communication and information systems … · addp 6.0—communication and information systems is...
TRANSCRIPT
ADDP 6.0
Edition 2
COMMUNICATION AND INFORMATION SYSTEMS SERIES
ADDP 6.0 COMMUNICATION AND INFORMATION
SYSTEMS Australian Defence Doctrine Publication 6.0 is issued for use by the Australian Defence Force and is effective forthwith. This publication supersedes Australian Defence Doctrine Publication 6.0—Communications and Information Systems, first edition dated 6 November 2008.
D.J. HURLEY, AC, DSC General Chief of the Defence Force Department of Defence CANBERRA ACT 2600 26 June 2012
ADDP 6.0
Edition 2
© Commonwealth of Australia 2012
This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any process without prior written permission from the Department of Defence.
Announcement statement—may be announced to the public.
Secondary release statement—may be released to the Australian Government Department of Defence, its contractors and their equivalents in the United States, United Kingdom, Canada, and New Zealand, and other Australian Government agencies.
All Defence information, whether classified or not, is protected from unauthorised disclosure under the Crimes Act 1914. Defence information may only be released in accordance with the Defence Security Manual and/or Defence Instruction (General) Operations 13-4—Release of Classified Defence Information to Other Countries, as appropriate.
ADDP 6.0 First edition 2008 Second edition 2012
Sponsor: Head Information and Communications Technology Operations/Strategic J6 Chief Information Officer Group
Developer: Director-General Information and Communications Technology Policy and Plans/Strategic J65 Chief Information Officer Group
Publisher: Director Defence Publishing Service Defence Support Group Defence Publishing Service: DPS: June 2012
ADDP 6.0
Edition 2 iii
FOREWORD
1. Australian Defence Doctrine Publications (ADDPs) and Australian Defence Force (ADF) Publications (ADFPs) are authorised joint doctrine for the guidance of ADF operations. ADDPs are pitched at the philosophical and high-application level, and ADFPs at the application and procedural level. Policy is prescriptive as represented by Defence Instructions, and has legal standing. Doctrine is not policy and does not have legal standing, however it provides authoritative and proven guidance, which can be adapted to suit each unique situation.
2. ADDP 6.0—Communication and Information Systems is the Series 6 fundamental doctrine that provides the philosophical basis for the acquisition, operation and sustainment of Defence’s communication and information systems (CIS) and electromagnetic spectrum (EMS) support to operational capabilities.
3. The aim of ADDP 6.0 is to present a consistent foundation for the planning, capability development, acquisition, in-service management and use of CIS infrastructure and related services by Defence, but specifically for the transfer, management and use of information by the ADF.
4. This publication also provides the necessary linkages between Defence’s Single Information Environment (SIE), Defence capstone doctrine, the other doctrine series and introduces the subordinate application/procedural documents forming the subordinate Series 6 ADFPs. The SIE encompasses the computing and communications infrastructure of Defence along with the people, skills, documentation and management systems that deliver that infrastructure.
5. ADDP 6.0 provides:
a. a conceptual framework for the understanding and conduct of effective CIS and EMS support to operations and management of information needed by commanders at all levels;
b. military guidance for the exercise of authority and the preparation of CIS related plans, with consistent objectives and vision;
c. a common direction for the development of the detailed procedural documents not only in the Series 6, but also in the other series, and their linkages to single Service doctrine, allied and coalition publications, such as Allied Communications Publications (ACP), and related equipment/system-specific technical documents, including ADF Communications Instructions (ADFCIs).
ADDP 6.0
iv Edition 2
6. ADDP 6.0 applies across the mission spectrum from peace to war and back to peace, in order to inform capability development and preparedness requirements. It is therefore not specific to the ADF, but guides all Groups in Defence. It is particularly important to guide the future SIE investment program planning, and related science and technology research.
7. Where CIS-related procedures are mandatory for both military and civilian personnel, eg cryptographic handling and certain EMS frequency management procedures, an authoritative Defence Instruction or policy manual will complement doctrine.
8. ADDP 6.0 is written at a level of UNCLASSIFIED to permit the widest possible dissemination among Defence managers. Where treatment of topics may be limited by such a classification, these have been expanded within the relevant ADFP 6.0.X series of procedural publications and ADFCIs. ADFCIs will be developed and issued under the authority of the Strategic J6 as the senior military advisor to the CDF on CIS matters.
9. Requests for multiple hardcopy production of ADDP 6.0 are to be submitted to the Defence Publishing Service on a Form SP150—Publication Action Request, available on the Defence Web Forms System site.
ADDP 6.0
Edition 2 v
AMENDMENTS
Proposals for amendment of ADDP 6.0 may be forwarded to [email protected] or:
Director of J6 Doctrine and Policy APW-2-12 Anzac Park West PO Box 7953 CANBERRA BC ACT 2610
Amendment Effected
Number Date Signature Date
DOCTRINE PUBLICATION HIERARCHY The hierarchy of ADDPs and ADFPs and their latest electronic version are available on the:
DRN located at: http://intranet.defence.gov.au/vcdf/sites/adfwc; and DSN located at: http://web.wlm.nnw.dsn.defence.mil.au/adfwc.
ADDP 6.0
Edition 2 vii
CONTENTS Page
Foreword iii Amendments v Contents vii List of Figures ix List of Tables ix
Paragraph CHAPTER 1 FUNDAMENTALS
INTRODUCTION DEFENCE STRATEGY The White Paper 1.3 The ICT Strategy 1.7 Future Joint Operating Concept (FJOC) 1.13 The Defence Single Information Environment 1.16 The Integrated Defence Architecture 1.25 Service Oriented Architecture (SOA) 1.30 COMMUNICATION AND INFORMATION SYSTEMS Development of systems 1.33 Communication systems 1.35 Information systems 1.38 Information management 1.39 Principles of CIS support 1.46 Overview of CIS in Defence 1.47
CHAPTER 2 INFORMATION EXCHANGE AND ASSURANCE INTRODUCTION INFORMATION EXCHANGE SERVICES AND SYSTEMS Communications networks 2.7 Communications services 2.11 Hand carriage services 2.13 STANDARDS AND INTEROPERABILITY INFORMATION OPERATIONS INFORMATION ASSURANCE Components of information assurance 2.25 PROTECTIVE MEASURES Communications security 2.32 Cryptographic security 2.34 Emanation security and TEMPEST 2.35 Emission control (EMCON) 2.39 Security risk assessment 2.43 COMPUTER NETWORK DEFENCE DETECTIVE MEASURES REACTIVE MEASURES
ADDP 6.0
viii Edition 2
CHAPTER 3 PLANNING, ENGINEERING AND TECHNICAL CONTROL INTRODUCTION NETWORK CENTRIC WARFARE Establishing the integrated network 3.14 TECHNICAL CONTROL PLANNING Command structure 3.27 Operational planning 3.29 The Planning Cycle 3.31 Multinational operations 3.33 DESIGN AND ENGINEERING Design principles 3.38 RADIOFREQUENCY SPECTRUM MANAGEMENT Defence use of the spectrum 3.44
GLOSSARY TERMS AND DEFINITIONS ABBREVIATIONS
ADDP 6.0
Edition 2 ix
LIST OF FIGURES
Figure Page 1–1: Effective CIS is vital to achieving operational
outcomes 1–2 1–2: Defence’s Single Information Environment 1–8 1–3: Defence’s transformational agenda demands a new
approach 1–11 1–4: Mobile CIS installation 1–14 1–5: Communications supporting operations 1–22 1–6: Sending Morse code in World War II 1–23 2–1: Defence CIS networks 2–4 2–2: Command support systems 2–8 2–3: LISI Maturity Model 2–10 2–4: Information security components 2–13 2–5: Communications security is vital to protect all
transmissions 2–15 2–6: German soldiers operating an Enigma machine 2–20 2–7: Four rotor Enigma machine 2–21 3–1: Observe, Orient, Decide and Act Loop 3–3 3–2: Airborne early warning and control contributes to NCW 3–4 3–3: The Network 3–5 3–4: Indicative CIS technical control chain 3–9 3–5: A Defence command structure 3–12 3–6: Context of Defence CIS interfaces 3–13 3–7: Defence strategic and operational level planning cycle 3–16 3–8: Management of spectrum ensures deconfliction
between force elements 3–21
LIST OF TABLES
Table Page 2–1: Information system attributes 2–11
ADDP 6.0 Chapter 1
Edition 2
CHAPTER 1
FUNDAMENTALS
Executive Summary
This chapter describes the strategic guidance that guides the Australian Defence Force (ADF) communication and information systems (CIS) philosophical and application doctrine. It outlines the basic principles of CIS support.
Information is a critical resource for commanders at all levels. Its effective management and use in military operations are integral to success.
Joint CIS doctrine in Defence flows from high-level strategic guidance in the Defence White Paper, the Defence Information and Communications Technology Strategy and capstone doctrine.
The chapter explains the development from what was previously called the Defence Information Environment into an improved Single Information Environment (SIE) that is also managed as a capability. The SIE encompasses the computing and communications infrastructure of Defence along with the people, skills, processes, documentation and management systems that deliver that infrastructure.
The Defence Enterprise Architecture (DEA) aligns capabilities and outputs with strategic drivers. As Defence continues towards a network-enabled force, CIS and its rapidly changing technologies are influencing information flows.
With increasing amounts of information available at all levels of command and management, effective information management (IM), including efficient records management is becoming more critical.
CIS support is central to the conduct of all functions in Defence; hence the Chief Information Officer (CIO) has coordinating responsibilities for all Defence’s information and communications technology (ICT). For military CIS this is exercised through the Head of ICT Operations (HICTO) Division of CIO Group as the Strategic J6.
INTRODUCTION
1.1 The availability of accurate and timely information is fundamental to the effective prosecution of military action. The Australian Defence Doctrine Publication (ADDP) - Doctrine—Foundations of Australian Military Doctrine defines information as a key capability in the conduct of military operations. The right information delivered to the right place, at the right time and in the right form enables Defence capabilities in the maritime, land, air and space environments. Therefore, the acquisition, operation and support
ADDP 6.0 Chapter 1
1–2 Edition 2
of information systems, and the recruitment, training and retention of the skilled people who provide these capabilities, require effective management and coordination. The concepts of network centric warfare (NCW)1 and information superiority centre on the elements of the fighting force being interconnected at the tactical and operational levels by a robust network of CIS that are capable of presenting and disseminating the data required by that force.
1.2 The ADF depends on achieving decision superiority to provide a ‘force multiplier’ effect. The capacity of Defence CIS staff to deliver a command and control (C2) advantage and accurate situation picture to our commanders, seamlessly and securely across many platforms, contributes significantly to the successful achievement of the Defence mission:
‘to defend Australia and its National interests’.
The provision of mobile, robust and reliable C2 requires that the two system components of the term CIS, communication systems and information systems are closely coordinated to transfer and present data to the users of those systems to allow rapid conversion of raw data to useful information.
Figure 1–1: Effective CIS is vital to achieving operational outcomes
1 NCW is the method of operation in which the automatic and rapid transfer of data enables the most effective use of combat power and takes place when the force operates as a single, virtual network.
ADDP 6.0 Chapter 1
Edition 2 1–3
DEFENCE STRATEGY
The White Paper
1.3 The Defence White Paper 2009 – Defending Australia in the Asia Pacific Century: Force 2030 (White Paper) sets the Government’s future direction for Defence. A crucial characteristic of the future force will be a joint approach that binds together single-Service capabilities and systems into an operationally seamless whole. Joint operations involving the three Services, other Defence agencies and in some cases other Australian Government agencies, will be the standard mode of operating in the future. Appropriate CIS will be necessary to support such operations. The White Paper outlines a way forward and a whole of Defence approach for the employment and development of CIS, as well as their acquisition strategies. Furthermore, Defence will, as far as possible, comply with whole of government ICT arrangements.
1.4 The Government has confirmed that Defence is to build a networked ADF, which has in place the ICT infrastructure, information tools, C2 support, management systems and joint training programs to provide a reliable network across the entire ADF. It is intended that current reforms will deliver to Defence a secure and robust ICT capability that supports military operations and business requirements. All Defence personnel, regardless of location, will be able to access and share information and collaborate with their counterparts in Defence, the Government and industry, and other allied or coalition partners, using social networking capabilities. There will be one network connecting fixed and deployed locations built on a single set of standards and approved products. It will encompass all security levels and have the ability to determine that the right person has the right authority to access information and services. A typical desktop set-up, available to all Defence sites, will be a single screen connected to a wireless network that can display multiple security ‘sessions’. Secure voice and video will be available to the desktop in most fixed and deployed locations. Deployed commanders and strategic decision makers will have a single view of the operational environment through a single, common operating picture accessing a wide range of user-selected data from sensors and sources, whilst corporate data will be easily accessed, manipulated and aggregated by Defence staff.
1.5 The future ADF will use modern ICT to link sensors, weapons systems and commanders and their personnel in a networked environment. This will help our personnel to work more effectively together, provide them with a common awareness and, most crucially, information superiority over an adversary so that commanders can make critical decisions on the situation more quickly and with better knowledge than the adversary may have. This approach is dependent on a secure, high-capacity information
ADDP 6.0 Chapter 1
1–4 Edition 2
network that allows personnel located in different areas to collaborate in real-time and to synchronise their operational actions with precision.2
1.6 Satellite communications are vital to Australia (AUS) and we have an ongoing collaboration with the United States (USA) in this area. The USA-AUS Military Satellite Communications Partnership Statement of Principles of 2008 commits both nations to exploring further capabilities.3 Assured access to military and commercial satellite communications technical collaboration and joint access to satellite communications will be needed into the foreseeable future. The core satellite communications capabilities for the ADF will continue to be provided through access to the Wideband Global System operated by the USA, which will provide global broadband communications for fixed and large mobile platforms. This will be complemented by narrowband, ultra high frequency (UHF) satellite capabilities, mainly to support mobile forces.
The ICT Strategy
1.7 The Defence Information and Communications Technology Strategy 2009 (ICT Strategy) is a companion review to the White Paper that identifies the following objectives for the SIE:4
• ICT scalability, flexibility and adaptability. Defence will have sufficient ICT capability to support a number of simultaneous operations. This capability will be flexible enough to support operations in which the force composition may not be known in advance.
• Information speed and accuracy. Information is managed as an asset to achieve the best speed of access to information across Defence, its allies, coalition partners and other government organisations (OGOs).
• Technological capability edge. Defence will maintain a technological capability edge over its adversaries through enhanced computer and network capabilities, and by integrating, securing and enhancing the network architecture, with a focus on information assurance (IA), confidentiality, integrity and availability of Defence’s information and infrastructure.
2 Defence White Paper 2009 page 67. 3 A Memorandum of Understanding for AUS and the USA to share UHF satellite capacity over the Indian and Pacific Oceans signed in April 2010. 4 Defence ICT Strategy 2009 page 45.
ADDP 6.0 Chapter 1
Edition 2 1–5
• Interoperability. Defence will build its ICT interoperability capabilities to support interagency collaboration and engagement with allies and other coalition partners in conducting operations.
• Business support. Provide business support to all areas of Defence, including a single desk process and tool set.
1.8 To achieve these objectives, the ICT Strategy is based on the following strategic imperatives:5
• Optimisation of the value of Defence’s ICT investment through cost transparency, improved stakeholder communication, prioritisation of spend and efficiency in ICT activities.
• Closer alignment with stakeholders through a stakeholder-centric organisation model, improving engagement and driving towards a collaborative approach to developing ICT capabilities.
• Provision of agreed priority solutions through the establishment of a Defence-wide ICT Operating Model and an Integrated Defence Architecture (IDA) that promotes standardisation and consolidation.
• Strengthening of ICT capabilities through improvements to culture, leadership, processes, skills, sourcing and resource planning.
1.9 ICT impact on operations. The ongoing development of new ICT capabilities is creating both opportunities and challenges for the ADF. On the one hand, improvements to Defence ICT will enable enhanced ADF decision-making and operational effectiveness. On the other hand, emerging and relatively inexpensive ICT capabilities that the ADF might need to use will also be available to adversaries and the public. The ADF must continue to develop, deploy and exploit advanced ICT to operate successfully in this future operational environment. Defence will leverage ICT capabilities to plan for and implement the full spectrum of tasks assigned to it by government, connecting whole-of-nation capabilities in an environment of increased uncertainty and reduced warning times. This will require a holistic approach to ICT capability, integrating both military and business functions so that technology enables the information access and functionality needed to accomplish the mission. To support this, Defence will continuously monitor and improve the quality of the SIE with an efficient standard for ICT support to all functions. Through the development of a more efficient and
5 Defence ICT Strategy 2009 page 5.
ADDP 6.0 Chapter 1
1–6 Edition 2
architectured SIE, Defence will be able to better meet the demands of the strategic, operational and tactical user.
1.10 Interoperability trends. The ability to operate with other agencies both domestically and internationally is a key Defence capability enabler. Whether Defence is acting cooperatively with another Australian Government agency or operating as part of a multinational force, the ability to exchange data quickly and confidently is essential. Defence will develop coordinated and robust exchange architecture to underpin these interactions. Defence requires mandated architecture policies and an effective governance framework to enable interoperability. The DEA must accommodate both government and Defence interoperability priorities in support of Defence’s requirements to interact domestically and internationally.
1.11 Improved IM and sharing will enhance joint, multi-agency and multinational interoperability. This will reduce the disadvantages caused by regional factors and mitigate the risks associated with asymmetric threats. The ability to lead and act decisively in Australia’s primary area of strategic interest will involve developing robust ICT capability through investment in critical infrastructure such as satellite communications, and sufficient spectrum and network bandwidth to meet demand.
1.12 ICT solutions need to comply with the technical standards of the sensor and weapon systems with which they may integrate. In addition, ICT solutions need to comply with Defence and whole of Australian Government security standards in order to ensure a consistent approach to the security of information and information systems, while supporting the business and enhancing Defence’s information sharing capability. Defence will develop a system for design-approval and consideration of the implications for ‘battle worthiness’. Acquisition strategies will include consideration of all the fundamental inputs to capability (FICs), and sustainment and recognition of lifecycle management requirements.
Future Joint Operating Concept (FJOC)
1.13 The FJOC 2030 provides development guidance for the joint force in the timeframe outlined in the White Paper. It outlines a number of principal tasks of the ADF as follows:
• Deter and defeat attacks on Australia without relying on the combat or combat support forces of other countries.
• Conduct independent military operations or lead coalitions that contribute to the region’s stability and security.
• Contribute to military contingencies in the wider Asia-Pacific Region to ensure its security.
ADDP 6.0 Chapter 1
Edition 2 1–7
• Contribute to military contingencies in other parts of the world.
1.14 The joint force will conduct operations by connecting and focussing globally dispersed systems and organisations. To do this, it will draw upon shared capabilities, which have increased in number, influence, capacity and degree of interaction by the rapid evolution of ICT.
1.15 FJOC describes the rapidly scalable and organisationally flexible joint forces that will be required in the future. These will require finding a balance between traditional hierarchical structures with stove-piped CIS and the collaborative peer-to-peer relationships that are required in modern information environments.
The Defence Single Information Environment
1.16 The SIE shown in Figure 1-2 is a capability that consists of the data/information used by Defence for business and military operations and the means by which it is created, managed, manipulated, stored and disseminated in and across all security domains. It includes all Defence assets, personnel and capabilities involved in the exchange of data, such as fixed, mobile, standalone and deployable networks, user devices and their support services, including Defence services hosted on external servers. The SIE encompasses the computing and communications infrastructure of Defence along with the people and management systems that deliver that infrastructure. It includes the computing networks, business applications, and the data that they generate, as well as the standards and electromagnetic spectrum (EMS) required for deployable networks.
1.17 The SIE infrastructure is essential and integral to the continuity of central Defence functions and supports information domains such as: command and control, intelligence, surveillance, reconnaissance, target acquisition, conduct of operations, logistics, strategic policy, capability development/management and resource management services of personnel, finance and asset acquisition and through-life support or sustainment. As a capability, the acquisition, operation and support of the systems that provide this information require continuous, effective management and coordination.
1.18 Interoperability considerations for each information domain are needed at all the interfaces to the SIE boundaries, information management, sensors, weapons and other external entities, eg allied, coalition, industry and OGO networks. This will require negotiated agreements of responsibilities, common standards and DEA reviews (operational, system and technical), which include information nodes and the data flows between them and to the external interfaces. The CIO coordinates the development of the DEA through the Chief Technology Officer, in conjunction with the Services’ Technical Regulatory Authorities.
ADDP 6.0 Chapter 1
1–8 Edition 2
Info
rmat
ion
Man
agem
ent
Info
rmat
ion
Inte
rope
rabi
lity
Figure 1–2: Defence’s Single Information Environment
1.19 The role of the CIO Group (CIOG) is the provision, sustainment and governance of Defence ICT, with responsibility for ongoing running and development of the SIE, controlling sustainment costs, and enabling Defence to take advantage of emerging technologies. However, many ICT-enabled capabilities that reside in the SIE rely on the raise, train and sustain functions owned by the Services and/or Intelligence and Security Group. The Defence Committee has addressed this circumstance in which significant inputs to capability cross Group and Service boundaries by introducing a new Capability Coordination Model. This model has specific application for many of the projects that will transform the SIE.
1.20 Under the Capability Coordination Model, there is no longer a Coordinating Capability Manager role. The Vice Chief of the Defence Force (VCDF) is the Joint Capability Authority (JCA) and is supported by a designated Capability Coordinator6 (CC). The CC engages with the Capability Manager (CM) and other Services and Groups as appropriate to progress any cross-boundary issues, including definitive user requirements and priorities. Each project in the Defence Capability Plan has only one designated CM, who has specific management and reporting responsibilities throughout the project’s life-cycle.
1.21 For projects that are largely ICT-related, the CIO will normally be designated as the CM and the VCDF’s JCA functions will normally be
6 The role of the CC is to coordinate the generation and sustainment of a designated capability, where the FICs are owned or managed by several Services/Groups.
ADDP 6.0 Chapter 1
Edition 2 1–9
executed through the Head Joint Capability Coordination (HJCC) Division as the CC. HJCC will draw the Division’s governance arrangements to bring together cross-Service/Group requirements as necessary. The governance arrangements include the Joint Capability Coordination Committee (JCCC) and the capability-specific working groups and forums that support and inform the JCCC.
1.22 There are a number of capabilities within the SIE for which the CIO is already designated as the CM, and therefore has enduring raise, train and sustain responsibilities. These SIE capabilities are:
• satellite communications;
• spectrum access and use;
• high grade cryptographic equipment;
• Defence’s strategic communications network;
• deployed and coalition networks; and
• tactical data links between platforms and equipments.
For these elements of the SIE, CIOG identifies future capability requirements, provides specialist professional knowledge, provides assurance, oversees planning for and introduction of new capabilities into service, coordinates the FICs and reports to Government.
1.23 CIOG is also the Acquisition Agency7 for designated Defence ICT projects with prime responsibility during the Acquisition Phase for the ‘major systems’ FIC element. The CIO is the technical authority for architectures and standards required of all systems that interface with the SIE to receive and transfer data.
1.24 Principles. The following guiding principles provide the intellectual framework within which the SIE is developed, operated and managed:
• Defence aligns with the national approach to IM. There is a whole of government approach to harnessing information as a key component of national power. The government agencies will understand the evolving circumstances so that military actions are in concert with a national approach. Civil infrastructure is a vital national asset that provides additional capacity and flexibility, and will feature in any CIS planning. Technical solutions to
7 The Defence Capability Development Handbook on the Capability Development Group’s website will evolve as initiatives from the Strategic Review and the Capability Development Improvement Programs are implemented.
ADDP 6.0 Chapter 1
1–10 Edition 2
enable coordination between elements of a comprehensive whole of government approach are essential.8 To complement the CIS activities within Defence, coordination is required across civil agencies, including telecommunications authorities, EMS management and meteorological bureaus.
• Defence has only one information environment for all of its organisations, occupations and security classifications. The CIO, in consultation with the CDF, VCDF Group, Chief of Joint Operations (CJOPS) and Deputy Secretary Strategy, establishes the strategic direction, governance and coordination arrangements for the development, operation and management of the SIE.
• Information is managed. Timely and useful information can be categorised as a resource or capability along with our people, land, air and maritime forces. Managed information delivers the right information to the right people at the right time and in the right form. Useful, current information enables decision-makers to quickly access enhanced knowledge to increase awareness of the situation in order to orchestrate timely, precise and tailored effects. It permits greater organisational agility, increased operational tempo and improved business precision in a secured information environment.
• The military is supported. Military operations remain the ADF’s unique contribution to national security. The SIE is required to meet current capability requirements and be developed as an effective information capability to support future military concepts.
The Integrated Defence Architecture
1.25 The IDA is a means for aligning Defence capabilities and outputs with Defence’s strategic drivers. Enterprise architecting provides a common structure that can be used as a basis for capability planning and the development of consistent enterprise processes. Using enterprise architecture, Defence has the potential to realise maximum benefits from its ICT investments.
8 FJOC 2030.
ADDP 6.0 Chapter 1
Edition 2 1–11
Figure 1–3: Defence’s transformation demands a new approach
1.26 The ICT Strategy commits to establishing an IDA – an enterprise architecture that will address the relationship between all resources (including people, processes, ICT systems, other systems, information and operations) in Defence through principles and guidelines governing their design and evolution over time. An IDA enables the CIO to coordinate the development of SIE architectures and standard technical and procedural solutions.
1.27 The IDA provides:
• a conceptual view of the future state or target architecture for the Defence enterprise;
• a common medium for communication and planning between Defence business and ICT organisations;
• multiple perspectives of the Defence enterprise, including performance, business, systems/services, data, technology/infrastructure and security;
• relationships and dependencies both horizontally, ie within a single perspective of the architecture - what data is shared or self-contained and vertically, ie across multiple perspectives of the architecture - what business functions and processes are supported by what systems/services; and
• key insight to enable strategic decisions and planning.
ADDP 6.0 Chapter 1
1–12 Edition 2
1.28 Architectural principles with legislative regulations define the underlying general rules and guidelines for the use and deployment of all resources and assets across the enterprise. They reflect a level of consensus among the various elements of the enterprise, and form the basis for making future decisions. As stated on the Enterprise Architecture Branch’s website (June 2012), ‘principles define the organisation’s strategy for certain business and technical functions. They filter decision making, eliminating solutions that do not meet objectives. This clarity of executive intent, takes the guesswork out of lower-level decisions. Clear, well-understood and sanctioned principles, combined with an executive commitment to enforce them, help drive change across disparate business areas and programs.’
1.29 The following are the DEA core principles:
• Principle 1. All Defence architecture will be reference-based, conform with, and take guidance from Defence strategic priorities and concepts of operations. The target enterprise architecture is developed with strategic planners and operational staff to reduce misalignment between the strategic plan, the future environment and the target architecture.
• Principle 2. All architecture development will conform with and take guidance from the Australian Defence Architecture Framework 2 (AUSDAF2). Defence has adopted AUSDAF2 as its architecture standard framework after evaluating and incorporating aspects from other Defence and Industry frameworks and extensive research into stakeholder needs and ‘fitness-for-purpose’ requirements.
• Principle 3. Defence will have an IDA that has an enterprise focus and that provides enterprise-wide clarity and reasoning as well as supporting all Defence activities. The IDA has been developed as a means for Defence to guide and align future investment decisions and for the strategic planning of ICT systems. The IDA articulates the collective intent of Defence for its future enterprise architecture by documenting the endorsed strategic performance, business, services, data and technology direction to be used as a collective reference for planning and architecting. It provides a strategic, line-of-sight between inputs, outputs and outcomes, thereby supporting confident strategic and architectural decision-making. It also provides a common set of planning assumptions for projects and programs of projects.
ADDP 6.0 Chapter 1
Edition 2 1–13
• Principle 4. Specific architecture descriptions should be iterative and provide for improvement, refinement and maturity against the mission and objectives.
• Principle 5. All architecture will conform to usability and reusability. They should address re-use as first option.
• Principle 6. All Defence architecture will deliver measurable results through endorsed standards and compliance processes.
• Principle 7. All architecture will be defined and documented in a common format and using a common language.
Service-oriented Architecture (SOA)
1.30 SOA9 is the preferred architectural style for the SIE, which is a cornerstone of Defence’s ICT Reform Program and its support to the Strategic Reform Program. The SOA architectural style aims to enhance the agility and cost-effectiveness of delivering ICT capability within the enterprise, while simultaneously reducing the overall risk and maximising the organisational investment in its ICT capability. It accomplishes this by encapsulating technical capability as one or more business services that are used, re-used and shared throughout the enterprise. SOA supports service-orientation through the realisation of the strategic goals represented by service-oriented computing, eg some key SOA goals include risk reduction, agility, and leveraging existing technology investments.
1.31 Guiding principles define the basic rules for development, maintenance and usage of SOA. Services for SOA must:
• prioritise re-use;
• consider granularity, modularity, composition, componentisation and interoperability;
• be standards-compliant, both open and industry-specific with consideration for internal Defence standards; and
• support service identification and categorisation, provisioning and delivery, monitoring and tracking, and versioning.
COMMUNICATION AND INFORMATION SYSTEMS
1.32 CIS are assemblies of equipment, methods/procedures and personnel organised so as to accomplish specific information conveyance
9 CIO Group Instruction 1/2011.
ADDP 6.0 Chapter 1
1–14 Edition 2
and processing functions. In the operational environment of today, effective IM and subsequent information superiority cannot be achieved without properly deployed and managed CIS. They are an essential part of military operations that provide commanders at all levels with the means to exercise C2 and disseminate vital information.
Figure 1–4: Mobile CIS installation
Development of systems
1.33 The major purpose of CIS in a military context has always been the passage of information to inform and support C2. From the earliest times, when communications was by means of a messenger, to the development of visual signalling, to the early forms of electronic signalling, to the current environment of computing systems connected by various communications means, the intent has been the same.
1.34 Defence information flows have been stovepiped in the past, and remain so to some extent. That is, information flows up and down through lines of control with little cross-organisational or lateral flow. Stovepiping is a characteristic of organisations that have a strong hierarchical structure, such as Defence. In a network-enabled organisation, information is global and flows laterally as well as vertically and is available to all who need it. Another significant feature of a modern, network-enabled organisation is that information is now available in real or near-real time, in contrast to when the value, and even the security classification, of information was diminished by the time taken to promulgate it.
ADDP 6.0 Chapter 1
Edition 2 1–15
Communication systems
1.35 A communication system is a combination of procedures, infrastructure (facilities, radios, transmitters, receivers, antennas, power supplies, switches, data, etc), and personnel (specialist operators and terminal users) that apply communications technology to the receipt, amplification, storage, processing and transmission of data of any type (analogue, digital, audio, video, image, etc). A communication system provides communications between its sending and receiving users and may embrace transmission systems, switching systems and user terminal systems. It may also include storage or processing functions in support of information transfer.
1.36 Communications, as distinct from verbal communication within the normal range of human senses, requires a data transmitter and receiver, their connecting network of links, common services and data. This may not involve any human intervention or analysis, which differentiates a communication system from an information system (IS). Defence communication systems could include one or more of the following:
• Radiofrequency (RF) bearers providing high frequency (HF)/very high frequency (VHF)/UHF tactical and strategic communications from and to mobile users enabling both voice and data communications. This includes broadband and narrowband satellite services, providing multiplexed data of varying classifications and multiple networks (national/allied/coalition) to and from ADF units.
• Manual systems include hand carriage by courier or signals dispatch services, or visual signalling using signal lamps, lasers or flags.
• Wide area and local cable or fibre optic systems providing common-user and sole-user accesses to telephone, fax and data services.
1.37 Joint data networks (JDNs) across the operational environment are digital information networks that either work independently of each other or require dedicated planning and execution to share information. Each JDN is characterised by the communications architecture and associated data it contains. Effective management and integration of these networks is essential to the achievement of clear and complete tactical and operational pictures. The JDN sub-networks are optimised to enable a specific joint military capability. Information is passed over the JDN in real, near-real and non-real time to provide the primary data feed to support the generation of the common tactical or operating picture.
ADDP 6.0 Chapter 1
1–16 Edition 2
Information systems
1.38 An IS comprises the personnel, procedures, software and resources organised for the collection, processing, maintenance, transmission and dissemination of information, whether automated or manual. It includes the human and user terminal devices, as data can only be converted into information when it has been put, by a human reader, into the context intended by the originator. An IS can have one or more different purposes, such as the following:
• C2 arrangements require rapid, secure and comprehensive distribution of the commander’s intent and the prevention of network overload so that information can be delivered accurately, eg strategic, high command and own national rear link requirements for multinational activities.
• Intelligence systems provide a continuous gathering, processing and appropriate dissemination of intelligence and surveillance data in near-real time over an indefinite period, and access to intelligence databases for appropriate stakeholders when required.
• Collaborative planning systems allow commanders and their staff to aggregate, manipulate and present information in a clear, concise format thus enabling timely and informed decisions. It must be able to overcome the disadvantages of geographical separation of the chain of command by allowing the efficient use of relevant system planning, operation, mission rehearsal, simulation, modelling and experimentation tools.
• Logistic support or materiel IM systems or applications allow for the ordering of supplies, tracking of supplies and equipment, movement management, training readiness and other logistics processes.
• Administration systems or standard applications allow for the management of Defence business processes, administrative needs and personnel.
• Interoperability and multinational information sharing systems facilitate the automatic exchange of information between and the military forces of Australia and other nations at all levels of command.
• Interagency information sharing systems facilitate or provide entry into organisations that Defence needs to interface with for the management of its business
ADDP 6.0 Chapter 1
Edition 2 1–17
processes, campaigns, operations, exercises and other activities.
Information management
1.39 Information is a strategic asset for defence and IM is the capability that will bring that asset properly to bear on Defence’s business and in doing so, will improve decision making. IM within Defence is based on providing the right information, at the right time, to the right person, and in the right format to enable the right decision to be made. This will depend on:
• a single source of truth (the right information);
• information governance (the right time);
• a culture of information sharing between those who need to know (the right person);10 and
• in accordance with agreed standards (the right format).
1.40 Defence’s military capability superiority depends on a commander’s ability to seamlessly access intelligence, logistical and personnel information in order to make strategic or tactical decisions. Effective IM will provide a competitive advantage in determining an accurate situation understanding, rapid decision-making and the precise application of force over our adversaries. In addition, effective IM will ensure that costs associated with military capability are reduced by eliminating ‘stovepiping’ of information and ensuring that the principle of ‘need-to-share’ (within security constraints) becomes pervasive.11
1.41 IM is the processes required to achieve desired outcomes through the stewardship of information effectively and efficiently. It is the integrated management of processes and services that provides exploitable information on time, in the right place and format, to maximise freedom of action.
1.42 The management of information encompasses automated and manual processes, systems and facilities involved in the definition and architecture development (architecting) of business processes and systems relating to the creation, manipulation, presentation, archiving and destruction/deletion of information in any form, ie electronic and/or physical.
1.43 IM encompasses the joint enabling activity that underpins effective information exploitation and common situational understanding by commanders and staffs. Exploitation leads to situational understanding that, when combined with experience and culture, results in intuitive or reasoned risk assessment and decision-making. IM includes:
10 Defence Information Strategy Framework September 2010. 11 Defence ICT Strategy 2009 page 51.
ADDP 6.0 Chapter 1
1–18 Edition 2
• determining information needs,
• managing information flow, and
• administration of information throughout all phases of its life cycle.
1.44 Data management. IM includes all activities involved in the identification, collection, filtering, fusing, processing, focusing, dissemination, and usage of information. It assembles information that promotes understanding of the operational environment and enables the commander to better formulate and analyse courses of action, make decisions, execute those decisions, and understand results from previous decisions. IM provides the quality information a commander needs to support the decision making process. The role of IM is to provide a timely flow of relevant information that enables the commander to anticipate changing conditions and understand its impact on current and future operations. IM addresses information as a commodity instead of a technology and is performed at all levels, regardless of the extent of automation. Effective IM delivers critically important information in a timely manner to those who need it in a form that they can quickly understand.
1.45 IM should not be confused with data management. Data management relates to organisational and technical tasks concerning the planning, storage, and provision of data, both for computer personnel and end-users. Data is any representation of facts, concepts or instructions in a formalised manner suitable for communication, interpretation or processing by humans or by automatic means. The representations may be symbols, characters or analogue quantities to which meaning is or might be assigned. Data needs to be put into context before it can be information. This generally requires the data to be placed into a predefined field with metadata describing the data or field. Data is a general term used to denote any or all facts, numbers, letters and symbols, or facts that refer to or describe an object, idea, condition or situation or other factor. It connotes basic elements of information that can be processed or produced by a computer. Sometimes data is considered expressible only in numerical form but information is not so limited.
Principles of CIS support
1.46 In order to provide robust and flexible CIS support to the ADF, Defence network planners at all levels of command and management need to take the following principles of CIS support into consideration. As principles are often conflicting, a balance is always the aim:
• Support the chain of command. To support the transfer of data between commanders, staff and all users, CIS plans need to complement the commander’s intent and concept of manoeuvre and ensure that services are
ADDP 6.0 Chapter 1
Edition 2 1–19
available where and when required to ensure continuity of command. The CIS architecture should be designed to provide relevant functionality and quality performance, be pervasive and use available resources to optimal effect. This requires adaptability to changing command structures through a technical control chain that ensures appropriate conformance to standard procedures/doctrine. To ensure efficient allocation of limited resources, the principle includes the understanding that CIS are provided and technically controlled between headquarters and units from higher to lower, left to right, supporting to supported.
• Integration. The CIS technical control hierarchy must be integrated within the chain of command to ensure that command priorities are met. Integrated networks reduce the need for data exchange points and system interfaces, all of which increase points of failure. CIS standardisation and use of common equipment and processes maximise interoperability, effectiveness and efficiency through seamless exchange of data, preferably from a single, trusted source, internally and externally.
• Reliability. CIS must be reliable to maintain continuity of command. A reliable system, which provides a minimum of nodes and facilities, is usually preferable to less-reliable, complex systems providing superior facilities but which are more difficult to recover in a confused environment. This is particularly important for tactical, deployed systems. Availability, survivability and training all provide for a resilience that contributes to reliability.
• Flexibility. With uncertainty of environments, CIS architectures need to be adaptable to evolve with changing technology and responsive to changing demands through surge and rapid reconfiguration. The same CIS equipment should be capable of being used for as many military tasks and in as many climatic environments as possible.
• Survivability. CIS networks should be robust to ensure continuity of command, and to minimise the impact and time to recover from adverse events. CIS equipments need to be appropriately ruggedised to meet the demands of the environments in which they are likely to operate. The data and information they pass need to be protected and preserved throughout their required life. This principle also covers the need to dispose quickly of data that is either a useful record to be saved or useless data to be filtered or destroyed.
ADDP 6.0 Chapter 1
1–20 Edition 2
• Mobility. At all levels of command, the mobility of CIS must be commensurate with that of the supported force; but particularly its commander. They need to be designed for continuous use on the move or to be rapidly closed down and re-established so as to sustain maximum support for the commanders as they hand over command from one to the other as they move or step-up headquarters and units; always having ‘one foot on the ground’.
• Security. Data and the CIS infrastructure both need to be assured and protected to ensure confidentiality, availability and integrity. This IA is to maximise the protection to our highly valued people, equipment and information. Operations security will be compromised unless adequate considerations are given to the security of information held on and transmitted by CIS equipment.
• Simplicity. Simple CIS plans are more likely to withstand the stresses of all types of operation. A simple plan will be more readily understood and more easily implemented. CIS equipment should be easy (intuitive) to operate and simple to repair by modular replacement, so as to minimise training requirements.
• Capacity. To ensure that information is current when it reaches its destination, a CIS must be able to cope with traffic peaks and troughs, and permit all data to be eventually transmitted, within a priority-based release methodology.
• Quality. The quality of CIS networks must be such that the integrity of the information is not questioned, meaning is not lost in transmission and data or systems remain appropriately responsive to the requirements of commanders and other decision makers. Accuracy at the point of data entry and identification of the primary source of that data are particularly important.
• Economy. CIS assets, including memory/storage space, spectrum and bandwidth, are finite resources and austerity is particularly a characteristic of deployable CIS networks. Demands on networks should be kept to the essential minimum. Sole-user facilities will be restricted, usually to commanders and key staff positions. IM is a key to ensuring the economic use of CIS resources.
ADDP 6.0 Chapter 1
Edition 2 1–21
• Interoperability. Information networks should support the uninterrupted flow of data between force elements, supporting government agencies, joint forces and multinational partners. The nature of joint and coalition capability-development cycles means that systems may not be interoperable. Therefore, the CIS staff needs to plan for interoperability using procedures and liaison detachments to facilitate information transfer in an appropriate form. Level 3 of the Levels of Information Systems Interoperability Maturity Model, as detailed in Chapter 2, is the preferred minimum standard.
• Anticipation of requirements. Some CIS require long lead times to ensure commercial support is provided or logistics pre-positioning can occur. This requires planning staff to anticipate requirements. Maintenance staff should also establish mechanisms to anticipate failures to prevent uncontrolled/unplanned outages.
Overview of CIS in Defence
1.47 CIS are central to the conduct of all functions of Defence: administrative, strategic, operational and tactical. For this reason and because of the requirement for consistency in the provision and acquisition of CIS across all of Defence, the CIO is the Capability Manager who is responsible for the planning, development and operation of the SIE, or more specifically for:
• developing Defence ICT concepts, plans, doctrine and policy;
• providing leadership in the use of best practice in the design, delivery and operation of ICT systems;
• advising all Defence committees on ICT issues;
• developing an architecture for the SIE for all Defence ICT systems and setting ICT standards and product lists;
• ensuring that requirements from business process owners are met through commercial and standardised solutions, and refer any requests for bespoke and customised solutions for Defence and Government approvals;
• consolidating the operation of the Defence ICT systems based on standard commercial models;
• establishing priorities and engagement strategies for ICT interoperability with other Australian Government agencies, allies and coalition partners;
ADDP 6.0 Chapter 1
1–22 Edition 2
• coordinating ICT-related FIC issues;
• establishing the governance mechanisms necessary to allow the execution of these responsibilities and accountabilities; and
• developing an agile solutions design capability that will work with business and ICT stakeholders to deliver pragmatic and practicable outcomes for Defence.
Figure 1–5: Communications supporting operations
1.48 The higher C2 arrangements of the ADF emphasise that the CDF commands the ADF (full command) through the VCDF and the Service Chiefs. Command of the Services is exercised by the Chief of that Service (Service command) for all aspects except operations. Headquarters Joint Operations Command is the operational level headquarters established to plan, control and conduct campaigns, operations, joint exercises and other activities on behalf of the CDF. While Service Chiefs are the principal advisers to the CDF for single-Service aspects of operations, CJOPS normally commands operations (theatre command) on behalf of the CDF.
1.49 Within the CIO Group, HICTO is the two-star military officer and principal strategic adviser (Strategic J6) to the CDF and CJOPS on CIS and EMS matters. The Strategic J6 is responsible for delivering the SIE as a global, end-to-end capability, including the provision of satellite communications, EMS and networks to support military operations.
ADDP 6.0 Chapter 1
Edition 2 1–23
HISTORICAL EXAMPLE — THE GENESIS OF THE MODERN NETWORKED FORCE
Figure 1–6: Sending Morse code in World War II
Throughout the history of military communications, the requirements of reliability, speed, accuracy and security have not changed. The ultimate goal of maximum levels of these attributes is still a challenge in spite of the most significant technological advances of recent times. Progress in the field can be divided into several overlapping periods, each followed by a change in military operational concepts and doctrine as a result of new weapons or communication systems. This has continued to take place within an increasingly complicated international political and cultural scene.
Prior to 1900, communication systems slowly progressed from local area, sound and visual systems (drums, smoke, and flags) to more extensive telegraph systems using fixed wire circuits. The British first used Morse’s electric telegraph in war for the 1854 Crimean War. More extensive use of telegraph occurred in the American Civil War. Its use grew rapidly in the late 19th Century, with mobile telegraph trains used by the Prussian and French armies, while European and British powers formalised the responsibility for communications within specialised Engineer or Signals corps.
In the late 19th Century, development of wireless telegraphy or radio took military communications another huge step forward; a second revolution in communications less than half-century after the first. Now communications extended beyond line-of-sight and the reach of wired networks. World War I
ADDP 6.0 Chapter 1
1–24 Edition 2
saw the first real large-scale military testing of both wired and wireless communications. Wartime needs and growing equipment procurement greatly accelerated the pace of radio’s technical development. Vacuum tube-based equipment, rare in 1914 (when obsolete spark-gap wireless telegraphy was still widespread) was becoming standard by 1918, vastly increasing radio’s capabilities, by adding voice capability to Morse code communications.
During the interwar period, innovation continued at both commercial and military laboratories, which further aided military communications. Developments included radar, microwave transmission, improvements in long range short wave radiocommunications and the development of FM radio. Electric cipher machines and teleprinter equipment, which were to play a significant part in the coming conflict, were also developed.
Significant developments, not just in technical capabilities but also in the employment of military communications, occurred during World War II. The ability to not only use communication systems to pass information in a timely manner but also to protect that information played a significant part in military success. By the end of the war, virtually every allied military vehicle and aircraft carried a transceiver. Walkie-talkies allowed the infantry to stay in constant communication with their headquarters; one of the first demonstrations of small-scale, mobile communications in wartime.
The period since World War II has seen military communications develop at an even increasing pace, concurrent with advances in civilian communications and technology generally. Communications have become real-time, automatic, digitised, netlike, multilevel, multiservice and dependent on commercial information and communications technology innovations. The developments in packet switching and satellite communications have allowed for development of networks able to share information more quickly and easily to provide improved awareness of the operational environment.
ADDP 6.0 Chapter 2
Edition 2
CHAPTER 2
INFORMATION EXCHANGE AND ASSURANCE
Executive Summary
The means by which information is shared and protected play a vital part in ensuring that commanders have the information they need to maximise the effect of Australian Defence Force (ADF) operations on an adversary.
Information exchange is concerned with the means by which information circulates within the ADF and the remainder of Defence.
Communications networks include strategic and tactical communications.
Interoperability of communication and information systems (CIS) is very important in the context of joint and multinational operations.
Information assurance (IA) protects information and information systems and includes both active and passive measures.
IA also includes monitoring CIS to maintain security, as well as measures required to respond to incidents.
INTRODUCTION
2.1 Defence CIS includes those systems used for the command and control (C2), acquisition, storage, display, analysis, protection, processing and transfer of information within Defence and those systems that provide interoperability with government, non-government agencies, allies, coalition partners and regional organisations. Information exchange involves the systems, applications and procedures related to fixed and mobile CIS elements with a specific focus on command support and information operations and those available for exchange of information between allied, coalition and regional partners. The activities undertaken to defend and protect information and CIS are known as IA and are a key component of information superiority. IA integrates people, operational techniques and technology to protect, detect and react to intrusions or attacks and restore information services as quickly as possible.
2.2 The purpose of this chapter is to introduce in general terms how information is exchanged and assured in Defence. Procedural aspects of information exchange are detailed in ADF Publication (ADFP) 6.0.2—Information Exchange whilst ADFP 6.0.3—Information Assurance identifies in greater detail the procedural aspects of IA.
INFORMATION EXCHANGE
2.3 Information exchange is the formal or informal transmission of information from, to or within an information environment. Information
ADDP 6.0 Chapter 2
2–2 Edition 2
exchange can be conducted using electronic or physical means, in fixed or deployed environments spanning all security domains. The information exchanged may be in the form of text, graphics or another form. Informal communication is used to communicate information where non-repudiation and authentication are not imperative. Examples of informal communication may be email, instant messaging or chat applications.
2.4 The emergence of new technologies including the social network has changed the nature of both the Internet and military communications. Faster, more interactive and less formal means of communications are now the societal norm and are becoming accepted in the Defence environment. Defence is committed to adapting to these ways of working. This often means that Defence has to add features to common applications such as chat to make them fit for C2 purposes. In most instances this means increasing the application’s security functionality, introducing non-repudiation, automatic archiving of messages etc.
2.5 Within the ADF and other parts of Defence, formal messaging is used when the originator considers that the text of the message must be conveyed with guaranteed security and reliability, and when the addressee is expected to take action without repudiation and with minimum delay. Transmission of Australian Standard Military Text Format messages using the Mercury application is an example of formal messaging.
SERVICES AND SYSTEMS
2.6 The information available to a commander is integral to making decisions that maximise the effect of ADF operations on an adversary. The passage of this information in a timely and safe manner requires secure connectivity between the commanders and their assets, any deployable joint task force headquarters, to allied, coalition and regional nations, and to other government departments and non-government organisations. CIS services available to Defence at the strategic, operational and tactical levels include:
• joint data networks (JDNs);
• voice and fax;
• formal/military messaging;
• videoconferencing;
• electronic information exchange (EIE), eg email, web and database facilities, collaborative planning applications, situation or operating picture tools and management applications; and
• hand carriage, in conjunction with the signals dispatch service, which interfaces into the logistics then corporate safehand systems.
ADDP 6.0 Chapter 2
Edition 2 2–3
Communications networks
2.7 Communications networks comprise one or more communications links, are classified as tactical or strategic, and are defined as follows:
• Tactical communications networks comprise those communications systems that are deployed to provide CIS for the command and control of the land, maritime and air components and to communicate back into a Defence strategic communications network.
• Strategic communications networks connect fixed sites, bases and barracks to the Defence Wide Area Communications Network (DWACN), which is established within the civilian infrastructure for use by both the public and Defence organisations.
ADDP 6.0 Chapter 2
2–4 Edition 2
Figure 2–1: Defence CIS networks
2.8 Tactical communications networks require an interface into a strategic communications network and supported systems. Although a tactical communications network should be considered as one logical network, for practical deployment reasons, it is categorised into its major architectural component (referred to as subsystem). The tactical communications network comprises the following:
• Local radio subsystems include the mobile and ruggedised radios that provide the voice and data communications to support the C2 of combat troops.
ADDP 6.0 Chapter 2
Edition 2 2–5
• Trunk subsystems comprise the high capacity, transportable infrastructure that is used to support voice and data communications between communications nodes, eg a radio relay or satellite terminal.
• Local subsystems are configured to conduct and manage data switching in a local area, eg unit or formation headquarters (HQ) or maintenance area, where traffic is switched from user terminals prior to transmission over a communications system. The local subsystem may perform a number of functions, such as providing a network for a local area, eg voice telephone exchange or a computer local area network. It may also provide the interface into one or more systems, eg the combat net radio (CNR) subsystem, trunk subsystem, strategic communications system or supported systems. Another function is to provide an internal switching capability to pass local traffic directly within a local area, thus avoiding the requirement to interface with other components of the tactical communications network.
2.9 Local radio or trunk subsystems may not have sufficient range to extend high capacity communications over the distances required to support dispersed operations. Extending the range of these systems may be achieved by employing CNR retransmission and radio relay sites, satellite trunk systems or airborne retransmission systems.
2.10 Defence Strategic Communications Network. The Commander Defence Strategic Communications (CDSC) controls and operates the Defence Strategic Communications Network and provides CIS planning advice to the Headquarters Joint Operations Command (HQJOC), single Service HQs, units of the ADF and Defence Groups. CDSC is also responsible for the provision, maintenance and trouble-shooting of the DWACN. The strategic network provides the following services:
• The DWACN is a bearer network capable of passing operational voice, video and data traffic. It comprises telecommunications carrier-grade routers and switches designed to provide Defence with a core network capable of 99.9995 percent reliability under normal operating conditions. The routers and switches are either owned and operated by Defence or provided as a managed service via designated contracts with telecommunications carriers. The delivery, maintenance and support of the DWACN are managed by the Defence Strategic Communications Branch. The following networks are normally operated as virtual private networks of the DWACN: the Defence Restricted Network (DRN), Defence Secret Network,
ADDP 6.0 Chapter 2
2–6 Edition 2
Defence Top Secret Network, Defence Secure Videoconferencing Environment - Secret Network and Defence Voice Network.
• Defence’s satellite and high frequency network services, including tactical interface sites.
• Support to international information services.
• Defence’s Internet gateways.
Communications services
2.11 The tactical and the strategic communications networks do not exist in isolation. They exist to provide services and to support joint and multinational systems such as: command elements, sensors, weapon platforms, command support systems, information services (eg videoconferencing and information management) and network management systems. As information and communications technology (ICT) becomes more accessible and secure, commanders’ expectations increase, and CIS managers are required to configure communications networks to deliver a broader range of CIS services. The CIS services that a commander could expect may be categorised as follows:
• Voice services are audio communications over radio or telephone, in point-to-point or networked modes, secure or plain language. Radiotelephone procedures are detailed in Allied Communications Publication 125 and single Service doctrine publications, eg Land Warfare Procedures - General 6-1-4—Radio Communications Procedures (All Corps) 1999.
• Fax services transmit copies of documents between fax devices.
• EIE services are the connection of two or more electronic systems in order to share information. Examples of EIE are data file transfer and email; command support systems; administrative and logistics support systems, and surveillance and sensor systems.
• Formal messaging services transmit and receive formal messages via a communications centre (COMMCEN) or from a desktop messaging system. A COMMCEN is responsible for the handling and distribution of formal message traffic from originators to recipients.
• Videoconferencing services support the transmission of real-time audiovisual data between two or more sites.
ADDP 6.0 Chapter 2
Edition 2 2–7
2.12 The following systems provide commanders with information from both the business and operations domains of the information environment.
• Management information systems (MIS) include enterprise-wide systems such as financial, personnel management and health management systems. The Chief Information Officer (CIO) is responsible for the policy, standards, architecture and operation of MIS. The CIO effects this responsibility via the Defence ICT governance structure, including business process owners, Group Heads, the Chief Technical Officer and Strategic J6. The latter is responsible for infrastructure and operation of the DRN, in conjunction with the database managers in the Defence Computing Bureau (DCB1).
• Command support systems (CSS) include the other systems shown in Figure 2–2. The Strategic J6 is responsible to the Chief of Defence Force (CDF) for infrastructure and operation of the Defence Strategic Communications Network. The Commander Joint Logistics, as the Strategic J4, is responsible to the CDF for the through-life support for deployable systems, while Chief of Capability Development Group oversees related capability development. Interoperability of CSS is a key consideration and the aim should be to achieve a Level 3 on the Levels of Information Systems Interoperability (LISI) Maturity Model as detailed in Figure 2–3.
1 The DCB is an element of the CIO Group that provides enterprise server support for Defence corporate applications; services include enterprise server configuration, operation and maintenance, operational backup and recovery, data migration, and design and maintenance of databases.
ADDP 6.0 Chapter 2
2–8 Edition 2
Figure 2–2: Command support systems
• Network requirements determination and interface systems. Although operational and tactical level military and commercial satellite communications are managed by Strategic J6, operational requirements and priorities are determined by HQJOC. This includes prioritisation of relevant interface (tactical to strategic) station anchor requirements.
• Tactical level systems. The CIS staffs at each headquarters are responsible for liaison with Strategic J6 and HQJOC on Service-specific or unit-specific connectivity requirements.
Hand carriage services
2.13 During emission control or power restrictions, communications may be extended by a hand carriage or signals dispatch service via a signals dispatch office, if established. The official dispatches that may be carried by the military hand carriage service include:
• formal messages;
• written operational or administrative material that cannot be sent efficiently by electronic means;
• written orders;
• marked maps and large map overlays;
• information stored on soft copy electronic media; and
ADDP 6.0 Chapter 2
Edition 2 2–9
• TOP SECRET documents, documents labelled for special handling, and other classified matter if the electronic means does not meet the required security specifications.
2.14 The military hand carriage services for transferring messages may include a combination of dispatch riders, air dispatch service and liaison officers. These services can be interfaced into the strategic Defence safehand2 and postal services.
STANDARDS AND INTEROPERABILITY
2.15 Interoperability is achieved between communications-electronics systems or equipment when data, information or services can be exchanged directly and satisfactorily between them and/or their users. It is the ability of systems, units or forces to provide to, and accept services from, other systems, units or forces and to use the services so exchanged to enable them to operate effectively together. Interoperability cannot solely be thought of at a CIS level, but includes doctrine, people, procedures and training.
2.16 Interoperability of ICT and CIS is one of the most significant challenges of conducting joint operations. The joint task force that fights the next conflict, small or large, probably does not exist until the need arises. Determining how various systems are pulled together to accomplish a joint mission is also a major challenge facing CIS planners and architecture developers throughout Defence. CIS infrastructure built to meet specific Service requirements must still provide for the appropriate level of command, control, communications, computer, intelligence, surveillance and reconnaissance interoperability to meet joint requirements. As such, understanding the specific nature and level of interoperability required is a key consideration for information architecture.
2.17 The level of CIS interoperability varies at a joint, combined and coalition level. Determination of, and compliance with appropriate standards and data formats are essential for achieving a practical but efficient level of interoperability. Common technology standards and standard processes provide Defence with the closest practicable cooperation for the most efficient use of research, development and production resources. Interoperability involves agreements to adopt, on the broadest possible basis, the use of:
• common or compatible operational, administrative and logistic procedures;
• common or compatible technical procedures and criteria; and
2 See the Defence Security Manual Part 2:33 Annex B—Defence Safehand Service
ADDP 6.0 Chapter 2
2–10 Edition 2
• common, compatible or interchangeable supplies, components, weapons or equipment.
2.18 The LISI Maturity Model in Figure 2–3 presents a logical structure and a discipline for improving interoperability incrementally between CIS. The model facilitates a common understanding of interoperability and its enablers at each level of sophistication or maturity of system-to-system interaction. It quantifies interoperability levels from zero to 4c (left hand column) by assessing systems against the four enabling attributes of procedures, applications, infrastructure and data, which are represented by the ‘PAID’ acronym as shown in Table 2–1. These attributes form the basis for making comparisons between heterogeneous systems and for determining the degree to which system implementations conform to current Defence technical criteria.
Figure 2–3: LISI Maturity Model
2.19 The LISI Maturity Model provides a formal discipline for specifying, assessing or achieving an appropriate level of joint interoperability between information systems. All CIS should achieve a LISI standard of Level 2 as a minimum for joint and combined operations. All CIS for joint systems and new systems should achieve a LISI standard of Level 3 and ultimately the aim should be for all CIS should to achieve LISI standard of Level 4.
ADDP 6.0 Chapter 2
Edition 2 2–11
2.20 LISI expands the definition of interoperability beyond the ability to move data from one system to another. It considers the ability to exchange and share services between systems and focuses on increasing levels of sophistication for system-to-system interaction, ie thresholds of capabilities that systems exhibit as they improve their ability to interact with other systems.
P Procedures
Policies and procedures govern a system’s development through established standards and the procedures and processes, which influence system integration and functional operational requirements.
A Applications
The functions a system is intended to perform. These functions reside most often in the form of user-based application programs, which perform or support a specific set of processes or procedures.
I Infrastructure
The infrastructure required to support the system’s operations contains four sub-components, which are also defined in terms of increasing levels of sophistication.
D Data The data and information structures used to support both the functional applications and system infrastructure.
Table 2–1: Information system attributes
INFORMATION OPERATIONS
2.21 An information operation (IO) is defined in ADDP 3.0—Campaigns and Operations as ‘the coordination of information effects to influence the decision making and actions of a target audience and to protect and enhance our own decision making and actions in support of national interests.’ As further detailed in ADDP 3.13—Information Operations, IO encompasses numerous elements, including operations security (OPSEC); electronic warfare; psychological operations; computer network operations (including computer network defence); counterintelligence; protective security; civil-military cooperation; public affairs and IA.
2.22 IO is the integrated and balanced employment of these elements, effectively coordinated to achieve specific effects in support of the commander’s intent. IO is therefore an integral part of the conduct of operations and a key capability to achieving and maintaining information superiority over an adversary.
ADDP 6.0 Chapter 2
2–12 Edition 2
INFORMATION ASSURANCE
2.23 IA, a key component of IO, contributes to information superiority and is defined in the Australian Defence Glossary as ‘measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation. This includes providing for restoration of information systems by incorporating protection, detection and reaction capabilities.’ IA comprises the activities undertaken to defend and protect information and information systems not only from direct attack but also from natural disaster and human error. IA integrates people, operational techniques and technology to protect information services, detect and react to intrusions or attacks and restore information services as quickly as possible. This multilayered approach, known as defence-in-depth of IA, is everyone’s responsibility, with the security requirements of the Defence Security Manual exercised through guidance from the J2 and J6 branches. It must be remembered that;
• Information is always at risk from natural, accidental and deliberate actions; and
• It is not possible to ensure absolute protection of information, therefore a risk profile is developed and treatments assigned accordingly.
2.24 IA aims to ensure the following:
• Integrity is its protection against unauthorised or unintended modification of destruction of data.
• Availability is the timely and reliable access to data by authorised users.
• Confidentiality is the assurance that information is not disclosed to an unauthorised person or people.
• Authenticity is a combination of unique identification and authentication so the system recognises an entity. This may be a security measure designed to establish the validity (of a transmission, message, or originator), or a means to make the distinction between information that verifies, with some degree of assurance, an individual’s authorisation to receive specific categories of information.
• Non-repudiation is assurance that data is sent with proof of delivery and the recipient receiving proof of the sender’s identity so that neither can later deny having processed the data.
ADDP 6.0 Chapter 2
Edition 2 2–13
Components of information assurance
2.25 The philosophy of defence-in-depth underpins the provision of IA. Defence-in-depth is a design philosophy embedding defence mechanisms at all layers of the information system, including people, operational techniques and technology. Information systems use physical, procedural and technical measures to provide security. These are not only passive measures but include preventative, detective and corrective measures.
2.26 Protective measures. These include the actions taken to ensure OPSEC and information security (INFOSEC), including the elements shown in Figure 2-4.
2.27 Detective measures. These include a range of measures used to identify threats to, and intrusions and attacks on, the information system. These measures include auditing, network ‘sniffing’, COMSEC monitoring and network monitoring.
2.28 Reactive measures. Reactive or defensive measures are the equipment, processes and procedures that are maintained in order to have a rapid and thorough response mechanism available to effectively manage, investigate and contain incidents. Some measures that are implemented as a response to incidents will be the same or similar to measures which were implemented to protect CIS. What will change is the scope or intensity of such measures in response to the actions of an adversary.
PROTECTIVE MEASURES
2.29 Defence collects, receives and develops information to fulfil its operational and business functions. IA provides the doctrine and policy to maximise the protection and availability of information to the users who need it. This protection is referred to as INFOSEC, which comprises a number of inter-related elements as shown in Figure 2–4.
Figure 2–4: Information security components
INFORMATION SECURITY (INFOSEC)
COMPUTER SECURITY
(COMPUSEC)
COMMUNICATIONS SECURITY (COMSEC)
CRYPTOGRAPHIC SECURITY
(CRYPTOSEC) PHYSICAL SECURITY
PERSONNEL SECURITY
TRANSMISSION SECURITY (TRANSEC)
EMANATION SECURITY (EMSEC)
ADDP 6.0 Chapter 2
2–14 Edition 2
2.30 The term ‘information’ in the context of IA encompasses documents and papers, electronic data, the software or systems and networks on which the information is stored, processed or communicated. Information is the knowledge acquired by individuals and the physical items from which information regarding design, components or use could be derived.
2.31 While all official information has a utility value, some is especially valuable to Defence because it is critical to the performance of Defence functions or because the consequences of its compromise or misuse would adversely affect the Commonwealth, the Government, the community or the individual to whom it relates. For these reasons, Defence is required to identify and classify such information through sound risk assessment, and to ensure that it is protected from compromise and misuse.
Communications security
2.32 Every time a transmission is made over a communications circuit, it must be assumed that the enemy can intercept and record the transmission for the purpose of gaining information. Every possible precaution must be taken to ensure that the transmission is protected against interception and exploitation, eg direction finding. COMSEC is the protection resulting from the application of CRYPTOSEC, TRANSEC and EMSEC measures to telecommunications and from application of personnel and physical security measures to COMSEC information. These measures are taken to deny information of value to all unauthorised persons. Such information might be derived from the possession and study of such telecommunications, or to ensure the authenticity of such telecommunications.
2.33 Defence Signals Directorate (DSD) is responsible for advising all government agencies on all aspects of INFOSEC, including COMSEC. Classified COMSEC information must not be released to, or discussed with persons other than appropriately security cleared Australian Commonwealth employees without the prior approval of DSD. COMSEC information may be released by DSD to appropriately security cleared commercial companies to support their involvement in Australian Government projects and to assist them in the design and development of equipment for government use. The responsibility for COMSEC within Defence is as follows:
• Joint. The Strategic J6’s responsibility is exercised by the Defence Cryptographic Controlling Authority and the Director-General ICT Policy and Plans, who is the ADF COMSEC Officer.
• Single Services. Service Chiefs, in liaison with the Strategic J6 and DSD, as necessary and respective unit commanders.
ADDP 6.0 Chapter 2
Edition 2 2–15
• Allied and coalition. DSD, in liaison with any relevant National authorities.
Figure 2–5: COMSEC is vital to protect all transmissions
Cryptographic security
2.34 CRYPTOSEC protection is provided to protect Defence information in transit and at rest. These cryptographic systems include:
• network and removable storage media based systems, which perform the processes of encryption and decryption automatically and simultaneously;
• offline systems are high-grade codes used to perform the processes of encryption and decryption offline prior to transmission and after reception; and
• low-grade tactical codes used to protect the transmission of short-term classified tactical information normally transmitted via non-secure radio nets or circuits.
Emanations security and TEMPEST
2.35 EMSEC is defined in the Australian Government Information Security Manual as ‘the countermeasure employed to reduce classified emanations from a facility and its systems to an acceptable level. Emanations can be in the form of radiofrequency energy, sound waves or optical signals.’
ADDP 6.0 Chapter 2
2–16 Edition 2
2.36 All electronic systems produce unwanted electromagnetic emanations, which can be related to any information being processed. These emanations can cause interference with nearby equipment or may be intercepted and used to extract the information being processed. TEMPEST is a term that refers to the investigation, study and control of compromising emanations from CIS equipment. These investigations are conducted in support of EMSEC.
2.37 Compromising emanations are possible from all electronic devices, including computer keyboards and visual display units. These undesirable emanations pose a threat to security. The majority of modern consumer grade devices have been designed to limit emanations in order to avoid interference with wireless networks and other devices. However where electronic equipment is to be used to process classified information in high risk environments expert advice should be sought at the earliest possible stage of planning, particularly during acquisition as equipment selection may be effected. This will ensure the maintenance of security standards within Defence, and economic implementation of TEMPEST reduction techniques.
2.38 Details of Defence policy and standards relating to TEMPEST and EMSEC, including for deployable CIS infrastructure, are contained in Allied Communications Security Instruction (ACSI) 61—Guidelines for the Installation of Communication and Information Processing Equipment and Systems, ACSI 71—A Guide to the Assessment of Electromagnetic Security in Military and High-Risk Environments, and ACSI 77B—Australian Emanation Security Program. The North Atlantic Treaty Organization’s publications Allied Military Standards General (AMSG)-720B—Compromising Emanation – Laboratory Test Standard, AMSG 788B—Laboratory Test Standard for Protected Facility Equipment and AMSG 784B—Test Procedures for Tactical Mobile Platforms are also source documents for multinational operations.
Emission control (EMCON)
2.39 EMCON is the effective management of all electromagnetic emissions or emanations from a friendly force. Effective EMCON reduces the risk of disclosing the presence, location and composition of friendly forces to the enemy, while still operating sufficient equipment to maintain command and control, and to provide adequate warning of a threat. If it is to effectively support strategic and operational aims, the EMCON intent of a commander must be integrated into the CIS plan and be coordinated with other friendly users of the electromagnetic spectrum.
2.40 EMCON plans aim to exploit any limitation of an enemy’s electromagnetic activities by permitting only the use of emitters that have a low probability of interception. An EMCON plan may impose a variety of radiation status indicators upon frequency bands or specific emitters, designating conditions they use. In addition to supporting a commander’s
ADDP 6.0 Chapter 2
Edition 2 2–17
aim, EMCON plans need to be sufficiently flexible to cope with changes to the operational or tactical situation.
2.41 Responsibilities. The basis for developing an EMCON plan should be determined during the CIS and EMS planning process. As an operational planning process, this is achieved through the Joint Communications Planning Group’s deliberations. Guidance that allows deployed commanders to formulate their own EMCON plan is normally included in the relevant CIS Support Plan or Communications-Electronics Operating Instructions.
2.42 Planning. Achievement of the commander’s intent for EMCON is to be planned at the highest appropriate level. The Commander needs to be fully briefed and aware of the ramifications of the EMCON plan being implemented, prior to approving the plan’s activation. The Commander retains the right to impose, amend or lift the EMCON plan to suit the situation. EMCON plans should follow the conventions as detailed in ADFP 6.0.1—Electromagnetic Spectrum Planning,3 particularly in respect to risk management.
Security risk assessment
2.43 Security measures are generally aimed at reducing the level of risk. It is impossible to operate in a risk-free environment but it is possible, although sometimes expensive, to reduce the risk level. The security measures, as determined through a vulnerability and/or threat and risk assessments, require implementation commensurate with the classification and/or sensitivity levels of the information being handled, stored, processed or transmitted, and the system assets, to ensure that confidentiality, integrity, availability and accountability concerns are adequately addressed.
2.44 CIS risk mitigation is achieved in Defence through sound physical, personnel and technical protection mechanisms, including computer network defence (CND) and COMSEC equipment. Overarching these mechanisms is the accreditation process that serves to ensure that the physical and electronic protection of information and related processes meet the required security standards.
COMPUTER NETWORK DEFENCE
2.45 CND is defensive measures to protect and defend information, computers and computer networks from disruption, denial, degradation or destruction. It involves the coordinated and dynamic defence of the Defence CIS against computer network attack (CNA) and computer network
3 The current ADFP 6.0.1—Electromagnetic Spectrum Planning and ADFP 6.0.1.1—Communication and Information Systems Planning are currently being developed into a new ADFP 6.0.1—Communication and Information Systems Planning.
ADDP 6.0 Chapter 2
2–18 Edition 2
exploitation (CNE). Information superiority requires Defence to place more dependence on its CIS, while demanding increased interconnection of its own networks, and their interconnection with allies, partners and industry. This increases the susceptibility of Defence networks to CNA and CNE.
2.46 Clearly, Defence must defend itself from CNA and CNE to ensure the preservation of Defence CIS networks and its ability to conduct operations. In addition, because of its increasing reliance on commercial off-the-shelf products, where vulnerabilities are often identified and exploited, Defence must have the ability to detect, react and recover from attacks dynamically to ensure continuity of Defence operations.
2.47 The defence of CIS will therefore be achieved by establishing a combination of:
• the relevant processes, organisation and an effective command structure that will carry out CND across (and on behalf of) Defence;
• a minimum set of gateways that will monitor and control the flow of traffic between internal and external security domains;
• a set of intrusion detection sensors and tools on the best commercial and government off-the-shelf capability at all inter-domain gateways and key points;
• monitoring and reporting systems, both electronic and procedural, to control the deployment and use of these sensors and tools;
• technical security procedures that will identify vulnerabilities and check the effectiveness of CND;
• electronic rules of engagement, which permit the CND organisation to conduct the defence of the CIS networks within the legal framework; and/or
• a set of supporting IA measures.
DETECTIVE MEASURES
2.48 Detective measures address the management of the people, components and networks. They include the following:
2.49 Compliance auditing. Standard operating procedures provide a framework of accountability and processes that guide information system security officers and operators in administering the system and correcting non-compliances. The procedures cover normal operating processes and known exception and emergency activities.
ADDP 6.0 Chapter 2
Edition 2 2–19
2.50 Intrusion detection involves the recognition of unauthorised and malicious entry into the Defence network, including monitoring for suspicious packet traffic, tracking intruders and identifying the security holes. This also involves the detection of misuse originating from inside the network, which may be either intentional/malicious or accidental.
2.51 COMSEC monitoring is the act of searching for, listening to, recording of one’s own transmissions, or when specifically agreed (eg on combined operations/exercises) those of friendly forces, for analysis and reporting to improve security, training and standard operating procedures. It involves the monitoring of friendly CIS by friendly COMSEC monitoring units to provide commanders with an insight as to what the enemy can obtain by monitoring, deduction and analysis of our own transmissions. COMSEC monitoring is an important aspect of both training and operations and allows commanders to assess the state of transmission security within their respective commands. This allows commanders to take positive steps to pinpoint and correct insecure areas, thus making the enemy’s interception, analysis and imitative deception much more difficult. ADFP 6.0.3.2—Communications Security Monitoring details the procedures for COMSEC monitoring within Defence.
2.52 Vulnerability analysis (VA) uses automated tools and techniques to scan equipment and software for known security vulnerabilities. VA activities should be conducted at frequent intervals as new vulnerabilities in commercial software and equipment are discovered on almost an hourly basis. The goal of VA is to reduce the time that a CIS is vulnerable to attack.
2.53 Network monitoring. The relevant network operations centre has the responsibility to manage the Defence response to threats to the network. Threats can include, amongst others, viruses and worms, macro viruses, logic bombs and Trojan horses. Countermeasures which can be used include commercial products which prevent and/or remove malicious code, electronic security (access constraint countermeasures), trapdoor access constraints, network security, connection and password sniffing countermeasures and physical security.
REACTIVE MEASURES
2.54 Reactive measures include computer emergency responses, including the restoration of services, the withdrawal of access privileges, procedures for investigating the loss of information or damage to the information system and for determining the effects. An effective incident response process is critical in order to quickly and concisely confirm whether or not a system is truly compromised.
ADDP 6.0 Chapter 2
2–20 Edition 2
HISTORICAL EXAMPLE—CRYPTOGRAPHY
Military organisations have always needed to protect their information and codes and ciphers have been used since earliest times. By World War I the major powers had significant cryptological organisations.
However, it was during World War II that cryptography had developed to the extent that it played a significant part in the Allies’ success. The Enigma cipher was invented in 1918. It was initially designed to secure banking communications, but the German military saw its potential and began to use it for military communications.
Enigma was a great advance on previous cryptographic machines and the Germans thought it was unbreakable. However, the Poles had broken Enigma before the War and in 1939 passed their knowledge to the British and French. Not only had the Poles cracked Enigma but they had managed to reconstruct an Enigma machine and it was this information that was to prove crucial to the British efforts.
Figure 2–6: German soldiers operating an Enigma machine
At Bletchley Park, near London, teams worked to break Enigma. They were able to exploit the fact that Enigma could not encrypt a letter as itself and errors by German operators, to successfully break the Enigma code in January 1940. Wireless stations around Britain intercepted German communications and forwarded the messages to Bletchley Park to be decoded and analysed.
ADDP 6.0 Chapter 2
Edition 2 2–21
To speed up the code breaking process, the brilliant mathematician Alan Turing developed an idea originally proposed by Polish cryptanalysts. The result was the Bombe: an electro-mechanical machine that greatly reduced the odds, and thereby the time required, to break the daily-changing Enigma keys.
Figure 2–7: Four rotor Enigma machine
ADDP 6.0 Chapter 3
Edition 2
CHAPTER 3
PLANNING, ENGINEERING AND TECHNICAL CONTROL
Executive Summary
Communication and information systems (CIS) must be carefully planned and managed if they are to effectively support operational concepts such as network centric warfare (NCW).
NCW uses technology to link sensors, decision-makers and weapons systems to work more effectively together to achieve the commander’s intent.
CIS technical control has a fundamentally important relationship to command, that is based on the principles of centralised management and decentralised execution.
CIS planning is a vital part of the appreciation process but should not be allowed to limit a commander’s plan.
Provision and engineering of CIS is often complex due to the nature of the equipments and systems involved.
The radiofrequency (RF) spectrum is essential for the conduct of flexible, mobile military operations and support activities. RF spectrum management is vital for effective use of the electromagnetic spectrum (EMS) by Defence.
INTRODUCTION
3.1 The purpose of this chapter is to identify the principles and responsibilities for CIS planning, to provide an overview of CIS design and engineering, including EMS management, and to identify the principles and responsibilities for technical control and management of CIS assets. The chapter also outlines the principles of NCW, which are underpinned by the provision of appropriate and effective CIS.
3.2 The employment and control of CIS assets needs to be carefully considered in the CIS planning processes to provide commanders at all levels with system capability and connectivity that allows the aggregation, manipulation and presentation of information to be achieved in a clear, concise format, thus enabling timely and informed decision making.
3.3 CIS personnel are required to manage Defence systems and networks for a variety of roles. Therefore, principles need to be considered, balanced and incorporated with management techniques that best meet the commanders’ requirements. It is important that CIS planners, particularly at the strategic and operational levels, have an understanding of current in-service CIS capabilities, systems and networks that are available to support
ADDP 6.0 Chapter 3
3–2 Edition 2
Defence operations and activities. This will ensure the most effective use of these capabilities in meeting the Commander’s intent.
3.4 Technical control is the provision of specialist and technical advice by designated authorities for the management and operation of forces. It is the specialised or professional guidance and direction exercised by an authority in technical matters. CIS technical control is based on the principles of centralised management and decentralised execution. Centralised management allows for the necessary degree of guidance and control required for the integration of CIS to be applied at the strategic level. Decentralised execution allows for flexibility and redundancy to be incorporated into CIS operational and tactical support plans.
3.5 Historically, evolving technologies lead to the development of new capabilities, and Defence seeks to use technology to maximise the impact of its force, and to provide enhanced capabilities that support the achievement of its overall mission. The ADF avoids the resource-intensive inefficiency of ‘attrition warfare’ and aims to use manoeuvre concepts to minimise casualties, collateral damage and achieve the desired outcome as quickly as possible. It is therefore important that the CIS capabilities keep pace with the improvements in other capabilities.
3.6 Planning for the use of national power1 involves taking a whole of government and whole of nation view of security, communications and industry support. These often conflicting aspects require an appropriate balance to achieve national objectives. Some of the factors affecting the development of an appropriate strategy are diplomatic, information, military and economic. Other less obvious factors such as environment, culture, society and religion are also important.
3.7 Commanders and planners seek to apply strength against weakness more quickly and decisively, and value surprise and deception. It requires the ability to act quickly, to reach out to the critical place at the right time, and create simultaneous problems that an adversary cannot resolve. In order to fight this way, the ADF needs to have the ability to be deployed quickly and sustained at home and at a distance. Relevant and protected information, with skills to plan and control forces, are essential for our people to fight and win.
3.8 The unpredictable enemy forces and manoeuvre actions by friendly forces and adversaries continually change the situational picture. This requires planners and commanders to constantly progress through a decision-action cycle, called the Observe, Orient, Decide and Act Loop, as shown at Figure 3–1. The process is unified by one purpose: to achieve the Commander’s intent. It is captured in the NCW Concept.
1 Australian Defence Doctrine Publication (ADDP) - Doctrine (ADDP-D)
ADDP 6.0 Chapter 3
Edition 2 3–3
Figure 3–1 Observe, Orient, Decide and Act Loop
NETWORK CENTRIC WARFARE
‘I want to emphasise that I see NCW as a people-centric activity. Conflict is a people-centric activity. Peace is a people-centric activity. Machines are but proxies, albeit useful, but hardly an end of themselves. The human dimension of conflict is enduring, and the part that ultimately matters.’
Air Marshal Angus Houston 2005
3.9 NCW seeks to provide the future force with the ability to generate tempo, precision and combat power through shared situational understanding, clear procedures, and the information connectivity needed to synchronise our actions to meet the Commander’s intent.2 The NCW concept uses technology to link sensors, decision-makers and weapons systems, helping people to work more effectively together to achieve the intent.
3.10 NCW is a key concept that enables improved collaboration and manoeuvre. Its main contribution to our military advantage is to allow the military, their supporting agencies, and multinational partners to collaborate across organisational boundaries, regardless of location. This collaborative effort enables our forces to observe the situation, orientate themselves,
2 ADDP D.3—Joint Operations for the 21st Century
ADDP 6.0 Chapter 3
3–4 Edition 2
make decisions and then act. NCW recognises the importance of well-integrated CIS networks providing timely and relevant information to the operational commander, while supporting the decentralised execution of the Commander’s Intent.
3.11 NCW helps the force to generate tempo, be agile and fight asymmetrically. NCW is therefore an approach to the conduct of warfare that derives its power from the effective linking or networking of military forces. It is characterised by the ability of geographically dispersed forces to create a high level of shared understanding of an operational situation that can be exploited via self-synchronisation and other network-centric operations to achieve the Commander’s Intent. The airborne early warning and control aircraft is an important node in the ADF’s integrated network-centric structure, enhancing the commander’s understanding of the areas under surveillance.
Figure 3–2: Airborne early warning and control contributes to NCW
3.12 In contrast with other military technologies, Defence CIS networks permeate the operational environment from the strategic level to forward combat elements. Dependence on the CIS infrastructure, and the capabilities of the people who operate and engineer systems, is a critical aspect of all operational activities. NCW will facilitate access to the right information in the right format and at the right time, allowing the ADF to place the right forces in the right place to achieve the right effect. NCW therefore has the following closely related and mutually reinforcing elements:
• Network. The network connects our major military systems, including our command and control, sensor and engagement systems. The CIS infrastructure will be the initial focus of development, but its effectiveness and the flexibility to make changes quickly will profoundly affect the
ADDP 6.0 Chapter 3
Edition 2 3–5
human element. NCW is about linking people by networks to provide their commander and support personnel with accurate and timely information to more effectively achieve their objectives.
Figure 3–3: The Network3
• Human. The human element is based on professional mastery, which requires high standards of training, doctrine, organisation and leadership. This includes collaboration to ensure a shared understanding of the situation, better decisions and more effective results. It involves trust between the force elements at all levels, and between the military and its supporting agencies.
3.13 Intelligent and innovative application of technology improves the efficiency of today’s networks by integrating the physical, network infrastructure and the data/information with the professional, cognitive abilities of the human user/commander. Future networking technologies could significantly change the way that the ADF operates. Consequently, a ‘learn by doing’ strategy allows step-by-step changes towards a higher quality and therefore more efficient Single Information Environment (SIE)
3 The systems shown are not always distinct, and some are a combination, eg an offensive fire support system, although it is mainly an engagement system, also includes sensor and C2 systems.
ADDP 6.0 Chapter 3
3–6 Edition 2
structure. These steps are described in various plans and roadmaps, which need to be reviewed periodically to incorporate new goals, lessons learnt from observation of the ‘networked’ ADF, and the concept development and experimentation program. Lessons learnt by our allies, and the suggestions made by industry should also be considered to ensure that the ADF NCW concept delivers effective combat capability that is relevant to strategic circumstances.
Establishing the integrated network4
3.14 The establishment of the network, and the integration and exchange of information across it, are fundamental to the development and implementation of NCW within the ADF. In the simplest sense, the network consists of a collection of nodes that are linked to each other to allow the interconnection of users (or systems), the sharing of resources, access to information and the integration of information (or data) and processes (or applications).
3.15 Underlying this simplistic description is the reality that the network is required to connect a vast and diverse array of joint, interagency and multinational systems, all of which will be required to operate seamlessly in all environments and security domains, over an equally diverse array of communications means and linkages. A range of enterprise-level common services, including governance and compliance mechanisms, are also needed to support information integration and exchange within and between those environments and domains, and with allies, coalition partners and other government agencies operating outside the SIE.
3.16 The network is also required to pass various forms of information and data at various transmission rates and security levels. The information is then processed through a combination of machine and human interfaces. In addition to meeting these operational requirements, the network must also meet high requirements for security, robustness, capacity, congestion management and topology.
TECHNICAL CONTROL
3.17 CIS technical control has a fundamentally important relationship with command.5 The exercise of technical control may require or force a technical imperative to influence a command decision. For example, the appointment of a Joint Force Chief Communications Officer (JFCCO) as the lead technical authority within a theatre of operations is a critical, even mandatory requirement. The JFCCO is able to advise a commander where emitters such as radar heads should be placed, but can also order that 4 NCW Roadmap 2009 paragraphs 3.31-3.33. 5 See ADF Publication (ADFP) 00.1—Command and Control in the Australian Defence Force.
ADDP 6.0 Chapter 3
Edition 2 3–7
emitter to be turned off if/when it becomes apparent that it has become a target or a threat to the security of the force elements within the joint task force (JTF).
3.18 CIS technical control is based on the principles of centralised management and decentralised execution. Centralised management allows for the necessary degree of guidance and control required for the integration of CIS to be applied at the strategic level. Decentralised execution allows for flexibility and redundancy to be incorporated into CIS operational and tactical support plans.
3.19 The structure of the CIS technical control and the relationship between the different technical control elements that form part of the overall CIS management within Defence are as follows:
• The Chief Information Officer (CIO), on behalf of the Chief of the Defence Force (CDF) and the Secretary of the Department of Defence, is responsible for the governance, coordination, development, and management of Defence’s SIE. This is exercised through the Defence Committee and subordinate committees and working groups. The Chief Technology Officer within the CIO Group is responsible for the SIE architecture and technical standards.
• The Head of Information and Communications Technology Operations Division is a two star military officer who is the Strategic J6 and the primary military advisor to the CDF on CIS matters. The Strategic J6 is responsible for the efficient operation of the SIE and provision of CIS advice. The Strategic J6’s staff provides CIS advice to and works closely with the J6 staff at Headquarters Joint Operations Command (HQJOC) to manage the information capability and the provision of CIS support to operations. The Strategic J6 also liaises with the Manager Joint Training for CIS to coordinate training and doctrine development.
• Chief of Joint Operations (CJOPS) commands HQJOC, its direct command units, assigned forces and joint task forces when raised, in order to plan, control and conduct campaigns, operations, joint exercises and other activities on behalf of the CDF. The HQJOC J6 is responsible to CJOPS for the day-to-day management of theatre CIS, technical coordination and control measures put in place to support current theatre activities and the control and prioritisation of theatre CIS assets.
3.20 The following groups bring together the various command level communications officers and system controllers responsible for technical
ADDP 6.0 Chapter 3
3–8 Edition 2
control for each particular theatre, joint force or other area of operations (AO), node or specific equipment. Technical control is not an operational authority. It is the specialised or professional guidance and direction, exercised by an authority in technical matters, on behalf of the commander in accordance with command priorities. Technical control ensures that system elements are managed as part of a total capability. The relationship between these technical control elements of Defence CIS management is as follows:
• The Strategic Communications Management Group, chaired by the Strategic J6, exercises end-to-end technical control of all ADF military communications.6
• The Operational Communications Management Group (CMG) formed at HQJOC is responsible for overall control and management of deployed CIS assets.
• For each operation a Deployed CMG is normally formed by the senior deployed headquarters and commanded by the senior CIS officer, eg the JTF J6. CMGs may be single Service, joint or combined/coalition and are responsible for the overall control and management of deployed CIS assets within their allocated AO.
• The Communications Control Group (CCG) for each formation headquarters is responsible for the control of a number of subordinate CIS elements deployed into the CCG’s designated area, as specified by their CMG.
• The Nodal Control Group (NCG) for each node of a communications network is responsible for exercising technical control over all CIS equipment in that node. An NCG is normally established where the complexity or diversity of CIS facilities warrants central CIS management within a particular location.
• An equipment controller (EC) is responsible for the engineering, maintenance and operation of allocated CIS equipment in accordance with unit and system standard operating procedures or technical control handbooks.
3.21 Figure 3–4 shows how joint headquarters and their allocated CIS units may be organised hierarchically to exercise technical control to meet a particular operational requirement. The colours merely indicate the Service from which the control elements would be allocated to a JTF, as opposed to operating along single Service lines. For details of technical control for
6 CDF Directive 9/2008.
ADDP 6.0 Chapter 3
Edition 2 3–9
tactical interfaces and formal messaging, see Australian Defence Force Communications Instruction 6.5.1—Communication and Information Systems Interface Support Requirements.
Figure 3–4: Indicative CIS technical control chain
3.22 The way in which technical control is exercised is dependent on the nature of the system or application and can be broadly categorised as follows:
• Local systems are developed or implemented to support the business requirements of individual elements of Defence, eg divisions, branches or units. While they may provide support to multiple organisations, they are
ADDP 6.0 Chapter 3
3–10 Edition 2
generally operating within well defined management structures.
• Group systems are developed or implemented for operation predominantly within individual Groups or Services, where responsibility for the management and operation of the system resides largely or wholly within the Group, eg Defence Estate Management System.
• Enterprise systems are developed or implemented on a whole-of-Defence basis, eg Defence Voice Network, Defence Restricted Network (DRN), Defence Secret Network (DSN), Personnel Management Key Solution, Military Integrated Logistics Information System and Resource Output Management and Accounting Network.
PLANNING
3.23 Joint CIS planning and control occur in the following dimensions for all levels of command and types of operation from peace to war:
• Functional is the integration of the aims and intentions of the commander into CIS plans, orders and control procedures.
• Technical is the integration of those CIS plans, orders and control procedures into supporting technical plans, directives, databases and control systems.
3.24 The coupling between the functional and technical dimensions must be closely synchronised and, like all organisational constructs, tends to merge under certain conditions and within certain organisations. This is certainly the case when the dimensions are considered within the context of the SIE, as detailed in chapter 1. The functional dimension of CIS planning and control spans both the business and operations information domains, ie policy and doctrine, processes and procedures, organisation and structures, people and training. The technical dimension is weighted towards the management of the elements of Defence’s information infrastructure, ie data, applications, services, user devices, systems hardware, networks/datalinks and bearers.
3.25 CIS planning is a vital part of any appreciation process but should not be allowed to limit a commander’s plan. However, such limitations are likely to occur if planning personnel do not look ahead early enough to anticipate requirements. Planning and operations staffs must be aware that CIS assets are finite resources often requiring skilled personnel, capable equipment, bandwidth and spectrum. Although redundancy is required for survivability and continuity of operations, too much redundancy will increase the vulnerability of the supported force. Compromises may be necessary
ADDP 6.0 Chapter 3
Edition 2 3–11
when balancing operational requirements with CIS resource availability, mobility and acquisition timeframes.
3.26 CIS planning must begin simultaneously with the start of operational planning and in conjunction with the planning activities for EMS use by non-CIS devices, logistics, electronic warfare and information operations. This will require a sound understanding of the Joint Military Appreciation Process (JMAP).
Command structure
3.27 As detailed in the ADDP 00.1—Command and Control Chapter 4, Defence command can be organised into a three-level structure that consists of strategic, operational and tactical, as shown at Figure 3–5. The CIS requirement for each of these levels will change to meet the needs of operational phases and planning processes. The ability of modern communications to reach across all three levels of command is an issue that needs to be considered in all phases of CIS planning.
ADDP 6.0 Chapter 3
3–12 Edition 2
Figure 3–5: A Defence command structure
3.28 There are other strategic, operational and tactical interfaces to allies, coalition partners, non-government organisations and other
ADDP 6.0 Chapter 3
Edition 2 3–13
government departments that need to be taken into consideration by CIS planners. The technical and procedural interoperability between all of these elements needs to be determined and prioritised if commanders and communications staffs are to deploy and manage the information requirements of commanders and support organisations to achieve the mission. A contextual overview of these interfaces is shown at Figure 3–6.
Figure 3–6: Context of Defence CIS interfaces
Operational planning
3.29 Defence employs the JMAP as detailed in ADDP 5.0—Joint Planning and ADFP 5.0.1—Joint Military Appreciation Process to staff the plans for campaigns, operations and Australian Operational Concepts (AOCs). CIS planning aspects are detailed in ADFP 6.0.1—CIS Planning.
• A campaign is a set of military operations planned and conducted to achieve a strategic objective within a given time and geographical area, which normally involve maritime, land and air forces. The duration of a campaign is generally measured in weeks, months or years.
• An operation is a designated military activity using lethal and/or nonlethal ways and means to achieve directed
ADDP 6.0 Chapter 3
3–14 Edition 2
outcomes in accordance with national legal obligations and constraints. It is a military action of more or less constant character aimed at a singular strategic, operational or tactical objective that can be executed in a limited time using one operation order and one task force. An operation may be a phase within a campaign or it may stand alone as a single event. The duration is generally measured in days and weeks.
• AOCs are focused on enhancing the operational level immediate planning process with generic operational concepts and contingency products. Each AOC contains a CIS Concept of Operations (CONOPS) within it.
3.30 The JMAP requires input from the strategic and operational levels of command. The following types of planning are encompassed by the JMAP:
• Deliberate planning is relevant at both the strategic and operational level and is based on standing Government guidance. Planning is assumption-based, predicated on hypothetical situations with possible contingencies and is relatively free of time constraints. It is mainly of peacetime and generic nature, considering the full range of options.
• Immediate planning is also relevant at both the strategic and operational level but is situation specific, based on current events and time sensitive. Although informed by the products of deliberate planning, facts replace assumptions. Planning needs to be both responsive to National Crisis Management Machinery (NCMM)7 outcomes and changing circumstances. It normally only considers a few options.
• Campaign or operations planning is conducted at the operational level as a product of both the deliberate and immediate processes. It is informed by standing Government guidance and NCMM outcomes, aimed at orchestrating tactical means in operational ways to achieve strategic ends. Determining the need for sequels, branches and prioritisation of assets are all part of the campaign/operations planning process.
7 ADDP 5.0 Chapter 1 and ADDP 00.2—Preparedness and Mobilisation, Chapter 3.
ADDP 6.0 Chapter 3
Edition 2 3–15
The Planning Cycle
3.31 The planning process used by Defence is at Figure 3–7.8
• The Strategic Planning Group deliberations produce the CDF’s Warning Order (WNGO) and Planning Order (PLANO).
• The receipt of the WNGO and PLANO at JOC initiates a scoping group to prepare the scoping for the Commander’s Planning Group (CPG).
• Once the scoping is accepted, the Joint Planning Group (JPG) conducts the Mission Analysis (MA) assisted by concurrent supporting planning groups, eg administration, logistics, EMS and CIS planning.
• When the CPG endorses the MA, the JPG develops the Course of Action (COA) and conducts the COA Analysis, both with the continued assistance of the supporting planning groups.
• Based on the analysis, a decision brief is prepared for the CPG.
• On its acceptance, the CONOPS is developed by the JPG with a CONOPS brief to the CPG.
• With CPG acceptance, it is forwarded to the Strategic Command Group for endorsement.
• This initiates the Operation Instruction (OPINST) or Operation Order (OPORD) development by CJOPS, which includes the Theatre CIS Support Plan or Joint Communications-Electronics Operating Instructions as appropriate.
• On receipt of the CDF’s Alert Order, CJOPS continues development and promulgation of OPINST or OPORD to assigned forces.
• Receipt of the CDF’s Execute Order signifies the commencement of the operation.
8 See also ADDP 5.0.
ADDP 6.0 Chapter 3
3–16 Edition 2
Figure 3–7: Defence strategic and operational level planning cycle
3.32 As indicated above, CIS planning must be progressed at all stages of the planning process. At the strategic level this is the responsibility of the Strategic J6 in CIOG and at the operational level the J6 in JOC. The Strategic J6 issues an Implementation Directive to initiate the CIS planning process to coordinate SIE development or use to provide CIS support to deployed forces.
Multinational operations9
3.33 A multinational force (MNF) formed for a multinational operation is designated as either coalition or combined. The lead national authority will appoint the Supported Strategic Commander in coordination with respective national authorities of participating nations. The Supported Strategic Commander is responsible for MNF operation at the strategic level and issues national strategic guidance to the Commander of the MNF. The Supported Strategic Commander is responsible to the Lead National
9 See ADDP 00.3—Multinational Operations.
ADDP 6.0 Chapter 3
Edition 2 3–17
Authority for planning and directing operations at the operational level of command, and more specifically for:
• preparation of CIS policy, guidance and requirements to enable the Commander of the MNF to operate within the CIS infrastructure deployed;
• coordination of CIS releasability issues; coordination of MNF activities with other national, component forces;
• liaising with Troop Contributing Countries and other organisations to initiate resolution of CIS interoperability issues; and
• providing connectivity to the MNF.
3.34 The participating multinational nations appointed strategic level military commanders are responsible for military coordination and support to the Supported Strategic Commander (and in turn, the Commander of the MNF). The Supporting Strategic Commanders are the national military points of contact for coordinating respective nations’ military forces and support. This may involve arranging non-military support from their nations. They are responsible for:
• indicating the CIS manpower, assets, and capabilities available to support the MNF;
• providing the CIS support requirements to the lead nation;
• supporting the CIS activities of the MNF with other national and component forces, and other appropriate entities; and
• preparing national CIS policy and guidance to enable subordinate forces to effectively operate within a multinational force CIS structure.
3.35 The lead nation for an operation has the will and capability, competence and influence to provide the essential elements of political consultation and military leadership to coordinate the planning, mounting and execution of a multinational military operation. It provides for unity of effort and acts as the single channel of strategic direction to the military forces within the multinational effort based on collaboration and agreements with participating nations. Responsibilities are contained within the Multinational Force Standard Operating Procedures, the CIS annex of the Multinational Interoperability Council Coalition Building Guide and related documents, which are available via the HQJOC websites on the DRN at
ADDP 6.0 Chapter 3
3–18 Edition 2
http://intranet.defence.gov.au/jocweb/ or the DSN at http://joc1.nexus.dsn.mil.au/.10
DESIGN AND ENGINEERING
3.36 CIS staffs are required to manage Defence systems and networks for a variety of roles. Therefore, principles need to be considered, balanced and incorporated with management techniques that meet the commanders’ requirements. It is important that CIS planners, particularly at the strategic and operational levels, have an understanding of current in-service CIS capabilities, systems and networks that are available to support Defence operations and activities. This will ensure the most effective use of these capabilities in meeting the Commander’s intent.
3.37 The provision of CIS in the operational and tactical environment is complex, as CIS assets have sensitive electronics that need to be transportable or mobile of rough terrain and are often required to operate in harsh environmental conditions. The need for commonly recognised procedures in establishing, maintaining and managing CIS in support of Defence operations and activities is necessary to ensure the effective provision of network and systems management and associated CIS services. Further detail is in ADFP 6.0.5—CIS Design and Engineering.
Design principles
3.38 In order for CIS to efficiently support operations, the planning and technical control staffs need to continuously consider and balance the fundamental CIS principles from chapter 1 as design drivers, before and during each deployment:
• Support to the chain of command. CIS capabilities enable and need to support the passing of information to and from commanders at all levels for both situational awareness and orders. Most CIS acquisitions require long lead times, so alternate approaches may need to be considered, such as logistics pre-positioning, commercial support or rapid acquisition. This requires communications planning staff to anticipate their commander’s requirements and maintenance staff to establish mechanisms to anticipate failures to prevent un-controlled outages.
• Integration. The CIS and services need to provide seamless connectivity where possible to allow data to be entered once but accessible to other systems as required.
10 Further information is on the Multinational Planning Augmentation Team’s website at https://community.apan.org/MPAT/default.aspx.
ADDP 6.0 Chapter 3
Edition 2 3–19
• Reliability. CIS equipment and software need to be reliable and easily maintainable to maximise their availability to the users. Reliability refers specifically to a low mean time between failures, while maintainability refers to the modular construction of hardware or the ‘reuse plug and play’ approach to software writing.
• Flexibility. An adaptable approach is required for the continuum of operations. Equipment and system designs should be expandable and/or scalable to meet the capability needed. This may involve easily configurable multiple communications modes, power output settings, power supplies, antenna systems, etc.
• Survivability. CIS equipment design and connectivity need to be robust or resistant to the harsh environments in which they may have to be operated. Considerations need to include the physical location (fixed or mobile), the extremes of climate weather conditions, and the electromagnetic environment. Resistance to jamming shock, vibration, temperature, corrosion and dust are some aspects to include in equipment specifications.
• Mobility. CIS need to be designed to support the mobility of the commander’s headquarters for static, defensive through to rapid, advance operations.
• Security. Systems should be designed and deployed to maximise all aspects of security including cyber security and data and information security in order to ensure the confidentiality, integrity, availability, authenticity and non-repudiation of systems. Transmission systems will achieve security through appropriate equipment design and emission control processes that provide low probability of intercept.
• Simplicity. Systems need to be simple designs to allow ease of use and maintenance with minimum training. Units are encouraged to use organic, minimum essential communications to improve mobility, while ensuring redundancy for survivability.
• Capacity. The storage and bandwidth capacity of CIS should be sufficient to meet requirements and to support the services over the distances required within an AO and between AOs.
ADDP 6.0 Chapter 3
3–20 Edition 2
• Quality. Provide clear and concise documentation to enable effective management, audit and correction to achieve or better any required quality of service standards.
• Economy. Although cost of resources is a factor for consideration, this needs to be balanced against the need to achieve any advantage over an adversary in order to achieve the mission. Commanders and CIS users need to be aware that, in addition to the more tangible resources of personnel and materiel, other resources of bandwidth, spectrum, call connection times and power also must not be wasted.
• Interoperability. To achieve an acceptable level of interoperability requires adherence to standards, eg current Defence software standards, processes terminology, and/or commonality of equipment to ensure data can be passed as and when required without corruption or delay.
• Anticipation of requirements. Some CIS require long lead times to ensure commercial support is provided or logistics prepositioning can occur. This requires planning staffs to anticipate requirements. Maintenance staff should also establish mechanisms to anticipate failures to prevent un-controlled/un-planned outages.
RADIOFREQUENCY SPECTRUM MANAGEMENT
3.39 The RF spectrum is essential for the conduct of flexible, mobile military operations and support activities. The need to protect the use of the RF spectrum has been widely recognised since 1903 when the role of the International Telegraph Union was expanded to include access to the spectrum. As world wide interest in the control of the spectrum expanded, it became the International Telecommunication Union (ITU) and in 1947 became a specialised agency of the United Nations. Among its tasks, the ITU regulates the global use of the RF spectrum. The regulatory process is developed at the ITU’s World Radiocommunication Conference (WRC), where rules and procedures are adopted or amended. The output of a WRC is published in the ‘Final Acts’ of the WRC, which revise the ITU Radio Regulations (RR). These regulations are the international treaty governing the use of the radiofrequency spectrum and as a signatory to the ITU Convention the Australian Government is bound by them.
3.40 Sovereign and national rights of nations. An overriding principle in the treaty establishing the ITU is that nations retain sovereign rights over their use of the RF spectrum within their own territory and may modify the RR for national purposes. They must however, comply with the
ADDP 6.0 Chapter 3
Edition 2 3–21
RR for emissions that extend beyond national boundaries. Articles of the ITU Constitution relating to military use of the spectrum are regulated within Australia through the Radiocommunications Act 1992. Military commanders need to be aware of their responsibilities with respect to these regulations.
Figure 3–8: Management of spectrum ensures deconfliction between
force elements
3.41 International military organisation. Australia is a member of the Combined Communications-Electronics Board (CCEB), which is a five-nation11, combined military communication and electronic systems forum, to coordinate any military CE matter referred by a member nation. The national frequency managers of the CCEB countries meet, usually every year, to develop and establish combined RF management policies and procedures and to seek a common approach to items raised at the WRC. CCEB also issues publications relating to spectrum matters between member nations.
3.42 National administration. Within Australia, the Australian Communications and Media Authority (ACMA) is the regulatory body that derives its authority from the Australian Communications Authority Act 1997. Within the framework of the ITU RR, ACMA allocates RF bands for use within Australia. These allocations closely follow the framework of allocations for ITU Region 3. However, there are a few differences in the Australian
11 CCEB member nations and their country codes are Australia (AUS), Canada (CAN), New Zealand (NZL), the United Sates (USA) and the United Kingdom (GBR).
ADDP 6.0 Chapter 3
3–22 Edition 2
table of allocations where national considerations have dictated divergence from the Region 3 allocations. Some bands are reserved principally for Defence purposes and Defence has been authorised to manage some of these bands without the need to consult with ACMA.
3.43 Defence administration. The Radiocommunications Act 1992 binds the Crown, and hence the ADF, to ensure that its use of the RF spectrum complies with the Act. Control of the use of the spectrum by Defence is delegated by the CDF and the Secretary to the Defence Spectrum Office (DSO), via the Strategic J6, in accordance with Defence policy. The Director DSO is responsible to the Strategic J6 for the coordination and management of all matters relating to Defence use of the RF spectrum in accordance with the Australian Defence Spectrum Strategic Plan. Further detail is in ADFP 6.0.4—Radiofrequency Spectrum Management.
Defence use of the spectrum
3.44 The aim of military EMS management is to achieve an effective measure of control over the use of the EMS and not just to assign frequencies. While recognising the fundamental principle that all nations retain sovereign rights over the control of radio emissions within their territories, it is the nature of military operations that these rights may be disrupted or temporarily altered. The extent to which this is the case will depend on the intensity and scope of operations.
3.45 EMS management is concerned with all aspects of planning, coordinating, and managing the use of the EMS. In contrast, frequency management is generally accepted to be a subset of EMS management. Frequency managers plan, coordinate and manage the frequency assignment and use of specific frequencies within the EMS bands they are allocated.
3.46 To meet the needs of ADF operations, military EMS management systems must be capable to a high degree of:
• responsiveness, in terms of both speed and appropriateness of response;
• flexibility in operating under unusual or unforeseen circumstances; and
• reliability.
3.47 RF planning is generally performed to meet the needs of radio services within a geographic area, based on the allocation tables in the RRs. In peacetime, it is normally developed from a communications plan or strategy in accordance with the National Frequency Allocation Tables. For operational deployments, the development of a Spectrum Management Plan to meet the requirements of the deployed force can be complex and
ADDP 6.0 Chapter 3
Edition 2 3–23
sufficient time must be allowed by seeking advice early. The production of a plan should commence as soon as a requirement is identified and include the composition of the force (international and national involvement), locations and size of the force elements. Operations rely on accurate spectrum related information; therefore, continuous collection, storage and analysis of the data in a pre-planning phase can assist in developing the Spectrum Management Plan.
3.48 When conducting EMS management, it is important to take into account the electromagnetic compatibility effects created by imperfections in the design of emitters that can cause co-site and, in some cases, far-site interference. These imperfections, such as spurious emissions and intermodulation effects, are the source of electromagnetic interference effects.
3.49 Knowledge of radio wave propagation theory is essential to the creation of both a successful CIS and EMS use plan. In the case of a CIS plan, propagation calculations are necessary to guide the choice of the most suitable communications techniques to be used and the placement of radio and retransmission repeater antenna sites. In the case of EMS use plans, propagation calculations are necessary to ensure the required protection is maintained when employing frequency reuse or other frequency sharing techniques. It is also used to select an appropriate operating frequency where propagation conditions vary with the frequency and length of the radio path, eg from the daily variations of the ionosphere for high frequency radio.
HISTORICAL EXAMPLE
SPECTRUM, THE KEY TO RADIOCOMMUNICATIONS
Early in its development, the value of radio for military and ship to shore use was recognised and navies in a number of countries played an important part in its development. Early wireless experiments were in the medium frequency band from about 300 kHz to 3 MHz. As technology progressed, higher frequency bands came into use. With an increasing number of users and a greater range of frequencies, the control and regulation of the radio spectrum became a critical factor in ensuring effective use of the spectrum and avoiding interference.
After Federation in Australia in 1901, radio spectrum regulation was the responsibility of the Postmaster-General’s Department (PMG). However, at the start of World War I in Australia, as in some other countries for security and strategic reasons, the control of radio and the use of the spectrum came under the military. In Australia this was the Department of the Navy and responsibility was not handed back to the PMG until 1920. However, Navy retained the responsibility for spectrum management and frequency allocation in the military forces.
ADDP 6.0 Chapter 3
3–24 Edition 2
By World War II the range of frequencies in use had increased significantly, bringing with it further challenges.
Throughout World War II there was much trouble caused by over crowding of the wave band but there was little that any of the fighting services could do to correct this because there were so many users of wireless who had to be accommodated. In Australian territory, frequencies for the AMF were allocated by the Department of Navy which for Army requirements received advice from Land Force Headquarters Committee ‘F’. All the fighting services, including American, had representatives on this committee, and the Department of Army’s delegates were members of the SOinC’s [Signals Officer-in-Chief’s] staff. The basic problem with frequencies, simply, was that the demand exceeded the number available, consequently sharing of frequencies by or within formations and services was necessary. Success under these conditions depended on geographic distances separating the users and sensible adjustment of power output. Other factors that had to be considered were wave propagation and ionospheric conditions (which were much better understood at the end than they were at the beginning) including sun spot activity predictions. Officers of the Australian Corps of Signals were active in these areas. They represented the Department of Army on the Radio Research Board, the Australian Radio Propagation Committee and the Post War Frequency Allocation Sub-Committee of the Defence Communications Committee.
By the middle of 1945, wireless communications in the AMF were in three of the standard frequency bands; high, very high (VHF), and super high frequency (SHF). The range of 2 to 20 MHz was used for nearly all wireless sets and for smaller stations at divisional level, a frequency range of 2 to 8 MHz had been standardised, but it was planned to extend this to 12 allow more channels of 50 kHz. The VHF and SHF spectrums each had only one item of equipment in use at that time; the FC2 set which operated between 35 and 40 MHz and the Wireless Set Number 10, which had only two frequencies, 4400 and 4760 MHz.
Theo Barker, Signals A History of the Royal Australian Corps of Signals 1788-1945, Canberra, Royal Australian Corps of Signals Committee, 1987.
In the post-war period responsibility for spectrum management passed to the Joint Communications Board and eventually to the current Defence Spectrum Office.
ADDP 6.0
Edition 2
GLOSSARY
The source for approved Defence terms, definitions and abbreviations used in this publication is the Australian Defence Glossary (ADG), which is available on the Defence Restricted Network at http://adg.eas.defence.mil.au/adgms/. The ADG is updated regularly and should be checked for amendments to the entries in this glossary.
TERMS AND DEFINITIONS
authentication A security measure designed to protect a communication system/network against fraudulent transmissions.
Chief Technology Officer (CTO) An appointment in the Chief Information Officer (CIO) Group who is responsible for the technical control of Defence’s Single Information Environment on behalf of the CIO.
code A system of communication in which arbitrary groups of symbols represent units of plain text of varying length. Codes may: • convert information into a form suitable for communication and/or
encryption; eg Morse code; • reduce the length of time necessary to transmit information, eg
brevity code to reduce long sentences; or • provide a degree of security for the information being transmitted,
eg cryptographic code.
communication system (CS) An assembly of equipment, procedures and personnel organised to accomplish information transfer functions between its users. It includes transmission, switching and user terminal systems, and storage or processing functions in support of information transfer, ie communication.
communication and information system (CIS) An assembly of equipment, procedures and personnel organised to accomplish data transfer and information processing functions. Communication and Information Systems is also the name of a Defence doctrine series and a group of Defence Instructions.
communications centre (COMMCEN) An agency/unit charged with the responsibility for receipt, transmission and delivery of messages. Note: It normally includes a message centre with cryptographic security, transmitting and receiving facilities.
ADDP 6.0
2 Edition 2
communications channel (ch) A route on a communications circuit to transfer data from a sender to a receiver. More than one independent channel may be carried on a circuit by frequency, time or code division multiplexing.
communications circuit (cct) An electronic path via line or radio, between two or more terminals, capable of providing a number of communications channels.
communications-electronics (CE) The specialised field concerned with electronic devices and systems used for the acquisition, processing storage, display, analysis, protection and transfer of data/information.
communications interface A boundary or point common to two or more systems or other entities across which useful information/data flow takes place. Useful information flow requires the specification of the interconnection of the system elements that enable them to interoperate.
communications link A single connection by any means that carries, passes or transmits data of any type (digital or analogue) between two network or terminal devices.
communications monitoring The act of listening to, reviewing and/or recording one’s own or by special agreement, other friendly forces’ communications for the purpose of maintaining and improving standards of communications security or efficiency, or for reference.
communications network A combination of one or more communications links or systems interconnected by network devices (nodes, switches, routers, regenerative repeaters, etc) to from a mesh/network that passes/transmits data of any type (digital or analogue) between two or more devices.
communications security (COMSEC) The security measures taken to deny unauthorised personnel information derived from telecommunications and to ensure the authenticity of such telecommunications. Note: It includes the use of cryptographic security, transmission security, emanations security, personnel and physical security measures to protect communications from unauthorised interception and exploitation.
ADDP 6.0
Edition 2 3
communications terminal A communications facility which constitutes a point of origin and/or termination of a circuit or channel.
computer security (COMPUSEC) Specialised measures developed to protect information processed or stored within computing systems.
cryptography (crypto) The art or science concerning the principles, means and methods for rendering plain information unintelligible and for restoring encrypted information to intelligible form.
data Representation of facts, concepts or instructions in a formalised manner suitable for communication, interpretation or processing by human or automated means. Note: It includes any representations such as characters or analogue quantities to which meaning is, or might be assigned. It comprises some sort of unprocessed quantities, eg numbers, text strings, readings from sensors or other instruments, whereas information comprises quantities derived from these by some process, ie through calculators, inferences, transformations, etc.
Defence Architecture Framework (DAF) A framework using the Australian Defence methodology for the production of Defence Enterprise Architecture data and products.
Defence Computing Bureau (DCB) An element of the Chief Information Officer (CIO) Group responsible for data centres and enterprise databases of Defence’s Single Information Environment on behalf of the CIO.
Defence Restricted Network (DRN) A computer network of Defence’s Single Information Environment for disseminating information classified up to and including RESTRICTED.
Defence Secret Network (DSN) A computer network of Defence’s Single Information Environment for disseminating information classified up to and including SECRET.
Defence Spectrum Office (DSO) An organisation of the Chief Information Officer (CIO) Group responsible for the management of the electromagnetic spectrum in Defence’s Single Information Environment on behalf of the CIO.
ADDP 6.0
4 Edition 2
Defence Top Secret Network (DTSN) A network of Defence’s Single Information Environment that is accredited for the Joint Intelligence Information System and related applications.
domain An information system or subsystem that is controlled by a single management authority, and all components of the information system are subject to a single, system-specific security plan.
electronic information exchange (EIE) The connection of two or more computers in order to share information, including the point-to-point connection of two computers, connection to a local area network, a wide area network or the Internet for the sharing or manipulation of electronically stored information.
electronic warfare (EW) Military action to exploit the electromagnetic spectrum (EMS) which encompasses the interception and identification of electromagnetic emissions, the employment of electromagnetic energy, including directed energy, to reduce or prevent hostile use of the EMS and actions to ensure its effective use by friendly forces.
emanation security (EMSEC) The countermeasure employed to reduce classified emanations from a facility and its systems to an acceptable level. Emanations can be in the form of radiofrequency energy, sound waves or optical signals.
emission control (EMCON) Measures to minimise the use of electronic emissions by friendly forces to reduce the risk of disclosure of the presence and composition of a force, whilst operating sufficient equipment to provide adequate warning of the threat situation.
exercise A military manoeuvre or simulated wartime operation involving planning, preparation and execution. It is carried out for the purpose of training and evaluation. It may be a combined, unified, joint or single service exercise depending on participating organisations.
frequency The number of recurrences of a periodic phenomenon in a unit of time. In specifying an electrical or electromagnetic spectrum frequency, the unit of time is the second, eg the frequency is 15 000 cycles per second or 15 kilohertz.
ADDP 6.0
Edition 2 5
frequency assignment The process of designating a radiofrequency for use at a specific station or by a specific military formation under specified conditions of operations.
information (info) Data in context, including documents and papers; electronic data; the software or systems and networks on which the information is stored, processed or communicated; intellectual information acquired by individuals; and physical items from which information regarding design, components or use could be derived.
information and communications technology (ICT) The applied science and engineering aspects related to the creation, manipulation, presentation, dissemination, etc of data for the communication of information between users.
information exchange The formal or informal transmission of information from, to or within an information environment. It can be conducted using electronic or physical means, in fixed or deployed environments and across all security domains.
information network A combination of one or more communications links or systems interconnected by one or more network devices (nodes, switches, routers, regenerative repeaters, etc) to form a mesh/network that passes/transmits information between two or more user information devices (computers, radios, telephones, hand-held data terminals, etc) or systems.
information security (INFOSEC) A procedural system implemented to ensure that official information is protected from compromise or misuse.
information system (IS) An assembly of equipment, procedures and personnel organised to accomplish information processing functions. It includes software, computers, communications infrastructure and other devices designed for the collection, disposition, dissemination, maintenance, processing, sharing, storage, transfer and use of information.
International Telecommunication Union (ITU) The United Nations (UN) agency responsible to maintain and extend international cooperation between all UN members for the improvement and rational use of telecommunication of all kinds.
ADDP 6.0
6 Edition 2
interoperability The condition achieved between communications-electronics systems or equipment when data, information or services can be exchanged directly and satisfactorily between them and/or their users. The degree of interoperability should be defined when referring to specific cases, eg Level 3 of the Levels of Information Systems Interoperability Maturity Model.
intrusion The unauthorised entry into a communication and/or information system or network, to create confusion and/or inject false information.
joint Connotes activities, operations, organisations, etc in which elements of more than one Service of the same nation participate. When all Services are not involved, the participating Services are identified, eg Joint Army-Navy.
joint communications The common use of communications facilities by two or more Services of the same nation.
joint force A force composed of significant elements of the Navy, Army and Air Force, or two or more of these Services, operating under a single joint force commander.
Levels of Information Systems Interoperability (LISI) Maturity Model A methodology for measuring and reporting the target and achieved interoperability of communication and information systems within an information environment.
link The communications facilities between two points. In maritime usage, the word is invariably associated with automatic data transfer over a tactical data link.
maintenance All actions taken to retain equipment in, or to restore it to a specified condition, including inspection, testing, servicing, classification as to serviceability, repair, rebuilding and reclamation.
national security The ability to preserve the nation’s physical integrity and territory, maintain economic relations with the rest of the world on reasonable terms, protect its nature, institutions and governance from disruption from outside, and control its borders.
ADDP 6.0
Edition 2 7
net An organisation of stations capable of direct communication on a common channel or electromagnetic spectrum frequency.
official information Any information received, developed or collected by, or on behalf of, the Australian Government, through its agencies and external service providers. Note: It includes: • documents and papers; • data; • the software or systems and networks on which the information is
stored, processed or communicated; • the knowledge acquired by individuals; and • physical items from which information regarding design,
components or use could be derived.
radiofrequency (RF) An electromagnetic spectrum (EMS) frequency, a band of frequencies, or a point on the radiofrequency part of the EMS used for radiocommunications. It is normally expressed in kilohertz (kHz) at and below 30 000 kHz and in megahertz (MHz) above this frequency.
radio relay The reception and retransmission by a radio station of signals received from another station or from the line portion of an integrated line and radio system, for the purpose of increasing the range, flexibility and security of a line-of-sight communications bearer.
Single Information Environment (SIE) A capability that consists of the data/information used by Defence for business and military operations and the means by which it is created, managed, manipulated, stored and disseminated in and across all security domains. Note: It includes all Defence assets, personnel and capabilities involved in the exchange of data such as fixed, mobile, standalone and deployable networks, user devices and their support services, including Defence services hosted on external servers. (Replaces the Defence Information Environment).
Strategic Communications Management Group (SCMG) The most senior element of the communication and information systems technical control chain headed by the Strategic J6.
ADDP 6.0
8 Edition 2
TEMPEST A codeword referring to the investigation, study and control of compromising emanations from information processing equipment.
threat A potential event or intention that could adversely affect the security of a facility, asset or function, eg loss, damage, destruction, reduced capacity, compromise, etc.
unit In the context of Defence’s Single Information Environment, a business unit of a Defence division, branch or directorate, or a military unit or sub-unit.
videoconference The transmission and reception between two or more parties of real-time audiovisual information.
ABBREVIATIONS ACMA Australian Communications and Media Authority ACSI Australian Communications-Electronic Security Instruction ADDP Australian Defence Doctrine Publication ADF Australian Defence Force ADFP Australian Defence Force Publication AMSG Allied Military Standards General (publication) AO area of operations AOC Australian Operational Concept AUS Australia(n) (country code) AUSDAF2 Australian Defence Architecture Framework 2 C2 command and control CAN Canada (country code) CCEB Combined Communications-Electronics Board CCG Communications Control Group CDF Chief of the Defence Force CDSC Commander Defence Strategic Communications CIO Chief Information Officer CIOG Chief Information Officer Group CIS communication and information system(s) CJOPS Chief of Joint Operations CMG Communications Management Group CNA computer network attack CND computer network defence CNE computer network exploitation CNR combat net radio COA Course of Action COMMCEN communications centre
ADDP 6.0
Edition 2 9
COMPUSEC computer security COMSEC communications security CONOPS Concept of Operations CPG Commander’s Planning Group CRYPTOSEC cryptographic security CSS command support system DCB Defence Computing Bureau DEA Defence Enterprise Architecture DIE Defence Information Environment (Archived. See SIE) DRN Defence Restricted Network DSD Defence Signals Directorate DSN Defence Secret Network DSO Defence Spectrum Office DWACN Defence Wide Area Communications Network EIE electronic information exchange EMCON emission control EMS electromagnetic spectrum EMSEC emanation security FIC fundamental input to capability FJOC Future Joint Operations Concept GBR United Kingdom (country code) HF high frequency HJCC Head Joint Capability Coordination HQ headquarters HQJOC Headquarters Joint Operations Command IA information assurance ICT information and communications technology IDA Integrated Defence Architecture IM information management INFOSEC information security IO information operations IS information system ITU International Telecommunication Union JCA Joint Capability Authority JCCC Joint Capability Coordination Committee JDN joint data network JFCCO Joint Force Chief Communications Officer JMAP Joint Military Appreciation Process JPG Joint Planning Group
ADDP 6.0
10 Edition 2
JTF joint task force LAN local area network LISI Levels of Information Systems Interoperability (Maturity
Model) MA Mission Analysis MIS management information system MNF multinational force NCG Nodal Control Group NCMM National Crisis Management Machinery NCW network centric warfare NZL New Zealand (country code) OGO other government organisation OPINST Operation Instruction OPORD Operation Order OPSEC operations security PLANO Planning Order RF radiofrequency RR Radio Regulation SHF super high frequency SIE Single Information Environment SOA Service Oriented Architecture TRANSEC transmission security UHF ultra high frequency USA United States (country code) VA vulnerability analysis VCDF Vice Chief of the defence Force VHF very high frequency WNGO Warning Order WRC World Radiocommunication Conference