Uncovering the colorless core of the Army's network
May 1, 2012
- PEO C3T website
- PM WIN-T website
- Soldiers at core of Network Integration Evaluation
- Army's upgraded tactical communications network passes cold weather test, moves closer to fielding
- Soldiers prep for onset of second increment of Army network
- Army Network Modernization
- Army.mil: Science and Technology News
- STAND-TO!: Army Moves from Network Integration Evaluation 12.1 to 12.2
WHITE SANDS, N.M. (May 1, 2012) -- The name may sound like some super hero power taken from the pages of a comic book, but the "colorless core" is carrying the Army's network into the future, enabling Soldiers to send information across the battlefield securely and efficiently, even when on the move.
"Think of the colorless core as cloaking device for data," said John Kantonides, lead systems engineer for Warfighter Information Network-Tactical, or WIN-T, Increments 2 and 3. "It hides the data when we transport it across satellites and across line-of-sight links. It can't be intercepted because no one can see it."
WIN-T Increment 2, the second generation of the Army's tactical communications backbone, will provide an on-the-move colorless core, enabling commanders to command and control their units without fear of the enemy intercepting sensitive information.
"Network management and policies allow critical messages like call for fire and medevac to be processed ahead of others, and it is inherently sensitive data. The colorless core is going to provide the opportunity to protect that data and secure that backbone from intercept by enemy forces," said Lt. Col. Robert Collins, product manager, or PdM, for WIN-T Increments 2 and 3, which are assigned to the Program Executive Office for Command, Control and Communications-Tactical, known as PEO C3T.
The colorless core will be among the many capabilities to be assessed during the WIN-T Increment 2 Initial Operational Test and Evaluation, or IOT&E, scheduled for May. The WIN-T Increment 2 IOT&E will utilize a division slice worth of WIN-T Increment 2 configuration items, with the main effort to be held at White Sands Missile Range, as part of the Network Integration Evaluation, or NIE, 12.2. To truly stress and test the system, WIN-T Increment 2 nodes will also be spread across 2,000 miles of the United States and involve more than 4,000 Soldiers and civilians for the test.
The three-week IOT&E is the Army's record test to fully assess the suitability, survivability and effectiveness of the WIN-T Increment 2 equipment with an operational unit. It will provide the Army with valuable feedback to make any needed doctrine, organization, material or training improvements. The analysis and test results from the IOT&E will be used to support the Full Rate Production Decision scheduled for the fourth quarter of fiscal year 2012.
A successful decision would allow for the fielding of WIN-T Increment 2 to maneuver units across the Army.
"The WIN-T Increment 2 colorless core is going to offer a more efficient way for the IP [Internet Protocol] layer to be encrypted and traverse the network," Collins said. "So protection and optimizing the use of bandwidth will be two of the key features of the colorless core."
Much like a home Internet connection, WIN-T Increment 1 provides Soldiers with high-speed, high-capacity voice, data and video communications to units at battalion level, with Soldiers having only to pull over to the side of the road to communicate. WIN-T Increment 2 supplies a self-forming, self-healing initial on-the-move communications network that reaches down to the company echelon for the first time.
"While WIN-T Increment 2 is being designed to incorporate colorless core, it will also be introduced to WIN-T Increment 1 through the WIN-T Increment 1b upgrade," Collins said. "The 1b baseline will bring the colorless core technology to existing WIN-T equipment to improve capability and to ensure interoperability between the two increments."
Work has also been conducted on other systems that previously did not have colorless core requirements, such as SIPR/NIPR Access Point, known as SNAP, satellite terminals, to provide them with this capability and to increase interoperability within the network, Kantonides said.
In the past with WIN-T systems such as the Joint Network Node, unclassified and secret information were not encrypted in the same way. The Army only encrypted secret information, leaving unclassified information unencrypted. In 2007 the Defense Information Systems Agency decided that everything in the tactical arena should be hidden in a black core, now referred to as "colorless core," so that all data traffic moving among the core's components is encrypted from end-to-end.
"The reason it is called 'colorless' is that the Army often places color codes on certain security enclaves, with secret typically being designated as red and unclassified as black," Kantonides said. "In the colorless core, since you can't see the information, you don't know what color it is. No one knows whether it is secret or unclassified, so unclassified information is just as hard to obtain as secret."
In the WIN-T Increment 2 colorless core architecture, double protection is provided by encrypting the information twice, once at the network layer and then again at the link layer. The information must also then be un-encrypted twice.
For example, information sent from one WIN-T Increment 2 configuration item to another configuration item is sent in the same way, such as a Point of Presence, or POP, that only allows access to secret users, to a Tactical Communications Node, known as a TCN, that allows for both secret and unclassified users.
First an Inline Network Encryptor, or INE, is used to encrypt the information from the POP before it sent across the Wide Area Network, known as the WAN. Then the information goes into a router that decides the best path to send it. The router could possibly send the information to a line-of-sight Highband Network Radio or to a Net-Centric Waveform radio.
Once the radio receives the information, it puts a second layer of encryption on top of it. The double-encrypted information is then sent across the air to the second radio. The second radio un-encrypts the radio portion and sends the information to the new router. The new router sends it to the new INE, which takes off initial encryption and sends the information to the proper user.
"The main advantage of the colorless core is to hide the data to keep it safe," Kantonides said. "The colorless core prevents the enemy from being able to locate, view or intercept any of this information."
The colorless core makes it easier to add new transmission mediums within the WAN architecture. For example, when two vehicles such as TCNs are very close together, instead of using satellite communications, or SATCOM, they can just add a line-of-sight link between the two routers without worrying about the security of the data passing back and forth. If the two TCNs move apart, the connection can simply be disconnected.
Previously it would have been necessary to match security levels to communicate over line-of-sight, a far more difficult endeavor. So the Army will now be able to use less SATCOM and more line-of-sight, which is much cheaper, provides better throughput and less latency.
"The WIN-T Increment 2 colorless core capability is a key component in providing secure mobile communications to our forces," said Col. Ed Swanson, project mManager for WIN-T. "The colorless core capability guarantees the security of the information while providing additional operational flexibility to the network."