformationArtifact’ was
added with a subclass labeled ‘Software’. Two explicitly declared subclasses of
‘Software’ were created called ‘UserFacingSoftware’ and ‘NonUserFacingSoftware’.
This is visible in the hierarchal decomposition in Fig. 8.9
8 Note that in this paper the author uses a computer science definition of an ontology, here defined as the rich expression of a domain or domains of knowledge that is codified using a modeling language capable of expressing mathematical axioms understandable by a machine, and drawing inferences from these axioms. 9 Note the model’s taxonomy is based on a screenshot from the open source ontology tool Protégé. http://protege.stanford.edu
33
Fig. 8: Cyberspace Taxonomy Viewed in Protégé Ontology Editor
Additionally, the ontology’s object properties are seen in Fig. 9 below. Object properties
in OWL are binary relationships that connect two individuals (Guus and Raimond, 2014).
Object properties may be thought of a edges of the OWL graph that link two Types, or
nodes, together. A simple example of an object property is ‘hasMother’ and a statement
using this property would be “JohnDoe hasMother JaneDoe” (OWL Primer, 2012).
34
Fig. 9: Ontology Object Properties
Individuals, or instances of the OWL classes, are linked in the ontology to other
individuals using these Object Properties (Guus and Raimond, 2014). Fig. 10 shows the
individual types of ‘Effect’ and ‘Military Objective’ and how they relate to each other
through Object Properties. These are only the explicitly declared relationships. Simple
axioms such as domain, range and inverseOf were also utilized to enforce basic integrity
in the ontology.
Fig. 10: Linking Ontology Instances
35
4.2.3 OWL’s Analysis Capabilities The objective of this section is to illustrate the potential analysis capabilities of using
OWL for the cyberspace model (shown in Fig. 7). This analysis comes in two forms: the
ability to query the model using a standardized query language, and the ability to perform
analysis based on adding “rules” to the model. Based on the implied and specified rules
an inference engine is run over the model to illustrate the ability of the ontology to infer
new concepts not explicitly stated in the ontology.10
4.2.3.1 Querying of the Cyberspace OWL Model A unique and powerful concept of OWL is the metadata in the form of the model’s
schema and semantics. One OWL feature of significance is that both this structural and
semantic metadata, as well as the “instance data”, are all inherently capable of being
queried using an open standard query language called the Simple Protocol and RDF
Query Language (SPARQL) (SPARQL Overview, 2013).11 Executing SPARQL queries
is a simple tool for performing very basic analysis on the cyber ontology.
An example of this is the ability to quickly return all Individuals that are
‘actualizedThrough’ the Individual called ‘LandDomain’ (shown below in Fig. 11). The
output of this query in Fig. 12 demonstrates a powerful way to understand the terms as
well as assertions, or T-box and A-box.12
10 The inference engine is also known as a “reasoner”. In the OWL editors the reasoners, such as HermiT, can be executed on the ontology, which performs a check of any logical incongruences in the model and derives the inferences created. 11 Note that in object oriented languages, objects are “instances of classes”. However, in OWL the equivalent of an instance of a class is called an individual. 12 “Terminology-box (T-box) and Assertion-box (A-box) are terms from description logic. The terminology of a system is defined in a T-Box, and its statements are usually about concepts (sets of objects) and roles (binary relations). A-boxes are about individuals and contain two kinds of different statements: C(a) and R(a,b). C means “concept assertion”, where R is a “role assertion”. Examples look like Man(tom) and Parent(tom,jenny) (Endres-Neggemeyer, 2013, 122).”
36
Fig. 11: OWL Query Command
Fig. 12: OWL Query Results
4.2.3.2 Inference / Reasoning Over the Cyberspace OWL Model The primary benefit of formally modeling a cyberspace ontology in a metamodel like
OWL is the utilization of mathematical concepts and formal logic. OWL supports many
axioms from predicate logic including quantifiers, inverse, transitivity, and symmetry
(Hitzler et al., 2012). This section is a demonstration of predicate logic and rules in
OWL that illustrate effective ways to accurately understand cyberspace concepts, while
also visualizing areas of convergence discussed in this paper. The aforementioned
Semantic Web stack of standards and technologies support a formal Rules language
known as the Semantic Web Rules Language (SWRL) (Horrocks, 2004). SWRL was not
37
used in this paper due to the paper’s narrow objectives and scope expressed earlier. The
following case therefore illustrates a sample analysis strictly using existing OWL axioms
and a publicly available reasoner plugin to the Protégé tool.
To simplify the modeling process, parameters were created to facilitate
demonstrations of the capabilities of OWL: the first of which was using single
inheritance for explicit subClassOf and type declarations. Here it is important to note
that the author is using the term “explicitly declared” to mean what the author directly
modeled. This contrasts with reasoned or inferred statements in the model where the
reasoning engine has discovered statements not explicitly declared. Thus the cyberspace
ontology ‘classes’ and ‘individuals’ explicitly declared statements (or triples) were
modeled using single inheritance. For example, the ‘CyberAttackEffect’ class is
explicitly declared as a subclass of the ‘CyberEffect’ class. OWL would allow the
modeler to explicitly declare ‘CyberAttack’ as a subclass of ‘n’ number of other classes
as well, such as a subclass of ‘MilitaryCapability’. Though perhaps intuitive to those not
familiar with the modeling process, it quickly becomes dense in even small models.
Utilization of a separate set of “analysis classes” that is treated solely as a collection
of classes that function as sets defined in Set Theory (Bargaria 2014, Hitzler et al. 2015).
Henceforth these shall be called “analysis classes”. These analysis classes are empty sets
with no explicitly declared elements. However, the elements of the sets are populated
temporarily, purely through inference over the model. The analysis via inference is able
to occur because these analysis classes are defined by criteria in the form of logical
38
statements using OWL’s predicate logic axioms. Fig. 13 shows ‘AN_ALQ-
184ElectronicAttackPod’ as explicitly declared in the cyberspace ontology.13
Fig. 13: Electronic Device Link
A subclass category called ‘PhysicalCyberspaceAsset’ was added to the ontology, as
noted earlier, purely as an analysis tool. There are no explicitly declared individuals in
this ‘PhysicalCyberspaceAsset’ class.14 Fig. 14 shows the equivalency statements added
to the ‘PhysicalCyberspaceAsset’ class, and the default results in Protégé.
Fig. 14: Equivalency Statements Added to a Class in OWL
Specifically, these equivalency statements are serialized as OWL Resource Description
Framework (RDF) Extensible Modeling Language (XML) elements shown in Fig. 15.
The reasoner is then run, using the HermiT reasoner Protégé plug-in, with the results in
13 For the readers’ reference, the AN_ALQ-184ElectronicAttackPod is typically known as an electronic counter measure device: http://www.raytheon.com/capabilities/products/alq184/. 14 Ontology development best practice would not include a class like this in the ontology itself, but instead would declare the analysis class in a different ontology, and then import it into the cyberspace ontology.
39
Fig. 16.15 In this example, the reasoner, or inference engine, executed the logic declared
in the ontology and inferred that the ‘AN_ALQ-184ElectronicAttackPod’ is an inferred
individual in the ‘PhysicalCyberspaceRelatedArtifact’ class. A way of interpreting this is
represented in Fig. 17.
Fig. 15: OWL Generated RDF XML Elements
15 “HermiT is a reasoner for ontologies written using the (OWL). Given an OWL file, HermiT can determine whether or not the ontology is consistent, identify subsumption relationships between classes, and much more.” Available at http://hermit-reasoner.com.
40
Fig. 16: Results of Running HermiT Reasoner on Ontology
Fig. 17: Visual Interpretation of HermiT Reasoner
Thus the initial cyberspace model introduced helps portray the relation between
cyberspace operations and electromagnetic activities. The analysis capabilities offered
by OWL could then further interpret the means by which these classes interact with one
another. The results produced offer a visual understanding to the question raised in the
41
Literature Review, as to the relation between Cyberspace and EMSO: “is the current
terminology of IRCs, particularly electromagnetic spectrum operations, part of
cyberspace?” This is the premise to build on for the reconstruction of the system by way
of Information Technology Operations (ITOs) described in the next section.
4.3 Integration of U.S. Army Operations in Cyberspace The U.S. Army’s LandCyber concept is a framework for understanding how to
leverage the future of cyberspace operations on all aspects of the U.S. Army. The
LandCyber Paper captures eight aspects of convergence as a framework to guide
solutions for transformation, two of which have significance in this discussion. The first
defines the convergence of the Electromagnetic Spectrum (EMS) and cyberspace
operations (CO). This is “the point where cyberspace operations access the EMS to
utilize code and data across wireless communication technologies and systems”
(LandCyber, 2013). The second highlights the predominance with which cyberspace has
taken over the information environment. Thus the white paper recognizes cyberspace as
the major medium for exchange within the information environment, yet doctrinally the
concept of convergence needs development to reflect this. Appendix B offers a detailed
practical representation of this concept.
EW and CO are often characterized as two discrete focus areas, however a better way
of conceptualizing this relationship is as a range of operations along the same path, as
presented by Anita Pavadore in Fig. 18.
42
Fig. 18: Cyber/EW Threshold (Pavadore, 2013)
In focusing on the question of how to categorize informational capabilities, they may
be designated as either informational or technical functions (Paul et al., 2013, 9)16.
Differentiating informational capabilities in this way allows those functions that are
technical in nature to reside within the cyberspace domain. Distinguishing between the
informational and technical realm is accomplished by determining the action’s intended
target. Informational functions target people, whereas technical functions target
machines. Because the targets in the informational realm are humans, the critical aspect
is the message itself and not necessarily the medium. However, within the technical
realm, the capability to operate in the medium of exchange determines the appropriate
means for achieving the objective.17
Visualizing these distinctions becomes clear when comparing an example of each
operation. For example, a Public Affairs mission is an IRC, categorized as an
informational function. The success of this type of mission is wholly dependent on the
16 Though these recommendations pertain wholly to information operations, they have significance for effective management of cyberspace operations. Paul et al. designated the distinction as the ‘psychological’ vs. the ‘technical’. However, it is thought to provide more clarity in distinguishing as informational and technical. 17 The study suggests the names to describe such functional areas as Information Technology Operations (ITO) and Inform and Influence Operation (IIO)
43
message having the intended effect on the human target. In contrast, a technical function,
such as a CNO is deemed successful by enjoying the necessary means to execute the
operation on the intended machine or infrastructure. The criticality of success in the
technical realm is combining personnel expertise with the physical capability of
implementation. The capabilities residing within this realm are grouped by the term
Information Technology Operations (ITOs) (Paul et al., 2013)
The characterization as viewed by Paul et al. distinguishes between the “apples” of
the information content with the “apple carts” of the information system. Using these
terms interchangeably would confuse capabilities that generate content with those that
effect actual systems. This recognizes not just the technical or psychological nature of
operations, rather it is fundamental in explaining how to properly group cyberspace
operations in the information environment. This maximizes the converging relationships
of disciplines and integrates missions towards effects-based solutions.
4.4 Organizational Integration of the U.S. Army Cyberspace Design The convergence of ITOs under the broader understanding of cyberspace provides the
framework for how to more effectively organize in a force structure. The military’s
general command organization follows a grouping by output/product. Given its size,
however, grouping varies depending on the level of operations. A strategic perspective
of CYBERCOM’s structure takes the form of a matrix organization, similar to that of
SPACECOM. Knowledge of this design helps understand the strengths of such a
structure, in relation to the desired end state. This translates somewhat differently in a
military perspective, as the goals are different from that of a business. However, it
supports ARCYBER’s relation in reporting to CYBERCOM and the Department of the
44
Army (DA). ARCYBER seeks to maximize its capabilities that most benefit the needs of
the U.S. Army, while integrating through CYBERCOM into the joint environment.
The drawback to this design is the challenge in fulfilling dual roles. If not properly
managed the dual system can lead to redundant practices, unnecessary oversight, and
slow responsiveness to emerging trends (Ancona et. al, 2009). Supporting two entities
can also prove difficult if both are not synced in their goals and objectives. Recalling
ARPA’s struggles during its inception, if one entity is not properly resourced it becomes
obsolete and the benefits of the matrix are negated (see Section 4.1.2). CYBERCOM
does not appear to be headed for the same fate, as efforts for gaining the necessary
expertise are in full effect (Sternstein, 2015). However, the concern over the large
hierarchical design is what draws more criticism.
Among those arguing for a separate cyber service are many who feel the military’s
rigid structure is incompatible with the agile needs of operating in cyberspace.
Furthermore, the culture of ‘flat’ organizations, with more accommodating atmospheres,
is thought to be more appealing to those in technology fields. Appendix B offers a
rebuttal to this, which puts the emphasis on recognizing excellence within technical
career fields.
It is also important for Cyberspace operations, being largely multidisciplinary, not to
typecast into discrete trade fields. Seeking mastery expertise in all areas requires a
significant amount of time invested in an individual. Investing time towards grooming
technologists is also in the fabric of the military. The United States Military Academy
was founded on that same need from the Army in bridging a capability gap of qualified
engineers for a rapidly advancing field. With some of the brightest thinkers supporting
45
the military’s technological pursuits, its structure is compatible for supporting
technologists. This is already being placed into practice with DoD attempts at locating
operations in Silicon Valley, and recruiting through colleges for the brightest engineers
(Zacharia, 2015).
At greater odds than recruitment, however, remains the ability for the services to
integrate and operate under a unified command. These organizational issues appear akin
to ARPA being unable to centralize space operations. Instead it required the
establishment of NASA to centralize operations by taking over a majority of the
programs. Furthermore, service specific operations in space evolved out the capabilities
necessary for each service. Similar to the current constructs like aviation, where each
service acquires aircraft that best support their needs. Cyberspace operations, rather,
have evolved based on each component’s ability to expand its application. The
cyberspace model, applied to air power, would have each service competing to acquire
similar but distinct aircraft. Given cyberspace’s impact across all domains, it is not
without reason for each service to maintain a presence; much like their capabilities across
all domains. This still necessitates a true unity of command.
With the formal declaration of a cyberspace domain and the natural analogies of it to
the other physical domains, the next logical progression is the ideation of a domain
specific military service to maximize operations. The backdrop for this assertion is not
only based in reasoning by comparison, but also in the lack of organization for
cyberspace operations to fit in the current service structure. Ltc Gregory Conti and Col
John Surdu are the first to publish their opinions on the matter. In their article, the first
point of contention is that none of the services, by their nature, hold any part of their
46
overall mission within this domain (Conti and Surdu, 2009). A counterargument to this is
that all services now operate in the fifth domain and many of their operations are
becoming dependent on it. The proposed model, however, would not be unlike other
current cross-domain operations, analogous to the U.S. Army’s extensive operations in
the air domain with its fleet of rotary wing aircraft.
The need for a dedicated cyber service can be perceived as a biased desire coming
from those currently serving in cyber related billets. There are senior leaders at the
highest levels of the military that also share this view, as former NATO Supreme Allied
Commander Adm. (Ret.) James Stavridis echoed a similar sentiment. This discussion
over a separate military component for cyberspace is akin to the air domain’s evolution in
establishing the Air Force.
At this point in observation of the domain, it is more beneficial to look at ways of
maximizing operations from within (Sternstein, 2015). As recognized with the space
commission, though a service component might be the inevitable progression, there is no
expedient method of implementation without first defining and progressing toward a
transition path. The intricacies associated with this extend beyond organizational issues
into the ability to effectively manage the coordination and integration across varying
career fields. This problem speaks to a need for more robust engineering management
within the cyberspace domain. By recognizing the demand of supporting a technical
field, these professionals are educated and trained specifically to manage technical
organizations and complex technical projects to achieve desired end states.
47
Chapter 5 - Conclusion
5.1 Findings Analyzing air power’s evolution as a warfighting domain provided insight into
operations in the cyberspace domain. Close analysis revealed similar challenges between
air and cyberspace in introducing rapidly advancing technology and operating in a new
environment. These rapid changes quickly impacted both the organization and operations
of the other military domains in order to properly adapt. A critical insight from this
analysis is that the U.S. Army should not only expect changes to its organization, but it
also should explore how to best organize to facilitate transition into these design
evolutions.
Many discussions of the cyber domain quickly cite the evolution of air power to draw
a logical conclusion on the need for a cyber service. The development of air power does
afford useful insight into the need for transformational change in response to rapidly
evolving technology. Though, understanding cyberspace relationally through the
evolution and historical context of air power cannot itself be justification for a given
course of action.
As noted in a similar assessment on managing the space domain, a separate military
service option may be inevitably be a preferred course for the future. However, the
current requirements and force structure does not support that model. The establishment
of an air service became the most desired organizational design given the requirements
for air power, and the military’s capacity to support those requirements. The
requirements for the military’s operations in cyberspace, much like the space domain, is
not yet deemed at a point in which the benefits of a separate service outweigh the cost of
implementation.
48
U.S. space history provides valuable insight into organizational development and
management. The challenges in finding the best organizational solutions for maximizing
space efforts are fertile ground for applying lessons learned towards cyberspace. One
option may be to establish a commission similar to that of the Space Commission
discussed in Section 4.1.2 to assess the cyberspace domain's organization and
management, and issue recommendations. Though the impetus to create a separate
“cyber service” has yet to occur, by focusing on optimally organizing within the current
structure this would allow the domain to mature. Thus, facilitating the transformation
toward a mid and long-term desired organizational design.
Formal domain models, in the form of ontologies modeled in languages such as
OWL, are a powerful tool in understanding and defining a domain of knowledge,
especially a new and somewhat intangible domain such as cyberspace. These models, if
structured correctly, promise the ability to facilitate more objective and verifiable
decisions making about the objective and scope of cyberspace.
The convergence in cyberspace should be based on this domain as “the most
operational form of the information environment” (LandCyber, 2013). Echoing Paul et
al., cyber network operations and electronic warfare should converge towards sharing the
same people and processes. Grouping those information capabilities that belong as ITOs
helps distinguish operations to better support convergence. In contrast to this grouping,
the current separation of FM 3-36 and FM 3-38 makes it more difficult to support
convergence.
A review of the military’s current organizational design in cyberspace provides
insight on the ability to properly resource the domain. Hierarchical design is not often
49
conducive to the speed of operations within cyberspace. However, based on this
research, it is the opinion of the author that the military is still adequately equipped to
field the services with the necessary professionals. To succeed in cyberspace, the
military would benefit from properly evolving as a technical organization with strong
integrative management. To accomplish this the military should consider incorporating
the successful attributes of other large technical organizations to properly recruit and
cultivate the requisite talent.
The recent Defense efforts to leverage civilian expertise within cyberspace are
examples of the proper measures to account for the transformational effects of the cyber
domain on the services. The military is accustomed to supporting technologists within its
organization, however, incorporating them into particular career fields is more difficult.
This revolves around balancing the ability of civilians to conduct operations under
military authority. To properly source cyberspace career fields it is important to
understand what areas demand the most significant skill sets and foster that development
through similar processes for other high demand areas. Utilizing areas of information
technological convergence will help identify the multidisciplinary necessities required for
the U.S. Army’s transformation into LandCyber convergence.
5.2 Recommendations The U.S. Army should operationally define a ‘domain’. The term is too often
misused or used interchangeably with an environment. As derived from this research, a
suggested definition would be: a ‘domain’ is that which consists of all operational
activities and responsibilities related by closely associated knowledge specialties,
technologies, and organizational processes associated with an environment. The usage of
50
the term ‘domain’ is significant, but failing to use the word properly leads to misplaced
notions of implementation.
Subsequently, based on this research a revised definition of the cyberspace domain is
also offered as: ‘the area of responsibility that supports information technological
elements used to effect information systems. Desired effects can be systems or people
that transmit, receive, store, or manipulate equipment or processes that depend on the
information systems.’ Failing to refine the definition will continue to stovepipe an
understanding of the broader capabilities that exist within it.
Due to the widespread confusion and misunderstanding of cyberspace, the Army
would benefit from developing a systematic process for understanding the domain.
Given an ontology focuses on determining ‘what is’ of a domain through a visual and
logic based-model, this approach offers an apt solution for better understanding
cyberspace. Using an ontology offers not only a visualize representation of the domain,
but grounds the doctrine in a logical, reasoned structure.
Lastly, the term ‘information technology operations’ (ITO) should be utilized to
describe those operations that exist within cyberspace. This will guide organizational and
doctrinal changes to account for the full spectrum of cyberspace operations caused by
convergence. To support convergence and the premise of ITOs, FM 3-36 and 3-12
should be combined to establish holistic and unified operations. This action is not to
suggest that all tasks overlap, and it would certainly cause the size and scope of the
manual to increase. Yet, failing to do this would continue creating duplications of effort
and disjoint operations.
51
5.3 Conclusion Doctrinally the physical domains have been coined “God given”, whereas cyber is a
new environment of man’s creation (DoD Cyber Strategy, 2011). While this offers more
fuel for debates, the realization of the two previous domains did little to shape the way in
which they evolved. Creating this division already mischaracterizes their differences, for
as displayed, all domains are of a natural state. We merely attempt to logically react to
changes in the technological behavior within each. As exemplified, the technical
advancements of airplanes did not require the establishment of the Air Force; rather its
creation came into fruition through a realization of the most effective way to manage this
capability.
More precisely, there was a widespread failure to understand the transformational role
that air power would have on how each service operates. Viewing the future of U.S.
Army operations through the lens of the LandCyber framework shows that senior leaders
recognize this important lesson. The unknowns of operating in this domain are indicative
of its intricacy. Broadening the precepts of the cyber domain increases the scope of
responsibility. However, understanding convergence provides a path towards a unifying
effort, both in capability and end state, to offer full spectrum solutions to difficult
problems. Recognizing that operations within the information environment are
converging in cyberspace, the U.S. Army can use this to guide how they organize,
manage, and train in this domain. Developing written expressions into visual reasoned
based models, such as an ontology, aids in creating a repeatable process that helps
understand this.
52
5.4 Areas for Additional Research The findings in this paper offer many additional areas for research. These areas
include: additional detailed ontology development on specific cyberspace concepts, an
analysis of the value and challenges of mapping to a formal upper ontology, an
investigation on the feasibility of using a formal rules language, such as the Semantic
Web Rules Language (SWRL) or the SPARQL Inferencing Notation (SPIN) for
improved logical and business rules driven understanding of the cyberspace domain, and
an analysis on the results of the 2000 Space Commission
The ontology developed for this paper was a high level ontology of the general
cyberspace domain and was focused on ontology universals not ontology particulars.
Therefore, additional research should be done into more detailed domains within
cyberspace such as cyber defensive operations, cyber offensive operations, electronic
counter measures and electro-magnetic warfare. This would facilitate a broader visual
understanding of the relationship between detailed domain concepts as well as the query,
analysis and inference capabilities described in this paper.
There are currently many formal upper ontologies such as the Suggested Upper
Merged Ontology (SUMO), the Basic Formal Ontology (BFO) and Gist. Research
should be done on the value of building formal cyberspace ontologies that derive off a
formal upper ontology. This would be in depth research that would require expert
elicitation in both cyberspace and ontology. The acceptance of this cyberspace model
could standardize the military’s understanding of the relationships between operational
tasks and capabilities.
This paper demonstrated the potential of using rules and inferencing in a cyberspace
ontology. Additional research opportunities exist in building out more detailed rules and
53
evaluating more advanced capabilities of inferencing. Specifically, the SWRL and SPIN
languages should be evaluated to facilitate building out cyberspace logic and business
rules and subsequently the potential for cyberspace inferencing capabilities should be
more fully detailed.
Lastly, the results of the 2000 Space Commission provide several pertinent ideas for
organizing in cyberspace to prepare for transition. An in depth analysis of these courses
of actions with how they would be applied in cyberspace can prove of great value. Of
particular focus would be the recommendations for a ‘Corps’ structure similar to the
Army Corps of Engineers, or a structure similar to the Navy’s Nuclear Propulsion
Program structure.
54
Bibliography
Alberts, David S., John J. Garstka, Richard E. Hayes, and David A. Signori. “Understanding Information Age Warfare” CCRP, (2001). http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA395859 (accessed January 20, 2015).
Alexander, David. “Pentagon to Treat Cyberspace As Operational Domain.” Reuters.
(Last modified 2011). http://www.reuters.com/article/2011/07/14/us-usa-defense-cybersecurity-idUSTRE76D5FA20110714 (accessed January 20, 2015).
Allen, Thomas J, and Ralph Katz. “The Dual Ladder: Motivational Solution or
Managerial Delusion?” R&D Management 16, no. 2 (1986): 185–197. http://dx.doi.org/10.1111/j.1467-9310.1986.tb01171 (accessed January 20, 2015).
Ancona, Deborah G., Thomas A. Kochan, Maureen Scully, Jon Van Maanen, and D.
Eleanor Westney. “Managing for the Future: Organizational Behavior & Processes”. 3rd ed. Cincinnati, OH: South Western College Pub. (2009). Print.
Baker, Craig, Joshua Boehm, Stanley Chan, and Mel Sakazaki. “A History of US
National Security Space Management and Organization”, (2000). http://fas.org/spp/eprint/article03.html#3 (accessed March 20, 2015).
Bagaria, Joan. "Set Theory", The Stanford Encyclopedia of Philosophy (Winter 2014
Edition), Edward N. Zalta (ed.), plato.stanford.edu/archives/win2014/entries/set-theory/. (accessed July 25, 2015).
Bell, Donald. “UML Basics: An Introduction to the Unified Modeling Language.” IBM
Technical Library (2003). http://www.ibm.com/developerworks/rational/library/769.html. (accessed July 20, 2015).
Barford, Paul, Marc Dacier, Thomas G. Dietterich, Matt Fredrikson, Jon Giffin, Sushil
Jajodia, Somesh Jha, et al. “Cyber SA: Situational Awareness for Cyber Defense.” Advances in Information Security 46 (2010): 3–13. http://www.afcea.org/events/augusta/14/documents/T2S2AFCEATechnetCyberRequirements.pdf (accessed Feb 22, 2015).
Burgelman, Robert A., Dennis L. Carter, and Raymond S. Bamford. “Intel Corporation :
The Evolution Of An Adaptive Organization Epoch I : Intel The Memory Company, 1969-1985.” Stanford Business Case Study, Case No. SM65 (1999): http://www.gsb.stanford.edu/faculty-research/case-studies/intel-corporation-evolution-adaptive-organization (accessed November 16, 2015).
55
Butler, Sean C. “Refocusing Cyber Warfare Thought.” Air and Space Power Journal 27 (February 2013): 44–57. http://www.au.af.mil/au/afri/aspj/digital/pdf/articles/Jan-Feb-2013/F-Butler.pdf (accessed February 20, 2015).
Caton, Jeffrey L. “Army Support of Military Cyberspace Operations: Joint Contexts and
Global Escalation Implications.” Strategic Studies Institute (2015). http://www.strategicstudiesinstitute.Army.mil/pubs/display.cfm?pubID=1246 (accessed November 16, 2015).
Chang, Welton, and Sarah Granger. “Warfare in the Cyber Domain.” Air and Space
Power Journal (2011): 1–10. http://cnponline.org/p/air-and-space-power-journal-warfare-in-the-cyber-domain/ (accessed February 22, 2015).
Chen, Thomas M. “An Assessment of the Department of Defense Strategy For Operating
in Cyberspace.” Strategic Studies Institute. Vol. I, (2007). http://www.carlisle.Army.mil/ssi (accessed February 20, 2015).
Cilluffo, Frank J, and Joseph R Clark. “Preparing For Netwars: Repurposing Cyber
Command.” Parameters 43(4) 2, no. 2 (2013). http://www.strategicstudiesinstitute.Army.mil/pubs/Parameters/issues/Winter_2013/11_CilluffoandClark.pdf (accessed February 22, 2015).
Clayton, Mark. “Pentagon Unveils Its New Cyberstrategy. Well, Some of It, Anyway.”
Christian Science Monitor. Last modified 2011. Accessed January 19, 2015. http://www.csmonitor.com/USA/Military/2011/0714/Pentagon-unveils-its-new-cyberstrategy.-Well-some-of-it-anyway (accessed January 19, 2015).
Collier, Zachary a., Igor Linkov, and James H. Lambert. “Four Domains of
Cybersecurity: A Risk-Based Systems Approach to Cyber Decisions.” Environment Systems and Decisions 33 (2013): 469–470 http://download v2.springer.com/static/pdf/965/http://link.springer.com/article/10.1007%2Fs10669-013-9484-z (accessed February 22, 2015).
Conti, Gregory, and John Surdu. “Army, Navy, Air Force, and Cyber — Is It Time for a
Cyberwarfare Branch of Military?” IA Newsletter 12, no. 1 (2009): 14–18. http://iac.dtic.mil/csiac/download/Vol12_No1.pdf (accessed January 27, 2015).
Cordray III, Robert, and Marc J. Romanych. “Mapping the Information Environment.”
IOSphere Joint Information Operations Center (2005): 7–10. http://www.au.af.mil/info-ops/iosphere/iosphere_summer05_cordray.pdf (accessed January 25, 2015).
Davis, Stanley M., and Paul R. Lawrence. “Problems of Matrix Organizations.” Harvard
Business Review. Last modified 1978. https://hbr.org/1978/05/problems-of-matrix-organizations (accessed February 24, 2015).
56
Easterly, Jen. “Cyber Warriors Despite an Inhospitable Culture.” Smallwarsjournal.com 07 (2010). http://smallwarsjournal.com/jrnl/art/recruiting-development-and-retention-of-cyber-warriors-despite-an-inhospitable-culture (accessed February 4, 2015).
Endres-Niggemeyer, Brigitte. “Semantic Mashups: Intelligent Reuse of Web Resources”.
Springer, 2013. Print. Erbacher, Robert F, Deborah a Frincke, Pak Chung Wong, Sarah Moody, and Glenn
Fink. “A Multi-Phase Network Situational Awareness Cognitive Task Analysis.” Information Visualization 9, no. 3 (2010): 204–219. http://ivi.sagepub.com/content/9/3/204.abstract (accessed February 4, 2015).
Frank L. Turner III. “The Army in Cyberspace.” Nation Security Watch 14-1, May
(2014): 1–12. (accessed February 26, 2015). Franke, Ulrik, and Joel Brynielsson. “Cyber Situational Awareness – A Systematic
Review of the Literature.” Computers & Security 46 (2014): 41 (accessed February 22, 2015). http://dx.doi.org/10.1016/j.cose.2014.06.008 (accessed February 17, 2015).
Freedberg Jr., Sydney J. “People, Cyber & Dirt: Army & SOCOM’s ‘Strategic
Landpower.’” Breaking Defense. Last modified 2013. (accessed February 5, 2015). http://breakingdefense.com/2013/10/people-cyber-dirt-Army-socoms-strategic-landpower/ (accessed February 4, 2015).
Freedberg Jr., Sydney J. “The Army’s Plan For Cyber, One Bright Spot In Its Budget.”
Breaking Defense. Last modified 2014. http://breakingdefense.com/2014/02/the-armys-plan-for-cyber-one-bright-spot-in-its-budget/ (accessed February 5, 2015).
Gorman, Siobhan. “Cybersecurity Chief Resigns.” The Wall Street Journal. (Last
modified 2009). http://www.wsj.com/articles/SB123638468860758145 (accessed February 22, 2015).
Gould, Joe. “Be an Army Hacker: This Top Secret Cyber Unit Wants You.” Army Times.
Last modified 2013. http://archive.Armytimes.com/article/20130408/CAREERS/304080008/Be-an-Army-hacker-top-secret-cyber-unit-wants-you (accessed February 4, 2015).
Gray, Colin. “Making Strategic Sense of Cyber Power: Why the Sky Is Not Falling.”
Strategic Studies Institute (2013) (accessed February 4, 2015).. Halliday, Josh. “US Cyber Security Chief Quits After Hacker Attacks.” The Guardian.
Last modified 2011. http://www.theguardian.com/technology/2011/jul/26/us-cyber-security-chief-quits (accessed February 23, 2015).
Hayden, Dale L. “The Search for Space Doctrine’s Warfighting Icon.” Air and Space
Power Journal. (December 2014): 55–66.
57
http://www.au.af.mil/au/afri/aspj/digital/pdf/articles/2014-Nov-Dec/V-Hayden.pdf (accessed March 20, 2015).
Healey, Jason. “A Fierce Domain: Conflict in Cyberspace, 1986 to 2012.” (Cyber
Conflict Studies Association, 2013). Print. Headquarters, U.S. Department of Defense. “Department of Defense Strategy For
Operating in Cyberspace.” (2011). http://www.defense.gov/news/d20110714cyber.pdf (accessed January 25, 2015).
Headquarters, U.S. Joint Forces Command “Cyberspace Operations” Joint Publication 3-
12, (February 2013):62. http://www.fas.org/irp/doddir/usaf/afdd3-12.pdf. (accessed February 5, 2015).
_______. “Information Operations.” Joint Publication 3-13. (November 2012).
http://www.dtic.mil/doctrine/new_pubs/jp3_13.pdf (accessed January 20, 2015). _______. “Joint Intelligence Preparation of the Operational Environment.” Joint-
Publication-2-01.3, (June 2009): 285. http://fas.org/irp/doddir/dod/jp2-01-3.pdf (accessed February 5, 2015).
_______. “Joint Operations.” Joint Publication 3-0. (August 2010):1–34.
http://www.dtic.mil/doctrine/new_pubs/jp3_0.pdf (accessed January 20, 2015). _______. “Joint Operations Planning.” Joint Publication 5-0. (August 2011).
http://www.dtic.mil/doctrine/new_pubs/jp5_0.pdf (accessed February 5, 2015). _______. “Space Operations.” Joint Publication 3-14. (May 2013).
http://www.dtic.mil/doctrine/new_pubs/jp3_14.pdf (accessed April 12, 2015). Headquarters, U.S. Department of the Army “Cyber Electromagnetic Activities.” U.S.
Army Field Manual 3-38 (2014). http://armypubs. Army.mil/doctrine/DR_pubs/dr_a/pdf/fm3_38.pdf (accessed January 20, 2015).
_______. “Cyberspace Operations Concept Capability Plan 2016-2028.” TRADOC
Pamphlet 525-7-8, (February 2010). http://www.fas.org/irp/doddir/Army/pam525-7-8.pdf (accessed February 24, 2015).
_______. “The U.S. Army Land Cyber White Paper 2018-2030.” U.S. Army Cyber
Command, (September 2013). http://dtic.mil/dtic/tr/fulltext/u2/a592724.pdf (accessed March 17, 2015).
Hurley, Matthew M. “For and from Cyberspace: Conceptualizing Cyber Intelligence,
Surveillance, and Reconnaissance.” Air and Space Power Journal 26, (December 2012): 12–33 (accessed April 7, 2015).
58
Horrocks, Ian et al. “SWRL: A Semantic Web Rule Language Combining OWL and RuleML”. World Wide Web Consortium. (May 2004). http://www.w3.org/Submission/SWRL/ (accessed July 22, 2015). Hitzler, Pascal, Markus Krötzsch, Bijan Parsia, Peter F. Patel-Schneider, Sebastian Rudolph. “OWL 2 Web Ontology Language: Primer ”. World Wide Web Consortium, 2nd Edition. (December 2012). http://www.w3.org/TR/2012/REC-owl2- primer-20121211/ (accessed July 10, 2015). Kelley, Colonel Olen L. “Cyberspace Domain: A Warfighting Substantiated Operational
Environment Imperative.” United States Army War College, (2008) (accessed March 20, 2015).
Kruse, Keith, Charles B. Cushman Jr., Darcy M.E. Noricks, and Craig Baker. “US Space
Management and Organization: Evaluating Organizational Options.” http://fas.org/spp/eprint/article04/article04.html. (accessed April 11, 2015).
Lemos, Robert. “U.S. Cybersecurity Chief Resigns.” CNET News. Last modified 2004.
http://news.cnet.com/U.S.-cybersecurity-chief-resigns/2100-7348_3-5392501.html (accessed February 22, 2015).
Libicki, Martin C. “Cyberspace Is Not a Warfighting Domain.” Journal of Law and
Policy 8 (2012): 325–336 http://moritzlaw.osu.edu/students/groups/is/files/2012/02/4.Libicki.pdf (accessed January 20, 2015).
Lynn, William J. III. “Defending a New Domain: The Pentagon’s Cyberstrategy.”
Foreign Affairs. Last modified 2010. http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain (accessed February 20, 2015).
Mandrick, William. “A Strategy for Military Ontology” [PowerPoint Slides]. Retrieved from Lecture Notes Online Web site: http://ncorwiki.buffalo.edu/index.php/Ontology_for_Intelligence,_Defense_and_Secu rity (accessed June 15, 2015). McGuffin, C., and P. Mitchell. “On Domains: Cyber and the Practice of Warfare.”
International Journal: Canada’s Journal of Global Policy Analysis 69 (2014): 394–412. http://ijx.sagepub.com/lookup/doi/10.1177/0020702014540618 (accessed February 20, 2015).
Mitchell, Edward John. “Apogee, Perigee, and Recovery: Chronology of Army
Exploitation of Space.” RAND, (1991). http://www.rand.org/pubs/notes/N3103.html (accessed April 20, 2015).
59
Mitchell, William. “Winged Defense; The Development and Possibilities of Modern Air Power - Economic and Military”. New York London: G.P. Putnam’s Sons, (1926). http://hdl.handle.net/2027/mdp.39015064459731 (accessed March 17, 2015).
Murphy, Matt. “Cyberwar: War in the Fifth Domain.” The Economist. (2010).
http://www.economist.com/node/16478792 (accessed January 20, 2015). Obrst, Leo, Penny Chase, and Richard Markeloff. “Developing an Ontology of the Cyber Security Domain.” Seventh International Conference on Semantic Technologies For. Intelligence, Defense, and Security – STIDS 966, (2012): 49–56. http://ceur- ws.org/Vol-966/STIDS2012_T06_ObrstEtAl_CyberOntology.pdf. (accessed June 15, 2015). Paul, Christopher, Isaac R. Porche III, and Elliot Axelband. “The Other Quiet
Professionals: Lessons for Future Cyber Forces from the Evolution of Special Forces”, RAND (2005). http://www.rand.org/pubs/research_reports/RR780.html (accessed February 4, 2015).
Paul, Christopher, Isaac R. III Porche, Elliot Axelband, Michael York, Chad C. Serena,
Jerry M. Sollinger, Endy Y. Min, and Bruce J. Held. “Redefining Information Warfare Boundaries For An Army In A Wireless World” Santa Monica, CA: RAND, 2013. Print.
Pavadore, Anita. “Cyber-EW Techniques for RF Communications”. [powerpoint slides],
Cvber / Electronic Warfare Convergence, Module 2.3: Cyber-EW Techniques for RF Communications, Georgia Institute of Technology Research Institute, Cyber and Electronic Warfare Short Course Class Notes (2015).
Prince, Andrew. “NPR: Evolution Of Military Aviation.” National Public Radio.
http://www.npr.org/news/graphics/2009/mar/flighttimeline/index.html?start=8 (accessed March 17, 2015).
Roberts, Priscilla Mary, and Spencer Tucker. “World War I, 1914-1918—
Encyclopedias”. Santa Barbara, Calif: ABC-CLIO, (2005). http://proxygw.wrlc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=e000xna&AN=140915&site=ehost-live (accessed March 17, 2015).
Robinson, D., and G. Cybenko. “A Cyber-Based Behavioral Model.” The Journal of
Defense Modeling and Simulation: Applications, Methodology, Technology, 9 (2012): 195–203.
Savage, Bill. “Defense-Intelligence Space Integration”, Commission to Assess United
States National Security Space Management and Organization. (2000). http://fas.org/spp/eprint/article01.html (accessed April 11, 2015).
60
Schreiber, Guus and Yves Raimond. “RDF 1.1 Primer”. W3C Working Group, (February 2014). http://www.w3.org/TR/rdf11-primer/ (accessed July 10, 2015). Semy, Salim K., Mary K. Pulvermacher, and Leo J Obrst. “Toward the Use of an Upper Ontology for U.S. Government and U.S. Military Domains An Evaluation.” Mitre Technical Report. (2004). handle.dtic.mil/100.2/ADA459575 (accessed July 12, 2015). SPARQL Working Group. SPARQL 1.1 Overview. W3C Recommendation. (March 2013). http://www.w3.org/TR/sparql11-overview/ (accessed July 10, 2015). Stavridis, James (ADM. Retd), and David Weinstein. “Time for a U.S. Cyber Force.”
U.S. Naval Institute Proceedings. Last modified 2014. http://www.usni.org/magazines/proceedings/2014-01/time-us-cyber-force. (accessed February 4, 2015).
Sternstein, Aliya. “Attention, Cyber Pros: The Pentagon Wants You-3,000 of You.”
Defense One, Last modified 2015. http://www.nextgov.com/cybersecurity/2015/03/pentagon-has-until-2016-extend-3000-jobs-offers-civilian-cyber-whizzes/106842/. (accessed April 24, 2015).
_______. “The Military’s Cybersecurity Budget in 4 Charts.” Defense One, Last
modified 2015. http://www.defenseone.com/management/2015/03/militarys-cybersecurity-budget-4-charts/107679/ (accessed April 12, 2015).
Sy, Thomas, and Laura Sue D’Annunzio. “Challenges and Strategies of Matrix
Organizations: Top-Level and Mid-Level Managers’ Perspectives.” Booz Allen Human Resource Planning 28 (2005): 39. http://www.boozallen.com/media/file/HRPS_Challenges_Strategies_Matrix_Orgs.pdf (accessed February 24, 2015)
Tate, Dr. James P. “The Army and Its Air Corps: Army Policy Toward Aviation 1919–
1941.” Air University Press, (June 1998). http://www.au.af.mil/au/aupress/digital/pdf/book/b_0062_tate_Army_air_corps.pdf (accessed March 17, 2015).
The MITRE Corporation, “MITRE Systems Engineering Guide (SEG),” (2014): 2.
http://www.mitre.org/sites/default/files/publications/se-guide-book-interactive.pdf (accessed August 11, 2015).
Tilghman, Andrew. “Drone Medal Dumped; High-Tech Troops To Be Honored With
Device.” Army Times. Last modified 2013. http://archive.Armytimes.com/article/20130415/NEWS/304150023/Drone-medal-dumped-59-high-tech-troops-honored-device. (accessed February 24, 2015).
61
U.S. Army Training and Doctrine Command Combined Arms Center, Capability Development Integration Directorate “Army Cyber/Electromagnetic Contest Capabilities Based Assessment” (December 2011). https://info.publicintelligence.net/Army-CyberContest-1.pdf (accessed February 28, 2015).
Vergun, David. “Cyber Network Defender MOS Now Open to NCOs.” Army News. Last
modified 2014. http://www.Army.mil/article/123328/ (accessed February 4, 2015). Vickery, B C. “Ontologies.” Journal of Information Science 23 (4) (1997): 277–86.
http://jis.sagepub.com/content/23/4/277.full.pdf+html (accessed August 8, 2015). Weiss USAF, Geoffrey F. “Exposing the Information Domain Myth: A New Concept for
Air Force and Information Operations Doctrine.” Air & Space Power Journal 22, no. 1 (2008):49–62,126. http://proxygw.wrlc.org/login?url=http://search.proquest.com/docview/217773213?accountid=11243 (accessed January 27, 2015).
Williams, Brett T. “The Joint Force Commander’s Guide to Cyberspace Operations.”
Joint Force Quarterly 2nd Quarter, no. 73 (2014): 12–19. http://ndupress.ndu.edu/News/NewsArticleView/tabid/7849/Article/577499/jfq-73-the-joint-force-commanders-guide-to-cyberspace-operations.aspx (accessed February 22, 2015).
62
Appendix A
Drawing from the LandCyber Framework on convergence, a 2013 study from the
RAND Corporation highlighted cyberspace, electronic warfare (EW), and the EMSO are
intrinsically overlapped and converging as Cyber-Electromagnetic Activities (CEMA).
The study similarly used the standard view of a system as elements functioning together
to produce results, or provide a function (Rechtin, 1991). This system’s perspective
allowed for a decomposition of the functions to determine areas of similarity or
convergence (Paul et al., 2013, 46). To demonstrate the LandCyber’s framework of
convergence, the study did an analysis of overlaps in tasks related to EW and EMSO. In
comparing the tasks they asked, “Is this EMSO task involved in accomplishing this EW
task?” and “Is this EW task involved in accomplishing this EMSO task?”18 Of the 435
possibilities their findings suggested an overlap in 106, or 24% of the tasks (Paul et al.,
2013). Therefore to facilitate this convergence they recommended the U.S. Army refine
their doctrinal organization for operations in cyberspace.19
Applying the same methodology and questions, let us now consider the relation, not
in areas of operations, but in the tasks of two potentially different career fields; the first
within the Signal Corps (SC) and the second within Military Intelligence (MI) shown in
Appendix C. The tasks represent an example drawn upon from individual required skills
at the Brigade to Corps level, based on the U.S. Army Universal Task List.20 The results
in Fig. 19 show similarities to the previous study.
18 The phrasing of these questions is significant because convergence and overlap of endstates does not imply the methods of achieving the endstate are the same. As an example, a military task may be to destroy a building. This would require two very different sets of skills if it were to be carried out by a tank versus a plane. 19 The study gave other recommendations that were put into effect. The focus of this section is the areas that still need resolution. 20 http://armypubs.mil/doctrine/DR_pubs/dr_a/pdf/fm7_15.pdf
63
Network Defender Tasks
SC1 SC2 SC3 SC4 SC5 SC6 SC7 SC8 SC9 SC10 SC11
Netw
ork Warfare Tasks
MI1 MI2 MI3 MI4 MI5 MI6 MI7 MI8 MI9 MI10 MI11 MI12 MI13 MI14 MI15 MI16
Fig. 19: Overlapping Network Warfare and Defense Tasks
Calculating the overlap is simply the sum of the tasks with a ‘yes’ answer to the
proposed questions, divided by the total number tasks. The mathematical source for the
calculation of similarity can be understood through the Jaccard Index: 𝐽 𝐴,𝐵 = |!∩!||!∪!|
.
82 of the 176 tasks, or 47%, displayed either direct correlation or represented an area
where one task relied on knowledge of the other. This further supports convergence, but
also draws attention to the training redundancy of two disparate career fields.
Convergence is thus the catalyst to reorganize and integrate operational capabilities.
64
Appendix B
The distinguishing aspect of a matrix organization is that two entities are given equal
value, as seen in Fig. 20 each node within the matrix would be responsible to report to a
business and a function (Ancona et al., 2009). The strength of this design is the ability to
balance two equally important roles: ie. the first node in Fig. 20 would allow an engineer
to maintain technical coordination, while working for Business A.
Fig. 20: Matrix Organization (Ancona et al., 2009)
Large businesses, like the Intel Corporation, disprove the notion that technical
organization cannot succeed under large matrix structures such as these. This is because,
similar to the military, different groupings at different levels achieve the desired endstate.
More importantly, they have organizational practices that promote technical expertise.
An examination of what makes large technical organizations successful offers
opportunity for military application.
Intel’s founding depicts one of the earliest examples of a ‘flat’ organization, born out
of the ambitions of scientists who wanted to leave behind hierarchical and bureaucratic
structures to pursue their true ideals (Burgelman et al., 1999). With the company’s
success came growth, which meant increased organizational structure. In present, the
65
corporation’s size represents something the early founders may have walked away from.
Having its roots as a tech leader, and maintaining that status has helped to recruit and
retain talent. Yet in a time when many technology savvy personnel are often mobile with
their careers, it is also the way in which they support their experts that fosters
commitment.
The concept of a ‘dual ladder’ is nothing new, the term has in fact grown to draw
rebuke for its lofty goals and failure to deliver (Allen et al., 1986). The theory is simple,
the execution difficult; create a career progression for technical positions that can parallel
managerial ones. Intel, however, has been able to prove its feasibility by creating a
system that recognizes the prestige of its experts. As growth during the 1980s led to
cultural changes, implementing a dual ladder did not prove easy (Burgelman et al., 1999).
To do so required not only equal pay, but also recognition of the highest levels of
technical excellence by creating the position of Senior Fellow, on par with that of a
General Manager.21
The military cultural shift would be in applying this same recognition towards highly
skilled positions in cyberspace. This idea, in fact, supports the U.S. Army’s vision for the
technical progression within this field as highlighted in Fig. 21 from the 2010 Cyber
Capabilities Based Assessment (CBA) Contest (U.S. Army, 2010). Furthermore, the
services’ already know how to recruit and incentivize specialty fields. Paul et al. made
this point as an example for similar career progressions in the technology field.
21 These cases suggest that in current discussions, when debating a technologist’s unwillingness to work in a large bureaucratic culture, the cultural lens seems to have more significance than the actual strategic grouping.
66
Fig. 21: C/EM Expertise Map (C/EM Contest 2010)
67
Appendix C
Table 1: Example Network Warfare Soldier Tasks
MI No. MI Task MI1 Analyze a Computer System Architecture MI2 Analyze a Computer Network Architecture MI3 Produce an Assessment of a Target Network Security Posture MI4 Determine an Exploitation Method MI5 Analyze Digital Forensics Data MI6 Perform Basic Analysis of Suspicious Software MI7 Develop a Cryptologic Network Warfare Capability Requirement MI8 Perform Intermediate Analysis of Suspicious Software MI9 Validate an Assessment of a Target Network Security Posture MI10 Collect Digital Forensics Data MI11 Validate Architectural Analysis MI12 Implement an Exploitation Method MI13 Perform Cryptologic Network Warfare Mission Management Functions MI14 Direct Digital Forensics Processes MI15 Draft a Cryptologic Network Warfare Plan MI16 Direct an Exploitation Operation
Table 2: Example Network Defender Tasks
SC No.
SC Task
SC1 Implement Network Protection Measures SC2 Implement Information Assurance Policy SC3 Recognize Electronic Attack (EA) and Implement Electronic Protection (EP) SC4 Establish ECCM Network SC5 Conduct Electronic Counter- Countermeasures (ECCM) Network Controller (ENC)
Operations within the Defense Satellite Communications System (DSCS) SC6 Conduct Cyberspace Operations-Focused Intelligence Preparation of the Environment
Analysis SC7 Identify the basic structure and terminology associated with computer networks and
Supervisory Control and Data Acquisition (SCADA) SC8 Recognize the cyber-focused Intelligence Preparation of the Battlefield processes SC9 Identify DoD’s structural framework for conducting Computer Network Exploitation. SC10 Recognize the relevance of the Joint Operation Planning Process and the Adaptive
Planning and Execution System (APEX) as they apply to Information Operations (IO) and Cyberspace Operations
SC11 React to a Possible Attack on a Government Networked Device
68
Appendix D
The outcome of remaining modularized, and failing to respond to convergence is
represented in the evolution of doctrine and organization in U.S. Army Aviation
operations. The role of U.S. Army helicopters generally took its mission from the design
of each aircraft. Thus an observation helicopter held the role of reconnaissance and an
attack helicopter that of attack operations. A helicopter battalion was constructed by
specific airframe, which can be viewed as a grouping by function. In this case the aircraft
with the role of reconnaissance were grouped together in that function. Though each
aircraft could perform both missions, doctrine split between FM 1-114 Air Cavalry
Squadron and Troop Operations and FM 1-112 Attack Helicopter Operations (FM 3-
04.126, 2007, i). This resulted in not only overlapping doctrine, but also associated
certain mission sets with particular aircraft.
Though both aircraft are mentioned in either manual, the separation promoted a
singular mindset of mission capabilities within each airframe. Greater still, the grouping
caused confusion for external agencies by associating aviation capabilities with specific
aircraft. By having distinguishing manuals this resulted in associating a desired end state
with a particular airframe. As an example, if ground forces needed reconnaissance
conducted they would request an observation platform, as opposed to requesting an effect
and letting planners determine the best allocation for the mission. In 2007 the manuals
combined under FM 3-04.126 Attack Reconnaissance Helicopter Operations, which
reduced redundancy and promoted interoperability of capabilities.
Further similarities are visible when looking at the current organization of an aviation
battalion. In a garrison environment the units are still grouped by airframe type, or
69
functional organization. While in a deployed environment they group in task forces of
various types of aircraft, similar to a product grouping, with the product being full
spectrum aviation operations. Though recent military conflicts have further substantiated
the need to organize as a task force, implementing this construct in garrison has proven
difficult due to established practices. The benefits of grouping by ‘product’ in garrison
operations are outweighed by the ease of continuing with the existing infrastructure.