defense and maritime solutions · advancing the operational readiness of the v-22 osprey fleet via...
TRANSCRIPT
N A T ION A L S E C U R IT Y • E N E R GY & E N V IR ON ME N T • H E A LT H • C YB E R S E C U R IT Y
© SAIC. All rights reserved.
Defense and Maritime Solutions Advancing the Operational Readiness of the V-22 Osprey Fleet via Cloud-Based Analytics (A Work In Progress)
John N. Wood, Ph.D., Systems Engineering Manager March 2013
SAIC.com
© SAIC. All rights reserved.
Agenda
• Our Role • How Did We Get Here? • V-22’s Information Capital Initiative • Our Approach • Cloud Computing Interlude • Overview Of Supporting Architecture
2
SAIC.com
© SAIC. All rights reserved.
Our Role
3
SAIC.com
© SAIC. All rights reserved.
Fixes IETM problems ID’d by Blue Ribbon Panel
Integrates IETM and ground station for directed trouble-shooting and reduced ambiguity
Adds maintenance data, BRB results, NAVFLIR records, TARs, and other sources for increased context, enabling drastically improved speed and accuracy of analytics
How Did We Get Here? Like Amazon®, It All Started With Delivering a Book…
4 IETM = Interactive Electronic Technical Manual BRB = Built-In-Test Review Board NAVFLIR = Naval Aviation Flight Records TARs = Technical Assistance Request Amazon is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.
SAIC.com
© SAIC. All rights reserved.
Today…
5 Adapted from: http://en.wikipedia.org/wiki/File:Systems_Engineering_Process_II.svg
SAIC.com
© SAIC. All rights reserved.
Tomorrow…
6 Adapted from: http://en.wikipedia.org/wiki/File:Systems_Engineering_Process_II.svg
SAIC.com
© SAIC. All rights reserved.
Information Capital
• Information Capital bridges the gap between logistics, engineering, and other stakeholders by providing total visibility on all aspects of the V-22 fleet – Permits holistic approaches to readiness and cost savings – Provides feedback from active fleet to engineers to address root cause – Automates mundane tasks, providing analysts more time to analyze – Identifies early indications of new or changing trends – Promotes collaboration and reuse within the community
7
SAIC.com
© SAIC. All rights reserved.
Information Capital Roadmap
8
Collect Connect Warehouse Analyze Act
ENABLING INFRASTRUCTURE •Data Collection •Reactive Maintenance •Time-Based Inspection/Overhaul
DATA CONSOLIDATION •Knowledge Development •Fault Diagnosis •Remaining Useful Life Calculation •Inspection Targeting
INFORMATION CAPITAL •Decision Support Toolsets •Prognostics and Optimization •Proactive Maintenance •On-Condition Inspection/Overhaul
SAIC.com
© SAIC. All rights reserved.
Our (Informed) Approach
• Understand the tenants of knowledge management (KM) (Michael Stankosky, D.Sc., founder of KM) – Leadership – Organization
• Build a KM framework (Bernard Lewis, Ph.D., architect of JFCOM’s KM system) – Text and data mining – Integration
• Field capabilities deliberately (Bernard Lewis, Ph.D., architect of JFCOM’s KM system) – Apply Fichman’s results-driven incrementalism – Integrate with Kotter’s organizational change methodology
• With an approach enabled by – SoSE fundamentals (Jo Ann Lane, Ph.D., co-author of DoD’s SoSE Guidebook) – Agile management style (David F. Rico, Ph.D., professor of innovation management) – Cloud technologies (John Sahlin, Ph.D., U.S. Navy CANES architect)
9
– Technology – Learning
– Collaboration – Expertise location
SoSE = System of Systems Engineering CANES = Consolidated Afloat Networks Enterprise
SAIC.com
© SAIC. All rights reserved.
Cloud? Is that safe?
10
According to Gus Hunt, CTO of the CIA: Elaborated by INSA Report:
Cloud computing may be more secure than the traditional client-server approach.
CIA technology chief says cloud is more secure than traditional approaches (ComputerWeekly.com, October 2011)
Information security can be enhanced through a cloud computing approach, but
only when it is built into the model’s design. Cloud Computing: Risks, Benefits, and Mission Enhancement for the Intelligence Community (Intelligence and National Security Alliance, March 2012)
INSA = Intelligence and National Security Alliance
SAIC.com
© SAIC. All rights reserved.
Introduction to Cloud Computing
• Security • Definition • Why Move to the Cloud? • Money for the Mission • Cloud Service Models • New Capabilities • Conclusions Regarding Cloud Computing
11
SAIC.com
© SAIC. All rights reserved.
Definition
12
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network
access to a shared pool of configurable computing resources (e.g., networks, servers,
storage, applications, and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction.
Special Publication 800-145: The NIST Definition of Cloud Computing (National Institute of Standards and Technology, September 2011)
SAIC.com
© SAIC. All rights reserved.
Why Move to the Cloud?
For us • Necessity! Current, accessible data centers could not support the technologies
and data volume required for Information Capital success
In general (per the U.S. Chief Information Officer) • Economical: Cloud computing is a pay-as-you-go approach to IT, in which a low
initial investment is required to begin, and additional investment is needed only as system use increases.
• Flexible: IT departments that anticipate fluctuations in user demand no longer need to scramble for additional hardware and software. With cloud computing, they can add or subtract capacity quickly and easily.
• Fast: Cloud computing eliminates long procurement and certification processes, while providing a near-limitless selection of services.
13
25 Point Implementation Plan To Reform Federal Information Technology Management (U.S. Chief Information Officer, December 2010)
SAIC.com
© SAIC. All rights reserved.
Money for the Mission
• Eight out of every 10 dollars spent on IT is “dead money" focused on common infrastructure versus mission-specific applications
• Use of third-party cloud providers is an extension of current IT subcontracting practices that has the potential to further reduce “dead money”
14
Gartner Says Eight of Ten Dollars Enterprises Spend on IT is "Dead Money" (Gartner.com, October 2006)
0% 50% 100%
Possible
Traditional Infrastructure Mission
SAIC.com
© SAIC. All rights reserved.
Cloud Service Models
15
Adapted from: http://en.wikipedia.org/wiki/Cloud_computing
IaaS: Infrastructure as a Service
PaaS: Platform as a Service
SaaS: Software as a Service
Cloud Clients
SAIC.com
© SAIC. All rights reserved.
But That’s Not All…
16
Government agencies that have just moved to the cloud may find that their architectures are not truly optimized to take advantage of cloud technologies.
This flows from incorrectly equating data center consolidation and virtualization to
cloud computing.
How to Manage the ‘Cloud’ for Greater Cost Savings (National Defense, November 2012)
SAIC.com
© SAIC. All rights reserved.
New Capabilities (Subset)
• Snapshots of machines and storage drives – Executable image file stored as data that describes the machine and/or storage drive
“instance” – Examples: Trusted image (“last known good”), historical image (executable scientific
research)
• Horizontal scaling – Launch (or retire) multiple instances to address customer fluctuations
• Activity-based rule sets – Monitor usage and/or performance and automate horizontal scaling
• Multiple availability zones – Instances can be executed in new availability zones to address expected or unexpected
disruptions
• Latency-based DNS – Automatically direct traffic to certain availability zones based on actual performance
17
DNS = Domain Name Service
SAIC.com
© SAIC. All rights reserved.
Use Case: Chaos Monkey
• Created by Netflix, now open source tool available to Amazon Web Services® users
• Randomly and purposely disables production instances
18
Netflix Open Sources Chaos Monkey (TechCrunch.com, July 2012)
Continually tests resilience of architecture
Refreshes images to “last known good”
Ensures baseline is maintained
Reduces impact of malicious attack
Automates update process
Amazon Web Services is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.
SAIC.com
© SAIC. All rights reserved.
Conclusions Regarding Cloud Computing
• Cloud computing is a viable option for the commercial world as well as the DoD – USAF MFOQA program of record received DIACAP certification (MAC III, Sensitive) on
AWS® Commercial Services
• Shifts infrastructure burden to IT/cloud professionals, enabling resources to focus on mission – Reduces “dead money”
• Allows for greater capabilities (including greater security), if properly engineered – Trusted images, horizontal scaling, multiple availability zones, etc.
• Aligns with U.S. CIO’s “Cloud First” policy – Zero capital investment, scalable infrastructure, and immediate access to powerful
compute resources
19
AWS is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.
SAIC.com
© SAIC. All rights reserved.
Readiness Information Center (RIC) High-Level Architecture
20
Data Staging
Trans-formed Data
Knowledge Base
Data Mart
DECK-PLATE
Flight Data
Data Mart
Data Mart
Data Mart
Data Mart
Data Mart
Authoritative Data Sources
(Subset)
Repository
Portal Single Sign-On
Modular Tools and Widgets (Subset)
Time Series Analysis
Security/ Admin Tool
Ad Hoc Query
Data Mining
Report/ Graph Gen
Etc.
SAIC.com
© SAIC. All rights reserved.
“Agile” Approach
21
Data Staging
Trans-formed Data
Knowledge Base
Data Mart
DECK-PLATE
Flight Data
Data Mart
Data Mart
Data Mart
Data Mart
Data Mart
Authoritative Data Sources
(Subset)
Repository
Portal Single Sign-On
Modular Tools and Widgets (Subset)
Time Series Analysis
Security/ Admin Tool
Ad Hoc Query
Data Mining
Report/ Graph Gen
Etc.
Increment 1 Increment 2
SAIC.com
© SAIC. All rights reserved.
RIC Increment 1 (October 2012)
• Goal: Maturation of support processes – Consistent data ingest – Execution of ETL processes – Maintaining software updates
• Architecture: Single tool supported by single data mart updated weekly • Identified
– Support functions (documented on wiki) – Software bugs and improvements – Desktop patches/updates required
• Surprised by – Technical limitation of local data center – Financial burden of “large” data storage – Effort required to condition data
22 RIC = Readiness Information Center ETL= Extract, Transform, Load
SAIC.com
© SAIC. All rights reserved.
RIC Increment 2 (December 2012)
• Goal: Test the feasibility of leveraging cloud computing concepts – Built using Amazon Web Services® GovCloud – Separate region designed for sensitive, defense-related data – Physically and logically accessible by U.S. persons only – Supports existing security controls and certifications such as FISMA and FIPS
140-2-compliant end points • Architecture: Array of analysis tools and widgets integrated via OWF and
supported by multiple data marts updated weekly • “Environment agnostic” design philosophy
– Pro: Allows easy transition to military data center – Con: Limits use of enabling technologies provided by cloud vendors
• Evaluation in progress; however, outlook is promising!
23
RIC = Readiness Information Center FISMA = Federal Information Security Management Act FIPS = Federal Information Processing Standard OWF = OZONE Widget Framework Amazon Web Services is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.
SAIC.com
© SAIC. All rights reserved.
Availability Zone
m1.large 850 GB persistent EBS
m2.xlarge
Accumulo
OWF
m1.small
m2.xlarge
Portal
TCWI
m1.small
S3 Buckets Encrypted
Store of baselined AMI snapshots Store of EBS Data Marts: Accumulo and cube data
Data Extracts
Extract,
Transform,
Load (ETL)
Processors
V-22 Flight Data
Raw Data File (RDF)
Maint & Supply Extracts
Data Staging:
Cleansing and Enriching
96 GB persistent EBS
•10 Instances •5.2TB persistent storage
RIC AWS® Data Flow
24
6x M1 Large Instance: 7.5 GiB of memory, four Amazon EC2® Compute Units, 850 GB of local instance storage 2x M2 (High-Memory) Extra Large Instance: 17.1 GiB memory, 6.5 ECU, 420 GB of local instance storage 2x M1 Small Instance: 1.7 GiB of memory, one EC2 Compute Unit, 160 GB of local instance storage
RIC = Readiness Information Center EBS = Elastic Block Store OWF = OZONE Widget Framework TCWI = T-Cube Web Interface EC2 = Elastic Compute Cloud AWS and Amazon EC2 are registered trademarks of Amazon Technologies, Inc. in the U.S. and/or other countries
SAIC.com
© SAIC. All rights reserved.
The Future?
25
Engineering
Storage
Analytics
Supply
Flight
Virtual Private Cloud
analytics analytics
Data Mart
Data Mart Data
Mart
Data Service Data Service Data Service
app
Text Mining
Information Capital Portal
widget
Continual Improvement
Test widget
Test and Integration Environment
Prototype
widget
Users
Continuous Learning
Delivery
Maintainers
Data Mining
Fault Viewer
Standard Reports
Visual Analytics
Support Staff
Maintenance
25
SAIC.com
© SAIC. All rights reserved.
Thank You
John N. Wood, Ph.D., Systems Engineering Manager 4015 Hancock Street | San Diego, CA 92110 Tel: 619.254.7435 | Email: [email protected] Visit us at saic.com
26