The U.S. Army is employing blockchain-related capabilities to provide information trust on the future battlefield. The advanced solution, being developed to be part of the Program Executive Office Command Control Communications-Tactical, or PEO C3T, Capability Sets 25 and 27, also relies on machine learning and zero trust applications. Computer engineers at the service’s tactical communications research and development arm, the Combat Capabilities Development Command C5ISR Center, at Aberdeen, Maryland, tested the solution in May during the Network Modernization Experiment 21 (NetModX 21), held at Joint Base McGuire-Dix-Lakehurst, New Jersey.
The scientists want a solution that enables verified data to travel through Army networks in a contested environment. The software confirms that information has not been maligned by adversaries, giving a so-called provenance to the data. The solution has three components: a user authentication service; the data provenance piece, the core component; and a machine learning data integrity service used to detect anomalies, explained Humza Shahid, a computer engineer at the C5ISR center.
On July 16, Shahid, along with two other computer engineers, Sanae Benchaaboun and Joseph Chen, provided a review to reporters of the center’s recent testing efforts during the NetModX 21.
“Our primary focus on this effort is to allow the warfighters to trust their information better,” Shahid stated. “And by that, I mean really giving them a mathematically verifiable way of vetting their data. From sensor to shooter, from the producer to consumer, being able to trace the lineage, that data provenance.”
The blockchain-related capability verifies the flow of key battlefield messages, such as GPS location, call for fires, call for medic, evacuation orders and other critical information that leaders use to make battlefield movements and decisions. The two-prong solution provides both an additional trust in the data and mitigates certain types of insider attacks, Shahid explained.
“The idea is to give commanding officers the ability to make critical decisions with the added trust in their information,” he said. “It essentially is minimizing or eliminating the risk of man-in-the-middle attacks [in which adversaries] change the data before it gets to the consumer.”
Building off the initial successful testing of broader industry capabilities at last year’s NetModX 20, the C5ISR engineers used this year’s NetModX 21 to examine a single, vendor-customized, preliminary software solution under a rigorous threat-based environment, Shahid noted. They employed a cyber red team “to really tear in our systems and show us any vulnerabilities that we can work to address,” he shared. “It helped us not only focus on the capability but also on good cyber security posture to ensure we’re not creating more holes.”
The authentication service, which provides the solution with authentication enhancements, is relying on the beginnings of a zero-trust architecture, the engineer stated. “We have different techniques that we were testing in order to validate that a user is who we expect them to be without just looking at their login,” he clarified. “It could be a variety of things, the way they use their computer or the way that you do different applications.”
For the core component of date provenance, the engineers evaluated that the blockchain-related solution could operate successfully in a tactical environment over radio waveforms and limited connectivity. The challenge there, Shahid said, is for the capability to work when users are minimizing their bandwidth usage, minimizing their compute usage and/or operating during times of disconnect.
“One of the challenges we’ve identified is really this connectivity piece,” he said. “Not having 100 percent of connection like when you’re at an enterprise level is obviously a very big challenge when you’re supposed to be pushing stuff up into a blockchain. So, we’re looking at a testing a couple of different options for how we can maintain some of this data and be able to combine it all together without losing that provenance.”
Meanwhile, the third part of the solution, the data integrity service, employs machine learning to detect anomalies, similar to a capability that Benchaaboun is developing. “The idea with that is we are informing the user of the goodness, that the level of trust taking place in their data,” Shahid said. “And providing [options] that our customers can use to take action if they would prefer that automated action.”
Because this year’s evaluation at NetModX 21 was mostly a “white-coat” event involving C5ISR’s scientists, the engineers will next involve soldiers in the coming months to further develop the capability from their input.
“What I have seen evolve over the years is how the battlefield of the future is morphing,” said Chen. “The expectation is for military networks to operate in a heavily contested environment whether it’s denied, or interrupted in limited conditions, the adversary continues to attempt to infiltrate and attack our friendly networks and IT systems,” he said. “Our tactical cyber network defenders will need assistance to proactively defend the network at machine speed.”
As such, the C5ISR Center will continue to conduct research “into a more balanced, more effective human-machine team,” evolving commercial tools for that future battlefield. “The nature of the tactical environment with limited resources, in both manpower and machine power, make a lot of the commercial-end tools unviable,” Chen noted. “It is the center’s focus to help bridge the gaps by promoting these R&D efforts.