Industrial Views on Achieving NATO Interoperability By NATO Industrial Advisory Group Study Group 137

Content Study approach Understanding Interoperability Interoperability policy Standardization process Interoperability acquisition Capability and technologies Business models Role industry Conclusions

Approach: Quantitative results 18 companies, 2 industry associations 4 working groups changed into 3 11 industry interviews 18 NATO interviews 27 weeks, project duration 26/3-1/10, 2009 Budget 120K, justification 91K HLA, 70 detailed recommendations

Approach: 18 Industries + 2 Industry Associations SSM TU industry associationR&S (GE) NIDV NL industry associationEPM (NO) STM (TU) Sagem (FR) Tubitak (TU) Rheinmetall (GE) SAIC (US)Thales (FR) EADS (GE)CB MSS (GE) Alenia (IT)IBM (NL) LM (US)ITTI (PL) Hydrema (DK)ESG (GE) Selex SI (UK, IT)RomArm (RO)

Approach: staffing requested per 1/10 Gen Abrial, MGen Willemsen (ACT) LGen Hermann, Mr Wilhelmsen (NCSA) MGen Hines (NC3S) Mr Dhollander (NC3A) Mr Van der Giet (NACMA) Mr Kren (BICES) VAdm Moreno (NSA) Mr Dam (IS): more industry role Mr Billard (TMD)

Approach: phased research Secondary research based on available studies and other open information. Analysis of the key issues, conclusions and recommendations, the lessons learned. Primary research based on interviews with industrial leadership, NATO officials, EU and officials of NCOIC, NC3B, NACMO BOD and the CNAD Focus on NATO and national Interoperability policy Standardization Interoperability Acquisition Capabilities and Technologies Business Models

Understanding interoperability Examined from the broadest available definition: The ability of systems, units, or forces to provide services to and accept services from other systems, units, or forces, and to use the services so exchanged to enable them to operate effectively together. And from NATOs C3 point of view: The ability of Alliance Forces, and when appropriate, forces of Partner and other nations, to train, exercise, and operate effectively together in the execution of assigned missions and tasks"

Interoperability policy: analysis National policies have in general a negative effect and impact on NATOs interoperability. NATOs interoperability strongly affected by non-NATO or non-NATO compatible standards required by national acquisition authorities, host nations and NATO acquiring non interoperable assets due to : ambiguity of NATO standards and their limited availability; lack of NATO and national guidance as to which standards should be employed to support which business functions in what scenario and in particular to facilitate interoperability collaboration; lack of common agreement as to the usage of optional components; lack of common understanding of how standards should be used (taxonomy); national policy, capital budgeting and national risk management; entrenched view that having every nation in theatre adopting a common equipment is the only way to achieve interoperability.

Interoperability policy: paradigm shift Interoperability of systems and equipment employed by NATO essentially rests upon standardization, especially in order to comply with interchangeability, commonality or compatibility criteria all along their lifecycle. But just focusing on everybody to follow the same standards, per se should not be the driver behind enhancing NATOs interoperability. Rather, the development of an interface system will emerge as driven by several factors: (a) urgency, (b) market forces, and (c) cost. Plan for a NATO funding for the provision of the integration of the national legacy assets, a NATO Legacy Integration Capability, "NLIC, just like in Telcom and Supply Chain Market allowing a limited set of different open standards

Standardization : analysis Major obstacle : lack of trust of the nations into well established and used international industry standards, but obviously need separate evaluation and certification of NATO and or national authorities and, unfortunately, they are based on different evaluation criteria. NATO should recognize more the value of these well established industry standards and agree on common criteria to evaluate them for certain levels of security. Challenge uniqueness, scrutinize requirements against industry standards.

Standardization: open standards & software Accelerate, the use of open standards and the use of open source software particular in that area where collaboration is crucial like in C2, intelligence, and logistics. Support actively the development of open standards and open software in specific open communities supported by independent SDOs. NATOs strategy should be to find the right balance between open source and traditional commercial produced software Be less dependant on Single Vendors and proprietary through the insistence on the use of open standards.

Standardization: accelerate process Drop Alliance wide consensus-based development of STANAGs that are driven by nations and industry interest, and instead authorize an overarching, agnostic standards committee that would adopt commercial industry standards as its baseline tenet. Allow industry to propose standards (NISP, NSA), to accelerate the production of standards in standardization workshops making use of modeling and simulation Represent NATOs standards in machine readable standards like XML and made them available to industry.

Interoperability acquisition: analysis Requirements capturing based on feasibility studies and built in- house prototypes, CD &E and PoCs often include proprietary infrastructure and hindering the interoperability in the succeeding procurement process. Interoperability is not a high weighted discriminating factor in the NATO acquisition strategy. Best Value Contracts in which the interoperability selection criterion is a dominant factor would stimulate industry for offering better interoperable solutions. The implementation of NATO or NATO compatible standards by NATO acquisition authorities also appear to be hindered by to a lack of governance and effective and timely information and knowledge sharing about standards in between NATO bodies, nations, industries and war fighters. It is not seen mandatory for the NSIP Host Nation in many cases to actually apply existing STANAGs RFPs require, despite the open standards policy, often proprietary software government by license agreements of these agencies with different vendors.

In order to be cost-efficient and have open, shareable information (not constrained by distinct vendors), NATO promotes the use of open source and open standards software. EU: NATO makes ODF one of its mandatory standards The ISO-approved Open Document Format (ODF) is now one of the mandatory standards in NATO. The military alliance included the Open Standard for electronic documents recently in its so-called NATO Interoperability Standards and Profiles. NISP lists all standards that are in use by NATO, ranging from mandatory to recommended. Both NASA and NATO are using open standards-based software in high-profile projects (IBM Rational Rose Real-Time in NASA's James Webb Space Telescope project, and TENET Technology's use of GML for its recently announced GIS contract with NATO). NATO awards GIS Data Preparation contract to TENET with support from Galdos and IIC …The project involves the generation of a wide range of geospatial data models compliant with some of the latest spatial open information standards from OGC and ISO and the conversion of many terabytes of vector, raster and gridded data. A large proportion of NATOs paper holdings of maps and charts will also be digitized and converted to the same set of open standards. The objective is to create an open and shareable map database as part of NATO core GIS infrastructure within the Alliance…

However, due to already installed proprietary infrastructure and software and due to license agreements made with different vendors, the reality is different, resulting in limited flexibility in NATOs choice of products RFQ-CO JWC-JFTC: Microsoft SharePoint, Microsoft Groove, Microsoft InfoPath The PMIC contractor will maintain the programme library, using NC3A intranet resources such as FileNet, MS SharePoint, and a MediaWiki server Microsoft Project (Used in all projects): The NC3A has implemented Microsoft Enterprise Project Manager 2003 for planning, allocation, and tracking of its internal project resources, including its fees for managing projects (Project Service Costs and Internal engineering Services). All work by NC3A staff must be planned and recorded using this system. ICB 2008/30: License agreements: Windows Desktop Operating System Upgrade incl. MS Internet Explorer, Outlook Express and MS NetMeeting b) MS Office Professional incl. MS Word, MS Excel, MS PowerPoint, MS Access, MS Outlook with Business Contact Manager, MS Publisher c) Core Client Access Licenses for Exchange Server, Share Point Portal Server, Systems Management Server, and Windows Server The client operating system will remain Windows XP SP2 or SP3. The server operating system will be Windows 2003 or Windows 2008 … RFQ-CO INFRACORE: License agreements: NATO Desktop: a. Microsoft Windows XP Professional, b. Microsoft Vista Enterprise (32bit), c. Microsoft Office 2003 Professional, d. Microsoft Office 2007 Professional e. Classify for Outlook, f. WinZip, g. McAfee Active Virus Defense Total Protection, h. Adobe Acrobat Reader 6.0, NATO servers: a. All Microsoft Software b. Trend Micro Scan Mail for Exchange IFB CO NATO has a default set of software for Bi SC AIS workstations. The Contractor shall equip every workstation with this software image. The Contractor shall ensure that his system design and the infrastructure is works well with this software set. Some of the software that is included: Office 2003, Adobe Acrobat, Classify for outlook and WinZip. MS Exchange for mail exchange

The installed proprietary infrastructure and software and the different license agreements made by NATO, constrain NATO to force bidders in adapting to their proprietary infrastructure and software, resulting in limited flexibility in NATOs choice of products IFB-CO PMIC: each Command utilizes a client - server architecture using predominantly the Microsoft Windows XP/2003 operating systems and the Microsoft Office automation suite. Some of the FS and CAX applications however use UNIX operating systems such as Solaris, HP-UX and Red Hat Linux. For routine electronic communication, Microsoft Exchange/Outlook provides the primary means of information exchange throughout NATO. IFB-CO AirC2IS shall comply with Microsoft Windows Vista operating system. AirC2IS shall comply with the standards and language specifications Microsoft.NET software development suite and C# Programming Language AirC2IS components shall be compatible with the.NET Framework version 3.5. AirC2IS shall provide an interface … that is compliant with the Microsoft Active Directory. The AirC2IS web capability … Internet Explorer 6 or later. IFB-CO INTEL-FS Microsoft Windows 2008 Server or newer listed on the Microsoft web HCL (Hardware Compatibility List) INTEL-FS components shall be compatible with the.NET Framework version 3.5. ICB 2008/41 MICROSOFT OFFICE UPGRADE: This Contract covers the procurement of services to upgrade the basic Microsoft Office Suite to version 2007

Interoperability acquisition: review Introduce incentives for interoperability to be a Top Level Criterion within Best Value selection. Discriminators could be the use of open standards, interoperable options and levels of testing. Refrain from using enterprise agreements with suppliers of proprietary infrastructure, accept also open standards with equal ability Procurements, prototyping, CD&E should explicitly take into account the interoperability requirements and include a feasibility study on the use of civil open standards. Involve industry earlier in the requirement definition phase to allow a more pragmatic approach on utilization of industrial ideas, technology and standards Develop military open source software that is managed by NATO on behalf of its Nations based on an open source repository consisting of components developed by NATO i.e. individual nations for reuse. Actively integrate open source software in NATOs business but insist on the use of open standards which applies equally to open software and private source commercial software.

Capabilities and technologies: NATOs focus Software Define Radio: standardization and certification by NATO Web services: NATO keep active channel with WS-I Enterprise Service Bus: establish ESB federation CoE Semantic Web and linked Data Web: standardize human and machine representation Cloud computing: create cloud computing strategy and roadmap Universal Armaments Interface: leverage on MOD UK and DOD US work Generic Vehicle Architecture: leverage on MOD UK Def standards Emerging Technologies: capture NRF lessons learned

Business models: review NIAG NATO Collaborative Procurement NATO Integrated Test Bed NATO Coalition of Willing Vanguard Program NITEworks. US CRADAs Spiral Development NCOIC Independent Trusted Information Sharing Environment Capability Integration ACT FFCI

Business models: crucial choices Guidance by NATO to direct the use of specific model in the development of services and capabilities with an eye toward which models suggest the most potential for enhanced interoperability. There is no assumption here that any one Model could, if replicated throughout the Alliance, suffice. There is no one size fits all solution to this challenge. Rather, the assumption of the study is that a variety of approaches will be required, each contributing incrementally, but hopefully substantially, to achieving the agreed goal of the greatest practicable interoperability. Following on from this there is then also the issue of how NATO should engage with industry to arrive at a mutually agreed decision on which business model will be appropriate and how to implement and monitor progress in any project.

Industry role: dependant on business decision Routinely advise NATO on the best technical solutions encouraging either standardization or a modular approach Contribute to the Request For Bidders View phase explicit attention to the interoperability Build solutions based on open architectures and standards Include military requirements into their open standardization development work with the Standardization Development Organizations. Participate in work of NIAG and or NCOIC emphasis on interoperability. Directly participate in the standardisation work of NSIP offering proposals for open standards.

Industry role: NIAG, NCOIC NIAG :establish an own standardization support group and closer interoperability and standards working- group interaction with NATO on a regular basis. NIAG: act as a partner of NATO to organize pre- competitive industry support in the requirement definition phase safeguarding IPR of the contributing industries. NIAG should be prepared to advise NATO on the different analyzed business model. NIAG: support NATO with implementation plan NCOIC, NCOIC: focusing on Software Design Radio technology, Web services technology, Enterprise Service Bus technology, Public Key Infrastructure technology, Semantic Web technology and Cloud Computing technology should drive the respective standardization and interoperability.

Conclusion: (1) Review interoperability policy -focus on the interoperability requirements -funding of a set of interface systems Review standardization policy/process -building trust in open and commercial standards -leveraging the so-called open group concept. -Review standardization process

Conclusion (2) Taking remedial actions in acquisition process by: -introducing interoperability to be a Top Level Criterion within Best Value selection -refrain from using enterprise agreements with suppliers of proprietary infrastructure Focusing on specific capabilities & technologies such as: -Software Defined Radio to create an operational capability of accreditation, standardization and certification - NATOs Universal Armaments Interface to leverage on MOD UK and DOD US work. -NRF lessons learned and scenario database by exploiting the existing wealth of already identified data and adding emerging technologies

Conclusion (3) Giving guidance to direct use business models -out of 11 business models -most potential for enhanced interoperability Tasking industry to assistant on: -requirements setting -standards identification development

NIAG statement in MC To enhance collaboration, interoperability and security in coalition operations NATO should build more trust in open and commercial standards and use well proven and highly respected, evaluated and accredited civil standards and technologies. They are implemented in banking and other commercial markets, but obviously need separate evaluation and certification of NATO and or national authorities and, unfortunately, they are based on different evaluation criteria. It would be recommendable that NATO recognizes more the value of these well established industry technologies and standards and agree on common criteria to evaluate them for certain levels of security, especially where the required capabilities are pretty much the same as for other organizations like logistics, intelligence and cyber defense. Priority should be given to Software Design Radio technology, Web services technology, Enterprise Service Bus technology, Public Key Infrastructure technology, Semantic Web technology and Cloud Computing technology. Each of these technologies are in principle characterized by an open architecture and adherence to open industry standards. These open standards are produced not by industry groupings generating proprietary protocols that are restricted in their application, but by well respected open and transparent standards bodies that are dedicated to ensuring the interoperability and security with and within all organizations who want to collaborate. The real promise of these civil technologies lies in its ability to implement the NATO Network Enabled Capability and to significantly improve the dynamic interoperability of IT systems.

Industrial Views on Achieving NATO Interoperability By NATO Industrial Advisory Group Study Group 137