AFRL Tests Google Workspace Suite of Apps to Collaborate with External Partners

Nov. 9, 2021 | By Amanda Miller

The Air Force Research Laboratory is using Google Workspace to collaborate with its “worldwide network of research partners” in a pilot program that has already “dramatically enhanced engagement,” while reportedly saving researchers an average of three hours a week, according to AFRL.

Google Workspace links together Google Cloud’s apps—Docs, Sheets, Chat, Meet, and the like. The company said when launching Google Workspace in October 2020 that it knewmany workplaces were “implementing a mix of remote and in-person work environments” and the apps had “become more integrated, so much so that the lines between our apps have started to disappear.”

“Our mantra is ‘collaborate to innovate,’” AFRL Commander Maj. Gen. Heather L. Pringle said in the release. “We want our alpha nerds to be very connected, and we really want to up their proficiency as a digital workforce.”

AFRL said the pilot is taking place “among a segment of its workforce of scientists and engineers.” The lab pointed out that it is a “global research enterprise” doing research ranging from “laser-guided optics enabling telescopes to see deeper into the universe than ever before, to fundamental science that has spawned innovation in quantum computing and artificial intelligence.”

It said collaborating with outside scientists, businesses, and other government agencies is essential to its strategy.

“AFRL teams are using integrated Google Workspace and cloud-based tools like Google Smart Canvas to simultaneously share, discuss, and chat about critical information—eliminating the toil of email chains and hours-long data file exchanges,” according to the release.

Several aspects of the pilot were unclear in a news release published Nov. 5 by AFRL, such as how much scientific work had taken place over Google Workspace since the pilot. AFRL did not provide comments on possible implications in connection with the Department of the Air Force’s Cloud One Program; whether any classified work is being done over Google Workspace; the extent of the initial deployment, such as total numbers of internal and external users; whether the lab was aware of other military organizations that had used the platform; or other options it may have tried or considered.

In addressing security, the lab cited safeguards including Google Workspace’s client-side encryption, which the company says has “made it easier to keep your files safe from prying eyes by using encryption keys that only you and the file collaborator would have access to.” AFRL said the security measures are “invisible to end users” and implied that the measures abide by Defense Information Systems Agency standards.

COVID-19 “significantly limited the physical presence of researchers,” said research physicist Joshua Kennedy in AFRL’s Materials and Manufacturing Directorate in the news release. “Google Workspace eliminated what would have otherwise been almost a total work stoppage. In fact, new insights into 2D nanomaterials, critical to future Department of the Air Force capabilities, were discovered using Workspace that would have otherwise been impossible.” The release did not elaborate on the discovery.

The release did mention that 240 researchers involved in the “preliminary deployment” of Google Workspace “revealed an average time savings of three hours per week” in a survey. “For AFRL’s highly trained workforce of PhDs, this means more time to dedicate to the mission,” it said.

Dynetics Predicts Gremlins Will Soon Be Ready for Potential Users

Nov. 8, 2021 | By Amanda Miller

The Gremlins drone swarming technology program needs to prove a C-130 can reel in four flying drones in 30 minutes before moving on to testing potential uses for the system.

Engineering, avionics, and program leaders for prime contractor Dynetics briefed reporters on the progress of the Gremlins program Nov. 8. Dynetics program manager for Gremlins, Tim Keeter, called the most recent test “a major milestone not just for the program but for unmanned aviation in general.”

For the past year, Dynetics and the Defense Advanced Research Projects Agency have tested aspects of the flight of the Gremlins vehicles, or GAVs, and the mechanical arm and tether that capture the drones and stow them onboard the C-130. Earlier tests verified safety systems and attempted docking, after which engineers addressed how to better mitigate aerodynamic interference. In a captive carry test, an X-61 was reeled out from the C-130 and back in.

Dynetics’ chief engineer for Gremlins Brandon Hiller said “making that mechanical connection, shutting down the Gremlins Air Vehicle, and reeling it in to the C-130” in the final test demonstrated “a very good process” that “matched our simulation predictions extremely well and demonstrated that it is, in fact, safe to conduct that sort of airborne recovery operation.” However, Hiller added, “We do still have some work remaining to improve the robustness of the system to get to the DARPA objective for recovery in the space of 30 minutes, so we’re not there yet, but … we know what needs to change in the system, both from a hardware and a software perspective, to get us to that point.”

The Gremlins avionics lead at Dynetics, Morgaine Kim, said the drones are designed to fly in assigned spots behind the C-130 until someone pushes a button, indicating the X-61s are ready to be picked up. At that point, each of the GAVs will get in line to be recovered.

Keeter indicated it’s possible that all three remaining GAVs will take part in the next test, in which case they would have to launch from two different C-130s.

He estimated that if the program proves it can haul in four GAVs within the 30-minute window by early 2022 and “that it is feasible, reliable, [and] repeatable for multiple vehicles and at an operationally relevant rate,” he said, “then you could expect a very short delay to get the next phase underway.” With just three Gremlins vehicles left in the inventory, however, success will be measured according to the rate of recovery of those that do take part.

Keeter said that in the next phase, Dynetics and DARPA hope to demonstrate the ability to put everything together “with payloads [and] single operators controlling multiple vehicles in a live constructed environment, performing different aspects of missions for the stakeholders to be able to say and showcase what this capability can really do and how it can help transform the military.”

In terms of how a system such as Gremlins might be used in the field, Keeter mentioned situations ranging from a small number of vehicles going into a denied area with “some sensors … to allow some standoff capability” to one in which “you need many more of these to really provide the decision to limit and then overwhelm an adversary with numbers.”

“A lot of that is going to be directed by the initial stakeholders and who that ends up being in terms of what mission they want to fly, and number, and host vehicle,” Keeter said. “It doesn’t have to be a C-130A,” he added. “We can adapt our recovery system to lots of different types of vehicles—as well as our launches.”

Talks With Taliban Restart as US Worries About Al-Qaeda Threat in Afghanistan

Nov. 8, 2021 | By Abraham Mahshie

The U.S. and NATO are concerned about the reemergence of al-Qaeda in Afghanistan and the need to rely on the Taliban to fight ISIS-Khorasan as talks with the Taliban restart and regional basing agreements are slow to come.

Special Representative for Afghanistan Ambassador Thomas West told journalists Nov. 8 the regional alliance that committed two decades to fighting terrorism and keeping the Taliban at bay has made “no final decisions” regarding how it will continue to fight terrorists in the country. Instead, the senior U.S. diplomat said by phone from Brussels that allies are trusting the Taliban’s own will to fight ISIS-K.

“We want the Taliban to succeed against ISIS-K,” West said. “I think they have a very vigorous effort underway against that group.”

ISIS-K is known to be responsible for the Aug. 26 terrorist attack at the Kabul airport that killed 13 American service members.

West also expressed concern about al-Qaeda.

“Al-Qaeda continues to have a presence in Afghanistan that we are very concerned about,” West said. “And that is an issue of ongoing concern for us in our dialog with the Taliban.”

West was part of an initial rapprochement with senior Taliban officials and U.S. intra-agency representatives in Doha Oct. 9-10. The meeting was followed by a U.S.-European meeting Oct. 12 with numerous NATO partners about the way forward after the recent withdrawal of U.S. and allied partners from the countries.

“Allies are going to continue to play a heavy role in Afghanistan: Germany, the United Kingdom, France,” he said.

West said outside of the NATO framework, European Union member countries have “heavy interest in Afghanistan as well.”

“We will all engage forthrightly and in a clear-eyed manner with the Taliban and with shared interests and objectives,” he added.

West said it was imperative the U.S. work with other regional partners, including China, Russia, Iran, and the Central Asian states to assure a stable and peaceful Afghanistan, but he did not provide details.

Thus far the United States has made no announcements about over-the-horizon basing agreements with the Central Asian countries that border Afghanistan to the north. Diplomacy continues with countries such as Uzbekistan.

“Without disclosing specific timelines, locations, or individuals, suffice it to say DOD is participating in a delegation to Uzbekistan to discuss ongoing security cooperation efforts,” DOD spokesperson Maj. Rob Lodewick told Air Force Magazine on Oct. 21.

Overflight agreements with Pakistan are known to be in place, but that country’s at-times testy relationship with the U.S. restricts a more robust partnership. West said he would be traveling to Pakistan in the near future.

For now, the U.S. will not reopen the doors to its embassy in Kabul, relying instead on another upcoming dialog in Doha. Likewise, Hamid Karzai International Airport remains closed to regular commercial flights. Since the fall of the country to the Taliban, commercial airlines have run charter flights with daytime visual flight rules. Runway lights remain damaged or non-operational.

Despite the challenges, West said the Taliban have cooperated with the U.S. on continued evacuation efforts.

“The Taliban have delivered by and large on their commitment to us to allow Afghans to whom we owe a special commitment and American citizen and LPRs [lawful permanent residents] out of the country over the past several weeks in particular,” he said.

U.S. partners such as Qatar have operated unscheduled commercial flights at “great financial and operational risk” until now, West said, noting that situation may change come winter.

“The airport’s ability to operate in the winter months, I think, is in question,” he added.

U.S. foreign assistance to Afghanistan has been frozen since the Taliban took over, but the U.S. plans to give $474 million in humanitarian aid to the United Nations to administer in the country.

West said the U.S. must see clear signs there is no leakage of resources to terrorists or to the Taliban government itself before the U.S. would consider assistance, such as paying the salaries of civil servants directly.

Pentagon: Allies’ ‘Views and Perspectives’ Being Considered in Nuclear Posture Review

Nov. 8, 2021 | By Greg Hadley

The U.S. has consulted with allies regarding its ongoing Nuclear Posture Review and will continue to do so, the Pentagon said Nov. 8 after a media report indicated other nations have been pressing President Joe Biden not to change American policy on the use of nuclear weapons.

“Without getting into specific details, I mean, for understandable purposes, what I can tell you is that we are, as appropriate, consulting with allies and partners in the course of this review and certainly remain open to listening to and hearing out their perspectives,” Pentagon Press Secretary John F. Kirby told reporters during a briefing.

The Nuclear Posture Review, scheduled to be released in 2022, will likely set U.S. policy for its nuclear weapons arsenal and comes at a key moment. China has dramatically built up its array of intercontinental ballistic missile silos in recent months, while U.S. lawmakers continue to debate whether to modernize several aging legs of the nuclear triad or extend them.

Biden has said in the past that the U.S. should move to a policy of “sole purpose” whereby the sole purpose of American nuclear weapons is to deter nuclear use against the U.S. or its allies. Others, meanwhile, have pushed for a “no first use” policy, whereby the U.S. would pledge to never use nuclear weapons first in a conflict.

The Financial Times reported Oct. 29 that U.S. allies, including the United Kingdom, France, Germany, Japan, and Australia, were all lobbying Biden not to commit to a “no first use” policy, arguing that doing so would weaken deterrence against China and Russia.

Citing two anonymous sources, the Financial Times also indicated that the U.S. sent a “questionnaire” to allies “who provided an overwhelmingly negative response to any changes in nuclear policy.”

On Nov. 8, Reps. Mike Rogers (R-Ala.) and Michael McCaul (R-Texas), ranking members of the House Armed Services Committee and House Foreign Affairs Committee, respectively, announced they had sent a letter to Secretary of State Antony Blinken and Defense Secretary Lloyd J. Austin III, requesting a copy of that questionnaire, as well as “copies of each response received from U.S. allies, and any other cables or memos conveying ally views regarding a potential change in U.S. nuclear declaratory policy.”

That same day, Kirby declined to comment on the letter sent by Rogers and McCaul, saying he had not seen it. Yet while he did not directly confirm the Financial Times report, he did indicate that partner nations were welcome to provide their input on the nuclear posture review.

“I think across the review itself, the views and perspectives of our allies and partners are important and consultations with them and hearing them out and their perspectives has been and will continue to remain important as the review continues down the path,” said Kirby.

“I’m certainly not going to speculate one way or the other about policies inside that review and what that’s going to look like,” Kirby added. “But I would tell you just two things. It has been and remains an inclusive, comprehensive process that’s looking at the broad swath of our strategic deterrent capabilities here in the United States. And number two, any policy decision of that nature is going to ultimately be made by the President of the United States.”

US and Japanese Air Forces Should Increase Training, Coordination, USAF General Says

Nov. 8, 2021 | By Greg Hadley

The U.S. and Japanese air forces should look to strengthen their coordination and training, potentially even staging a high-level exercise in Japan, to counter the threats facing both countries in the Indo-Pacific region, U.S. Air Force Director of Staff Lt. Gen. Kevin B. Schneider said Nov. 5.

Speaking during a virtual forum hosted by the Stimson Center, Schneider emphasized the importance of interoperability and complementing capabilities between the U.S. Air Force and the Japan Air Self-Defense Force, also called Kōkū Jieitai.

Before he returned to the Pentagon this September, Schneider served as commander of U.S. Forces Japan and the Fifth Air Force, acting as the senior U.S. military representative to the island nation. In those roles, he said, one of his primary goals was “training and readiness now.”

“We’ve got to do more with what we have today. And while it’s great that we’re buying advanced systems, and looking forward into the future, we have to be ready today,” Schneider said.

Facing the triple threat of China, Russia, and North Korea all within striking distance, the JASDF and the U.S. Air Force should be training together more, Schneider said, suggesting Japan host a major exercise.

“Much of the training, much of the high-end training that we do between the U.S. Air Force and Kōkū Jieitai, takes place outside of Japan,” Schneider said. “So whether it’s Red Flag exercises we both participate in in Alaska, the fantastic Cope North exercises that take place down in Guam are great, but we have to go on the road to do that. Are there ways that we could do those types of high-end events in Japan? And I understand that that comes with a cost, and I understand local understanding and the sensitivities, but the challenges that are sitting on the front doorstep right now … ought to drive us to have those conversations.”

USAF and JASDF do regularly conduct some bilateral training exercises. The two services completed Exercise Southern Beach out of Kadena Air Base in Okinawa on Oct. 29, marking the first time a Japan-U.S. training program was conducted during nighttime hours.

But Schneider indicated that the air forces should collaborate on both large-scale exercises and smaller ones related to USAF’s Agile Combat Employment model, which is focused on quickly dispersing smaller contingents of multi-capable Airmen to remote bases. By doing so, he said, the American and Japanese forces can “build that connective tissue, exercise that muscle memory, put in place those systems so that when crisis or conflict happens, that we are not doing anything different. We’re just doing the same things that we do every day, but just at a higher volume.”

Gen. Shunji Izutsu, chief of staff for the JASDF, said his service is also working to implement the principles of ACE given the threats posed by nearby nations, though he noted that there are a number of difficulties in implementing that theory in real-world scenarios.

In addition to strengthening bilateral command and control systems, Schneider added that the U.S. and Japan should look to strengthen their ties in the acquisition realm as well. Buying the same system, like the two countries have done with the F-35, increases interoperability. But Schneider also suggested there could be value in coordinated but separate approaches.

“Looking at our long-range plan, does it make sense for us to buy the same stuff, or are there things that the United States can buy that has a certain capability, and Japan can buy complementary systems that have a different capability, but together, we’re able to cover the range of options and capabilities that we would need in conflict or crisis?” Schneider said.

Schneider’s push for even stronger ties between Japan and the U.S. come at a key moment in the Indo-Pacific. The Pentagon has increasingly emphasized China as America’s pacing threat in the world, and the Chinese recently conducted a joint naval exercise with Russia in which the two nations sent ships in a near circle around Japan’s main island.

As tensions rise, dialogue between the U.S. military and the People’s Liberation Army has deteriorated, Schneider said—in years past, USAF and the PLA Air Force would meet twice a year, “sit down in a room together, face to face, and go, ‘This happened on such and such a date. We felt this encounter was unsafe or unprofessional. What are you going to do about it,’ and vice versa.”

Those interactions weren’t always “completely satisfactory,” Schneider added, but they did have some effects and were generally helpful in ensuring incidents didn’t turn into full-blown conflict. Recently, however, the meetings have “dried up a little bit, … and that should cause us a little bit of concern,” said Schneider.

C-130 Catches an X-61 Gremlins Vehicle in Airborne Recovery Test

Nov. 5, 2021 | By Amanda Miller

The Defense Advanced Research Projects Agency crashed one of its four remaining Gremlins air-launched drones during a flight test in October but not without demonstrating some of the autonomous swarming program’s key objectives.

In tests, the X-61 Gremlins Air Vehicles, or GAVs, launch from the wing of a C-130. October’s test at the Army’s Dugway Proving Ground, Utah, both “successfully validated all autonomous formation flying positions and safety features” and “ultimately demonstrated airborne recovery to a C-130,” according to a Nov. 5 DARPA news release. Dynetics is the prime contractor on the program, and Kratos Defense builds the X-61s.

A video posted to YouTube shows the recovery. It begins with an X-61 in flight. A mechanical arm and a tether with a node on the end, described by the program as a bullet, extend from the back of a C-130. The X-61 connects with the bullet then the vehicle’s wings swivel 90 degrees until they’re stowed parallel with the main body. Next the X-61 is reeled in by the tether until it’s secured in the grip of the mechanical arm, which hauls it the rest of the way inside the C-130.

Lt. Col. Paul Calhoun, the Gremlins program manager in DARPA’s Tactical Technology Office, said in the release that the recovery operation “demonstrates the feasibility of safe, reliable airborne recovery” and “was the culmination of years of hard work.”

In addition to the autonomous formations and the recovery performed during the course of four flights of single X-61s, DARPA demonstrated that it could refurbish an X-61 after a flight and have it flying again within 24 hours. Plus, “many hours of data were collected over four flights including air vehicle performance, aerodynamic interactions between the recovery bullet and the GAV, and contact dynamics for airborne retrieval,” according to the release.

Intended to collaborate as a swarm, recoverable air-launched autonomous vehicles promise to “dramatically expand” the distances at which drones can be deployed and their potential uses, DARPA says.

The first airborne Gremlins test in January 2021 demonstrated some fundamental aspects such as data links and the vehicles’ ability to transition to powered flight. An X-61 also crashed in that test after a parachute didn’t deploy, but the parachute was only meant for the test.

A DARPA spokesperson confirmed that after the second crash in October, from an electrical system failure, the agency now has three working X-61s and those will be enough to prove, mathematically, the ultimate goal of flying and recovering four X-61s in under 30 minutes.

Accountability for Erroneous Kabul Strike Up to Combatant Commands

Nov. 5, 2021 | By Abraham Mahshie

The release of an Air Force Inspector General report on the erroneous Aug. 29 air strike that killed 10 civilians in Kabul, Afghanistan, has prompted questions about accountability that will now be left up to the relevant combatant commanders, according to the Pentagon.

“The report and its findings have now been transmitted to U.S. Central Command and U.S. Special Operations Command,” Pentagon Press Secretary John F. Kirby said Nov. 5.

“That doesn’t mean that the door has been closed on accountability,” he added. “Each of those commanders can take a look at the process breakdowns and can determine for themselves if, in fact, in addition to process improvements, there might need to be accountability at their level, and that would be up to them … It’s now a commander-led, focused effort.”

Kirby said Defense Secretary Lloyd J. Austin III was briefed on the report Nov. 1 and gave CENTCOM Commander Gen. Kenneth F. McKenzie Jr. and SOCOM Commander Gen. Richard D. Clarke until mid-November to report back.

“The commanders at those two institutions will now have an opportunity to digest his findings and recommendations and come back to the Secretary in a matter of a couple of weeks with whatever recommendations they have to implement those findings and recommendations,” he said. “The Secretary specifically invited them to come back to him with any additional actions they might deem appropriate.”

The independent investigation by Air Force Inspector General Lt. Gen. Sami D. Said spent 45 days studying the CENTCOM airstrike that killed aid worker Zemari Ahmadi and his family.

A strike cell in Qatar, studying video footage for eight hours, believed Ahmadi’s white Toyota Corolla was a vehicle of interest and that he was involved in planning a terrorist attack against American service members at Hamid Karzai International Airport in Kabul. Only three days earlier, 13 Americans had been killed in a terrorist attack at the airport checkpoints, and the investigation found that attack led to “confirmation bias” and the erroneous attack, though no laws were broken.

Said made three process recommendations to narrowly apply to short-fuse, over-the-horizon strikes in urban areas, which he described as defensive in nature. They included limiting confirmation bias, better information sharing, and better assessments of the presence of civilians.

A careful study of video footage found that two minutes before the strike there was physical evidence that a child was at the compound where the Toyota was parked. Ultimately, seven children and three Afghan men died in the strike.

But Said did not recommend disciplinary action, re-training, or de-credentialing of any of the 22 individuals he interviewed who were directly involved in the incident.

“Let me just be upfront: I didn’t eliminate the possibility of accountability,” Said remarked in a media briefing at the Pentagon on Nov. 3.

“That is commander business. What I concluded at our level in this investigation … I didn’t find violations of law or law of war,” he said. “What I found is the disconnects were an aggregate process breakdown in which many people are involved and it wasn’t any particular individual that was causal to that.”

A SOCOM spokesperson told Air Force Magazine Nov. 6 that it would be “inappropriate to discuss or speculate” on the recommendations before the commander’s review is complete.

“Gen. Clarke has read the investigation into the 29 Aug. strike,” the spokesperson said. “He will submit his recommendations on how to best address the investigation’s findings and recommendations to the Secretary of Defense in the next few weeks.”

CENTCOM did not immediately respond to an Air Force Magazine request for comment.

Lawmakers Warn Time is Running Short to Get 2022 NDAA Passed

Nov. 5, 2021 | By Greg Hadley

With less than two months left in 2021, lawmakers are warning that time is growing short for Congress to sort through the procedural hurdles necessary to get the 2022 National Defense Authorization Act signed into law.

In a press conference Nov. 2, 13 Republican senators called on Sen. Chuck Schumer (D-N.Y.), the majority leader, to immediately bring the 2022 NDAA to the floor of the Senate for a vote. The Senate Armed Services Committee reported its version of the bill to the full Senate on Sept. 22, and the House passed its version a day later. Once the Senate votes on its bill, the two versions will have to be reconciled in conference, voted on again, and sent to the President’s desk for signature.

“Even though the National Defense Authorization Act is bipartisan and fulfills Congress’s most important duties—to provide for the common defense and take care of our troops—Sen. Schumer still won’t let us vote on the bill,” SASC Ranking Member Sen. Jim Inhofe (R-Okla.) said in a statement. “Meanwhile, in the three months since the Armed Services Committee passed this bill, the threats we face around the world—China and Russia, North Korea and Iran, terrorist organizations in Afghanistan—have only gotten worse. By not prioritizing national security now, Sen. Schumer is sending a terrible message to our troops, allies, and adversaries.”

Inhofe added that by not bringing the bill to the floor, Schumer “has almost guaranteed this year will be one of the latest starts to the bicameral conference process ever.” In the past decade, the Senate has passed its version of the NDAA in November twice and December twice.

Inhofe and his fellow Republicans’ concerns were echoed across the aisle by Rep. Adam Smith (D-Wash.), chair of the House Armed Services Committee. Speaking with reporters, Smith said he “can’t argue with the Senate Republicans on this issue. There is no reason that this bill has not been put on the floor in the Senate,” according to Politico.

The NDAA is typically considered “must-pass” legislation and has been approved by Congress every year for more than half a century. While it does not actually appropriate the money spent on defense, the policy bill does authorize the appropriations and sets a host of policies and restrictions. It also typically sets a number of reports for the Pentagon to deliver to Congress, and without it, certain special pay authorizations will expire.

While more than 50 days are still left until the new year, shepherding a bill through the necessary parliamentary procedures could take weeks.

First, Schumer has to file a motion to proceed to a full vote on the bill, said Martin B. Gold, a partner at Capitol Counsel law firm and an expert on congressional rules. Once he does so, he can file a cloture motion on the motion to proceed in an attempt to limit debate. But once he does, Senate rules call for an intervening session before the cloture vote, which requires 60 votes to succeed.

Even then, Gold told Air Force Magazine, the rules call for up to 30 hours of debate before the actual vote on the motion to proceed. If the full time is used and the Senate isn’t in session around the clock, four days can pass from filing a motion to proceed to actually voting on it. And then the process restarts with the vote on the bill itself, with the same requirements for an intervening session and up to 30 hours of debate after cloture.

“The general rule of thumb for a bill like the NDAA is that you can anticipate something in the neighborhood of two weeks, start to finish, motion to proceed to final passage,” Gold said. “It’s an approximation.”

These timelines can be bypassed with a unanimous consent agreement, Gold noted, but just one objection would trigger the process. Ways exist to compress the timeline—by keeping the Senate in session nonstop and over the weekend.

Of course, once the Senate passes its bill, the process isn’t over. The Senate and the House will have to meet in conference to hash out the differences in their versions, then return the reworked bill to each chamber for a final vote.

The length of time it takes to work through the conference process is murky, but a Senate Armed Services Committee aide told Air Force Magazine that the committee typically plans for around three weeks to pass between the Senate and House coming to a basic agreement for a compromise and final passage in both chambers.

Advance “administrative” work can and is being done, the aide said, to ensure the conference process moves as quickly as possible.

Still, a time crunch is coming—both the Senate and House are scheduled to be in recess from Nov. 8 to 12, then again the week of Thanksgiving, and once more starting Dec. 13 until the end of the year. That leaves just three weeks of scheduled session, as Congress also debates a host of other issues, including President Joe Biden’s social spending bill and a dozen appropriations bills. Meanwhile, the continuing resolution currently funding the government expires after Dec. 3.

“The most powerful nation on Earth is running on autopilot,” Sen. Patrick Leahy (D-Vt.) said in a speech on the floor of the Senate on Nov. 4. “And we only have four weeks until the government shutdown, unless Congress takes action. It’s not a theoretical exercise. The actions we take or don’t take in this chamber, with respect to the fiscal year 2022 appropriations bills, affect people’s lives, but also the direction of this nation.”

Commercial Satcom Providers Must Meet Federal Cyber Standards for Military

Nov. 5, 2021 | By Shaun Waterman

Commercial satellite communication providers who want to sell their services to the U.S. military will have to meet the same voluminous cybersecurity standards imposed on federal agencies themselves—plus additional ones specific to space and national security, according to a Space Force official.

The long-delayed standards will be phased in starting next year and will be fully in place by 2025, said Jared B. Reece, the manager of the Infrastructure Asset Pre-Assessment Program, or IA-Pre, within the Space Force office that buys commercial satellite communication services for DOD.

“We wanted to implement a level playing field between the security standards for both our own [DOD] systems and our contract systems,” Reece said. So IA-Pre will require contractors to implement the IT security controls in the NIST 800-53 Risk Management Framework, just like DOD and other federal agencies must—and to use the “high impact baseline,” the most rigorous version of the standard.

NIST Special Publication 800-53 is a comprehensive catalog of over 900 security controls, broken down into 18 “families” that govern every aspect of how an IT system is operated, from ”access control” to “configuration management” and “incident response.” Additional baseline publications define the controls appropriate for the sensitivity of different systems. There will also be ”overlays”—additional or more specific control standards—designed for national security systems and space systems, Reece said in his first major interview about the program.

The move comes amid growing concern about cyberattacks on U.S. satellites that could cripple the U.S. military’s global communications network. Lt. Gen. Stephen N. Whiting, who heads Space Operations Command, predicted last year that a “cyberattack is where we are most likely to face the enemy in space.” Experts consider cyberattacks the most likely kind of military strike against satellites because they are much lower cost and typically reversible in their effects, compared to kinetic weapons.

IA-Pre, Reece explained, qualifies assets—satellites and their associated ground systems—rather than enterprises or organizations. This is important in a commercial satellite marketplace where “there are owners, operators, resellers, distribution partners, any number of assorted teaming agreements … within the industry.”

This complex marketplace meant multiple bidders might submit proposals for a single contract using the same satellite, Reece said. “We might get two companies proposing each other‘s satellites to the same [contract].”

Under the existing system, in which cybersecurity compliance is assessed during the procurement process for each bidder, acquisition officials might find themselves making multiple assessments of the cybersecurity of the same commercial satellite asset, Reece said, because it figured in contract bids from multiple vendors.

IA-Pre is designed to speed procurement by creating a kind of “approved product list” of satellite assets that have been pre-assessed as meeting the required standards, Reece said.

“Right now we’re doing a lot of duplicative work,” he explained. “Having a list of cleared assets, pre-evaluated assets, reduces all those evaluations to one: Once they’re on the asset list, they’re good to go.” Multiple vendors might bid using a single pre-evaluated asset, and the Commercial Satellite Communications Office, or CSCO, can “just pull that information from the asset list, versus every vendor submitting it every time.”

By pre-qualifying the assets, IA-Pre will also mean an end to the lengthy cybersecurity assessments currently required during the procurement process itself, Reece said.

Critically, IA-Pre will also, for the first time, require third-party assessments. Currently, contractors self-attest that they meet required cybersecurity standards.

Under IA-Pre, asset owners will be required to hire qualified third-party assessors, who will review documentation that lays out the asset’s compliance with required control standards and baselines. “The third-party auditor is going to come in, review the system documentation against the baseline, and then submit their findings back to the government,” Reece said.

The assessors will be drawn from a pool of certified third-party assessors the Space Force maintains—known as Agents of the Security Control Assessor (ASCA)—who work to validate contractor compliance with existing security standards.

Such third-party assessments—involving time on site for hourly-paid consultants and their hotel and travel bills—can quickly get expensive, Reece acknowledged, adding CSCO was working with contractors to help them minimize such costs. “The strategy is to maximize the background off-site work and minimize the on-site work,” he said.

CSCO anticipated that the expense of compliance to IA-Pre would show up in increased pricing for the services it buys, Reece said. “We see that coming into the costs of the procurements that we’re doing,” he said.

The third-party process may come as a shock to some contractors, said Andrew D’Uva, president of Providence Access Company, a satellite technology consultancy.

“I won’t call anybody out,” D’Uva told CyberSatGov on Oct. 7. “But I’ll just say that the satellite community has, across the spectrum, taken varying approaches to self-attestation. One person’s version of ‘We met the requirement’ might not be the same as another person’s,” but they all counted for the same under self-attestation, he said.

IA-Pre would for the first time bring “transparency, and hopefully an objective set of criteria and practices that are being applied by … the IA-Pre assessors,” D’Uva said.

Reece said he expected some contractors to fail to meet the new standards. “I don’t anticipate 100 percent compliance upfront,” he said. But the 800-53 standard included a process for contractors to stay on the approved list while they work to achieve compliance. “If you don’t pass, you’re not going to get kicked off, you have chances to review and update that [evaluation],” he said.

The Plan of Action and Milestones (POAM) process produces a roadmap to repair any failings the IA-Pre evaluations identify, Reece said. “If they’ve got 30 controls where they’re non-compliant, they have to put a POAM out for each of those controls.”

The POAM process also allows contractors to explain why they can’t implement a particular control—and to offer alternative security measures and mitigations, Reece said, “The POAM can also say, ‘OK, because of the system, there are certain controls we can’t [implement] … we can’t do X, Y, or Z, here are our mitigations to this control.’”

The evaluations—POAMs and all—will be weighed by officials at CSCO and Space Systems Command, said Reece, but the objective was not to play ‘Gotcha,’ he said. “We don’t want industry to fail out and not be able to participate. We want to incentivize them, give them standards to achieve and push them to ensure that they’re selling us a secure solution,” he said.

IA-Pre aims to provide contractors a return on investment for their spending on security, said Reece. “We give them a chance to showcase their investment through these evaluations.” Compliance could be used as a factor in awarding contracts under a relatively recent procurement innovation known as Best Value Trade Off. BVTO replaced the old Lowest Price, Technically Acceptable standard that basically compelled acquisition officials to always buy the cheapest product.