Space Force’s Hack-A-Sat Dips a Toe in Digital Waters

Aug. 16, 2021 | By Shaun Waterman

The Space Force’s second annual Hack-A-Sat contest in December will reflect its commander’s determination to be the first truly digital military service, organizers told Air Force Magazine in an interview at the recent DEF CON hacker convention.

Hack-A-Sat was one of the principal attractions at DEF CON’s Aerospace Village—one of the many specialist areas of the convention, each focused on a different variety of hacking expertise.

The competing teams will try to hack each other’s “flat sat” hardware—an earthbound duplicate of the technology inside a real satellite—while defending their own. But before the event gets underway Dec. 11, the teams get to familiarize themselves with the systems they’ll defend and, using a digital twin—a software model that behaves exactly as the flat sat hardware would—to practice attacking those systems.

“The digital twin is for training purposes,” said Stephen Colenzo, technology transfer lead at the Air Force Research Laboratory. “But when it’s game time, it’s all going to be on the real hardware, and they’re going to be remoting in via VPN.”

But smart teams will continue using the digital twin even once the contest is underway, explained Capt. Charles “Aaron” Bolen, Space Force Hack-A-Sat team lead, because it can be used to practice hacking attacks and play out the consequences of defensive measures, such as patching, in more or less real time. ”They can use it offline to practice [attacks] and send commands to it to test things out before they go ahead and execute in the [contest] environment,” he said.

Bolen added that this was reminiscent of the way the Space Force worked to secure its systems. “This is very much the way we really develop space vehicles—testing it [on the software twin] and then running it on actual hardware.”

As he spoke, hackers in the neighboring Car Hacking Village repeatedly set off the alarm on an online vehicle organizers had brought to the floor.

Hackers like to get hands-on access to the systems they’re trying to break into, and Hack-A-Sat organizers brought both a prototype of the flat sat they‘ll be using for the contest in December, and a digital twin of it, that visitors could interact with.

Last year, the first Hack-A-Sat had to pivot after DEF CON 2020 went into “safe mode” and became a purely remote event as a result of the COVID-19 pandemic. The organizers, who had planned for each team to have hands-on access to their flat sat hardware onsite, sent each competitor their own flat sat instead. COVID-related shipping and customs delays meant two teams got their hardware late and one didn’t get theirs until the morning of the competition itself, explained AFRL Program Manager DeliaRae Jesaitis. “It was a real nail-biter,” she said.

This year, rather than risk such delays, all eight of the flat sats—one for each team that qualified for the 2021 contest—will be co-located at a Space Force facility, with the teams porting in to their hardware flat sats via VPN. They will be able to monitor it via CCTV, said Bolen.

“The hope is that, to the competitors, it doesn’t feel any different to being on the spot,” he said. “The advantage is that everyone gets to sleep in their own beds at night … and it allows for maximum participation” when international travel was still extremely disrupted and in-person involvement would be limited by social-distancing requirements. “So, this is definitely allowing for a lot more people to be involved than probably could be if it was in-person,” he concluded.

Eight teams from the United States, Poland, Germany, and Romania qualified for the contest out a field of more than 1,000 who registered to take part in the initial challenges. The eight teams are competing for $100,000 in prize money ($50,000 for first place, $30,000 for second place, $20,000 for third place), and all of them get to keep their flat sats.

The contest lasts for 24 hours, a relatively humane duration, since contestants typically don’t sleep during a capture-the-flag contest. It’s also the shortest duration that eliminates any possibility of advantaging a team because of which time zone they’re in, explained Bolen.

The global aspect of the hacker audience is one of the things that makes Hack-A-Sat valuable to Space Force, said Col. Wallace “Rhet” Turnbull, who runs defensive cyber operations for the USSF Space Systems Command in Los Angeles.

“It’s a good way to engage with the [hacker] community and get people interested in working to secure space” from cyberattacks, he said.

U.S. Rushes to Evacuate Personnel as Taliban Takes Over Kabul

Aug. 15, 2021 | By Brian W. Everstine

U.S. and coalition air crews rushed to evacuate personnel from Kabul as the Taliban entered the Afghan capital Aug. 15, completing the group’s rapid takeover of the country and forcing the now former president into exile.

USAF airlifters, along with those of other NATO nations, carried personnel out of Afghanistan as the State Department warned Americans to shelter in place, with the city’s airport reportedly taking fire. The U.S. Embassy in Kabul said in an alert, “The security situation in Kabul is changing quickly including at the airport.”

Afghan President Ashraf Ghani reportedly left the country earlier in the day. The Taliban took over the presidential palace in Kabul.

U.S. helicopters repeatedly ferried personnel from the sprawling embassy complex in the middle of the city to the airport, where State Department staff and the military coordinated evacuations. The American flag was reportedly taken down at the embassy the afternoon of Aug. 15.

Open-source flight tracking websites showed many successive USAF airlifters, mostly C-17s, along with tankers flowing into Afghanistan from bases in the Persian Gulf.

The United Kingdom Ministry of Defence said it had deployed an air assault brigade and aircraft to Kabul to evacuate British nationals amid the worsening situation.

The rapid Taliban advance into the city accelerated U.S. plans announced just days before. The Pentagon on Aug. 12 had announced it was deploying thousands of troops to Kabul to protect U.S. diplomats as part of the drawdown. Then on Aug. 14, President Joe Biden announced he was increasing the number of troops heading to Kabul “to make sure we can have an orderly and safe drawdown of U.S. personnel and other allied personnel, and an orderly and safe evacuation of Afghans who helped our troops during our mission and those at special risk from the Taliban advance.”

Biden said he warned the Taliban that any attack on U.S. personnel would be met with a “swift and strong U.S. military response.”

“Over our country’s 20 years at war in Afghanistan, America has sent its finest young men and women, invested nearly $1 trillion dollars, trained over 300,000 Afghan soldiers and police, equipped them with state-of-the-art military equipment, and maintained their air force as part of the longest war in U.S. history,” Biden said. “One more year, or five more years, of U.S. military presence would not have made a difference if the Afghan military cannot or will not hold its own country. And an endless American presence in the middle of another country’s civil conflict was not acceptable to me.”

Pentagon spokesman John F. Kirby on Aug. 12 said the U.S. airlift capacity would be able to fly out “thousands” per day, but the advance of the Taliban meant the pace of operations would accelerate.

“This is a temporary mission with a narrow focus,” Kirby said. “We certainly anticipate being postured to support airlift as well, for not only the reduction of civilian personnel from the embassy, but also in the forward movement of special immigrant visa applicants.”

Stealth Adversary Drone Contract Expected in September

Aug. 13, 2021 | By John A. Tirpak

Blue Force Technologies expects a contract in the next month authorizing it to proceed with development of a stealthy, unmanned aerial system for Air Force fifth-generation fighters to train against. The company expects to build four aircraft for a demonstration program, with first flight in July 2023.

The aircraft are being developed using small business development money under the Air Force Research Laboratory and Air Combat Command.

ACC boss Gen. Mark D. Kelly touted the program during the recent Air Force Lifecycle Management Center’s Life Cycle Industry Days conference as the Air Force’s first “toe in the water” trying out low-cost, attritable aircraft technologies. He sees the technologies as an affordable way to put up enough stealthy, maneuvering, fighter-like aircraft to really stress USAF’s fifth-generation F-22 and F-35 fighters in training. He said the program could yield aircraft that provide high-level adversary training at only 25 percent of the cost of manned systems.

“That, to me, is low cost,” Kelly said.

The company, which has experience fabricating vehicles and structures for other firms, anticipates a cost per flying hour of about $4,000, versus $50,000 per hour for an F-22.

With a 5,000-pound max takeoff weight, the aircraft—known for now as “Red Medium”—will have modular payloads and open-systems architecture, allowing a wide array of threats to be simulated, the company’s founder and president Scott Bledsoe said. It will use a Williams FJ44-4 engine, a 4,000-pound thrust class “military trainer derivative of their biggest business jet engine,” he said. The 20-foot-long, 17-foot-span, carbon-fiber jet will be capable of attaining Mach .95 and turning at up to 9Gs, with a 4G sustained turn. It will also have persistence to fly two adversary engagements without landing to refuel.

“We can produce a high subsonic-class threat,” Bledoe said.

The company has already passed through preliminary design review and would enter critical design review in June 2022, assuming a next-phase contract in the next month. Bledsoe said the project has been nurtured by AFRL and AFWERX and that AFRL has even allowed the company to use some of its high-speed computer capability for design work.

Under an earlier contract phase that concluded last month, Blue Force demonstrated that “we have an aircraft design that’s stable, controllable, meets performance requirements, and meets cost requirements,” Bledsoe said. The company is ready to “go start cutting tooling and building it.”

The concept arose in 2016. While many small UAS companies were looking to meet Air Force intelligence, surveillance, and reconnaissance needs, the service was not yet ready to create a program of record. However, “Adversary air is a kind of wide-open field, nobody has a good answer, and the Air Force has this looming problem,” Bledsoe said. The company talked to fighter pilots about what they needed in an adversary system, collaborated with ACC, and launched the project. Creative use of USAF small business money, such as AFVentures’ Strategic Finance program, government matches, and other initiatives to draw in small business players made the project affordable and manageable, Bledsoe said.

Hermeus, another company getting Strategic Financing program funding, received a contract this week to develop hypersonic vehicles.

Blue Force Technologies has built a ground test model, completed last month, to verify and integrate systems with a ground control station, which will allow “burning down as much systems integration risk as possible,” Bledsoe noted. This has led to more ACC endorsements.

The jet will have an “open architecture” nose to allow reconfigurable threats that will appear to Air Force jet sensors like adversary aircraft. In fact, standards have been published, and the system is so open that “a third party can integrate the nose of the aircraft without even calling us,” Bledsoe said. “We were really first in the industry to take that approach.”

This was done because the Air Force may want to use the aircraft for something other than adversary work—it will be low observable—and in case “it needs to go places and do things that we don’t necessarily need to know about,” Bledsoe said.

Andrew Van Timmeren, a former F-22 pilot who is an adviser to Blue Force Technologies on adversary air, said the new aircraft will offer an opportunity for fighter pilots to get comfortable operating with an unmanned aircraft.

“We are 100 percent focused on designing and building an adversary replication platform,” Von Timmeren said. But “that doesn’t mean it’s not going to collaborate with the other Red Air players … trying to punish Blue Air mistakes. … If we can pretend to be adversaries pretty good, I think we can pretend to be the blue guys pretty good.”

“As a Raptor guy,” he explained, “I need to practice” manned/unmanned teaming in a non-lethal environment before going to war with such a system. Fighter pilots need to be able to trust an unmanned system not to “crash into me or crash into the ground.” Without that trust, “I’m actually going to ask you to just leave it at home—I don’t want it to go to war with me.” Right now, ISR systems don’t typically collaborate with fighters.

But “this thing is going to roll around in the mud with me and my bros, my friends who are still flying, and if we can continue to develop that and develop data for future autonomous vehicle development,” that trust will be developed.

As an adversary, the jet will do the mission at low cost more effectively than any other way, he said.

“You can’t go to the boneyard to find something that’s relevant” to modern combat “versus being clean-sheet designed; that’s purpose-built,” Von Timmeran said. “This is going to cost less because it’s essentially all ‘commercial, off-the-shelf.’ ”

The company’s concept anticipates two of the aircraft being transportable in a single box, similar to the way MQ-1 Predator drones were transported.

Blue Force is also looking at putting hardpoints on or in the aircraft if the Air Force should want an offensive version, the company said.

With Troops ‘Orphaned’ by the Air Force, Florida Guard Boss Calls for Space National Guard

Aug. 13, 2021 | By Abraham Mahshie

Florida Air National Guard members specializing in offensive space capabilities have “kind of been orphaned” by the transfer of Air Force assets to the Space Force without the corresponding creation of a Space National Guard, Adjutant General of the Florida National Guard USAF Maj. Gen. James O. Eifert said.

Name change legislation recently passed out of the Senate Armed Services Committee would not help those Guard members, who need a direct link to the Space Force, he said. A study on creation of a Space Force Reserve and Guard component ordered in the 2021 National Defense Authorization Act lingers with the Office of Management and Budget.

In the meantime, highly qualified Air National Guard members working in Florida’s robust commercial space industry and deploying to the U.S. Central Command area of responsibility have lost touch with military space leadership, Eifert said in an interview.

“Our Space Force units in the National Guard have kind of been orphaned by their parent service,” he said of the Florida Air National Guard’s 114th Space Control Squadron, which came into being in 1989 and has deployed to wars in the Persian Gulf, Bosnia, and Afghanistan.

“We really have to create a Space National Guard because the current relationship is not tenable for a healthy future,” he said. “Those systems, that culture, those Air Force Specialty Codes—they don’t exist in the Air Force. They only exist in the Space Force.”

Eifert said keeping the Guard members under the Air Force when the service has gone in a different direction doesn’t make any sense. Simply renaming the Air National Guard to be “Air and Space National Guard,” as proposed in the fiscal 2022 markup passed out of the Senate committee in July, would not fix the problem, he said.

“What we do need is we need to have that direct relationship between the Space Force and the Guardians that are currently in the Air National Guard,” he said.

Pentagon leaders from Deputy Secretary Kathleen Hicks to National Guard Bureau Chief Gen. Daniel R. Hokanson have called for creation of a Space Force Guard and Reserve.

“We have over a thousand space professionals in the National Guard, and we really look forward to them transitioning from the Air National Guard to hopefully a Space National Guard in the near future,” Hokanson told Air Force Magazine on June 23.

“Many of them already work in the civilian industry,” he said. “That’s one of the great benefits of the National Guard is we leverage not only their military training, but many of them bring their civilian skillsets to work, which makes organizations even better and vice versa.”

Eifert said his squadron of about 88 space professionals are a case in point. Many work at Harris Corp. in Melbourne, on Florida’s Space Coast, designing in their civilian job the same hardware they use in their military job.

Florida Gov. Ron DeSantis in August 2020 cut the ribbon on a $9 million military construction investment to house the squadron’s counter communication system.

“It’s essentially a big satellite dish with the software associated with it,” said Eifert of the CCS, which is capable of interdicting and interfering with adversary satellite signals.

In August, the squadron was deployed to the Middle East on a six-month tour to put into practice their expertise in the radio frequency spectrum and signal management.

Eifert says the Florida Congressional delegation backs legislation to create a Space National Guard, but some members of Congress are worried about cost.

Hokanson said Air National Guard personnel who are space operators already exist, likely limiting cost.

“Folks may not realize, but the National Guard has actually been conducting space missions for over 25 years,” he said.

The National Guard Association agrees on the need and potential cost savings to the federal government.

“Why not move these people to the Space National Guard? It’s not going to cost anything,” NGA spokesman John Goheen told Air Force Magazine.

“If you don’t have a Space Reserve component, you don’t have a way of retaining space professionals that leave the active component,” he said. “In this day and age when personnel costs are so high, you want a surge capacity. You don’t want to have everything in an active component.”

USAF Will be Able to Airlift ‘Thousands’ from Afghanistan as More Troops Arrive in Kabul

Aug. 13, 2021 | By Brian W. Everstine

The Air Force will deploy enough aircraft to ferry out “thousands per day” from Kabul as the American diplomatic presence draws down and more Afghan interpreters are brought out of the country, the Pentagon said Aug. 13.

The first of approximately 3,000 troops deploying to Afghanistan to provide security for this part of the withdrawal arrived Aug. 13, and the rest are expected to arrive over the following two days, Defense Department spokesman John F. Kirby said in a briefing. Kirby said he didn’t know of any combat aircraft deploying as overwatch.

“There will be airlift provided,” Kirby said. “Clearly there’s an Air Force role here with respect to airlift.”

The Pentagon, U.S. Transportation Command, and Air Mobility Command were planning the details, Kirby said.

“Airlift will not be a limiting factor in this mission,” Kirby said, adding that military aircraft won’t be all that are used.

“Capacity is not going to be a problem,” he said. “We will be able to move thousands per day.”

The Pentagon announced Aug. 12 that it was deploying up to 8,000 new troops to the Middle East as part of the withdrawal, as the Taliban has rapidly moved across Afghanistan and claimed several cities in steps to encircle the capital of Kabul.

In addition to the 3,000 personnel in Kabul—two Marine Corps infantry battalions and one Army battalion, all already in U.S. Central Command—the Pentagon is sending a combined USAF and Army 1,000-person team to Qatar to help process Afghan Special Immigrant Visa applications. Another brigade combat team of the 82nd Airborne will deploy to Kuwait to stand by if needed.

The new forces in Kabul are deploying to Hamid Karzai International Airport, where U.S. attack and lift aircraft, infantry and security personnel, and intelligence, surveillance, and reconnaissance aircraft are already present, Kirby said.

The Pentagon moved swiftly to get these troops “on station as quickly as possible” to support the State Department’s moves when they begin. Kirby did not provide a specific timeline, other than saying the Afghanistan withdrawal will be completed “by the end of the month.”

DARPA Drone Cybersecurity Software Foils Hackers in Demo

Aug. 13, 2021 | By Shaun Waterman

The Defense Advanced Research Projects Agency is so confident in the hack-proof software it developed for a remote-controlled quadcopter that it invited hackers at the recent DEF CON cybersecurity convention to try to break in and take it over.

None succeeded, according to Ray Richards, program manager of DARPA’s Information Innovation Office. Work on DARPA’s High-Assurance Cyber Military Systems, or HACMS, demonstration concluded in 2017, Richards told Air Force Magazine, but this was the first time DARPA had invited all comers to try to hack it.

A video presentation at the DEF CON Aerospace Village on Aug. 6 in Las Vegas—a-convention-within-a-convention focused on hacking air and space craft—demonstrated the vulnerability of conventional software architectures for flight control and the value of high-assurance software techniques such as HACMS.

In the video, a red team of hackers was able to break into a quadcopter’s mission control system by exploiting an unpatched software flaw in its video camera. Once inside the camera, the hackers were able to overwrite the encryption keys that protected the quadcopter’s command and control communications with its ground base, dramatically hijacking the craft and flying it back to their own base.

Darren Cofer, a DARPA contractor from Collins Aerospace, illustrates the weaknesses of conventional software architecture. Red team hackers were able to take control of the quadcopter by exploiting a software vulnerability in its video camera. Photo screen capture from DARPA/DEF CON video

But using a technique called “formal methods,” HACMS software mathematically ensures the absence of software flaws that let hackers break into and take over computer systems. Boeing used HACMS in its Unmanned Little Bird autonomous helicopter project.

The formal methods-built software for the quadcopter turned out to be unhackable, even by the pros at DEF CON, because the architecture rigidly separated the different functions of the mission control system. Even though it was still possible to break into the video camera software, the “pivot” to command and control that hackers so often rely on couldn’t happen.

Just in case, though—and in accordance with flight safety regulations—the quadcopter that DARPA let hackers go at in the DEF CON Aerospace Village was flight disabled.

Hackers could do whatever they wanted with the video camera, explained Darren Cofer, a DARPA contractor from Collins Aerospace, in the presentation. “They can do anything”—such as crashing the camera software or crashing the quadcopter’s virtual machine, or VM—”and the quadcopter is able to continue flying without any impact on its command and control from the legitimate ground station.” In fact, the VM itself can be remotely restarted by the ground controllers to regain control of the camera, he added.

An unidentified DARPA technician readies a HACMS-secured quadcopter for flight as a video presentation shows the unhackable architecture of the mission control system. Photo screen capture from DARPA/DEF CON video.

Formal methods as a technique for software assurance was first proposed in 1973 but has long been widely regarded as too expensive and laborious—but no longer, Richards told Air Force Magazine. “We have reached a tipping point for formal methods technologies. Commercial entities are applying formal methods at scale, where it provides them a benefit.” The journal of the Association of Computing Machinery, Communications of the ACM, reported in July that both Google and Firefox have installed formal methods-verified components in their Web browsers, and that Amazon Web Services has also employed the technique for key components in its critical cloud services.

As software grows ever more complex, testing—traditionally the baseline technique of choice for cybersecurity assurance—becomes more and more time consuming and less and less effective, Richards said.

“The ever-increasing focus on cybersecurity will increase the demand for large-scale application of formal methods,” he said.

USSF’s Space Systems Command Stands Up

Aug. 13, 2021 | By Greg Hadley

The U.S. Space Force now has two of its three planned field commands in place. The Space and Missile Systems Center at Los Angeles Air Force Base, Calif., was officially redesignated Space Systems Command on Aug. 13.

At the ceremony, newly promoted Lt. Gen. Michael A. Guetlein also took over as the first commander of SSC, with Chief of Space Operations Gen. John W. “Jay” Raymond in attendance.

The redesignation has been in the works for months, as the Space Force revealed the structure of Space Systems Command in April. As part of the changeover, several Air Force units will also eventually redesignate under SSC, as will Space Launch Deltas 30 and 45 at Vandenberg Space Force Base, Calif., and Patrick Space Force Base, Fla., respectively.

Headquarters for the new command will remain in Los Angeles where the Space and Missile Systems Center has worked, under different names and changing missions, since 1954. And many former SMC officials were on hand Aug. 13 for the redesignation ceremony. But this newest change won’t be just surface level, Guetlein said.

“Space Systems Command is about continuing the culture shift from being service providers to being warfighters,” Guetlein said during the ceremony. “We cannot let this be a nameplate change from SMC to SSC. We must be bold, and we must get after the threat. To do this, we must move at the speed of relevance, by streamlining bureaucratic decision-making processes even further.”

Space Systems Command will be responsible for the research, development, and acquisition of military rockets, satellites, radars, and other space-related assets from creation to retirement. It will work alongside Space Operations Command, the first command launched by the still-young service, and Space Training and Readiness Command, which is expected to stand up in 2021 as well.

In developing and acquiring new capabilities, Raymond said the newly-formed command will have to work fast. The Space and Missile Systems Center restructured and rebranded itself as SMC 2.0 in 2019 with the goal of acquiring systems faster, and Raymond said SSC will have to continue that progress and make it even quicker.

“Every capability, every technology, every program has an expiration date. That expiration date isn’t set by us, but it’s set by our competitors,” Raymond said. “After that date, I don’t care what we’ve built. It is late to need. That capability is no longer cutting edge. That system is no longer resilient and no longer provides us the advantage that we needed to provide.

“In other words, to sustain and build our relative advantage, we must outpace our competitors. This is the challenge for the new Space Systems Command. You can’t let our capabilities reach their expiration date. The clock is ticking, and you must deliver on time.”

Guetlein, who worked at the Space and Missile Systems Center in several capacities over the course of his career, echoed that sentiment, pointing to the latest threats posed to Space Force assets in orbit as a pressing concern that needs to be addressed.

“In my last job as a deputy director of the National Reconnaissance Office, I had a front-row seat, observing the unprofessional behavior and challenges being imposed on us by our adversaries,” Guetlein said. “Gen. Raymond has been sounding the alarm and talking about direct ascent weapons, directed energy weapons, nesting dolls in space, cyber hacks, and even robots in space. These may all sound like a fantasy for the layperson, but this isn’t science fiction. It is happening, and it is happening today.”

USAF: New Engine Technologies May Not Retrofit to Existing Fighters

Aug. 12, 2021 | By John A. Tirpak

Editor’s Note: This story has been updated to include comments from the F-35 Joint Program Office and to clarify some of the original comments.

New engine technologies emerging from the Adaptive Engine Transition Program are “vastly different” from those now flying on Air Force fighters, so retrofitting the current force with the new power plants may not be possible, the service’s program executive officer for fighters and advanced aircraft said Aug. 12.

The AETP technologies “really are future looking,” Brig. Gen. Dale R. White told reporters in a press conference associated with the Air Force Life Cycle Management Center’s recent Life Cycle Industry Days symposium. The AETP, based on previous advanced engine programs, got underway in 2016, and full-scale engine tests have been conducted this year. General Electric’s version is the XA-100, while Pratt & Whitney’s is the XA-101.

White is responsible for engines for most fighter programs but not for the F-35. A spokesman said White’s comments “were not a reflection of, nor indication to the F-35 propulsion strategy.”

The F-35 Joint Program Office said the AETP “is not currently an F-35 requirement,” but added that it is working with the AETP program “and our industry partners to evaluate this new engine technology for possible use in the F-35.”

The AETP is developing power plants using third-stream airflow to combine fuel-efficiency during cruise with quick-reaction high thrust in fighter engagements.

“The focus for now is how do we get the most out of what we already have fielded, versus where do we go in the future capabilities,” White said. There’s “only so much [more performance] we’re going to be able to get out of the … propulsion systems we have, and so we’re working very hard to figure out … what we can get out of that, what are some of those trades.”

The technologies in AETP are “very different than what we use on the fielded systems that we have,” he said. Where there are opportunities to make them “backward compatible,” he said, the Air Force will consider its options.

Changing the propulsion system on a fielded aircraft is “extremely complex, and there’s a lot that goes with that,” White said. “So you have to think about what the return on investment might be.”

He called out the F-22 as one platform where the directorate is looking at its Pratt & Whitney F119 engines for improvements “and whether or not we’re getting the most out of that system and [whether] we can do more for it.”

“Everything’s on the table” to improve the engine with regard to “climate, to efficiency, to thrust,” he said.

White said the AETP technologies would most likely apply to the Next Generation Air Dominance vehicle and other future designs, such as a clean-sheet fighter needed to replace the F-16.

Air Force and Pentagon leaders have hinted that future versions of the F-35 fighter could use new engines developed under AETP to save on fuel and gain performance. Even newly minted Air Force Secretary Frank Kendall suggested as much in his first interview with Air Force Magazine.

Senior Air Force leaders said in testimony this spring that wholesale replacement of engines already in service is not affordable within anticipated budgets.

Pratt & Whitney, maker of the F135, proposed a package of improvements for the engine to the Joint Program Office in March. The JPO is evaluating the proposal.

Air Force Leadership Needs to ‘Walk the Walk’ in Baking Security into Cyber, Software Boss Says

Aug. 12, 2021 | By Greg Hadley

The Air Force’s chief software officer is pushing hard for the service to adopt security into its cyber development and operations from the start. He’s also calling for a more unified approach to reduce redundancies.

Speaking at an Air Force Association Gabriel Chapter luncheon Aug. 11, Nicolas M. Chaillan offered a blunt assessment of where the Air Force’s cyber capabilities stood when he first went to work for the service in 2018 and even until today.

“I realized pretty quickly, we’re very behind in cyber, to a point that it was very scary when it comes to critical infrastructure and the lack of security,” Chaillan said. “And we see it every day, more and more, and I still don’t believe we have any kind of handle on what’s going on.”

One of Chaillan’s main concerns is incorporating security into software development, a practice known among IT professionals as DevSecOps. With a lack of basic IT infrastructure, implementing DevSecOps has proven difficult, he said. What’s more, there has been some resistance among those used to the more traditional approach of considering security after development and operations.

Failing to include security concerns early, however, would be “almost criminal” for certain programs, Chaillan said. And across the board, everyone should be using the approach, “period, full stop,” he added.

There are teams within USAF who have been using DevSecOps with impressive results, he said. In particular, he mentioned the Ground-Based Strategic Deterrent, the Long-Range Standoff weapon, the B-21, and the F-35 as examples of programs in which the approach has been adopted and used with success.

The GBSD program has saved “at least 18 months” by incorporating DevSecOps from the very start, he said. Without that, the nuclear program’s schedule might have already slipped.

Moving forward, Air Force and Space Force leadership needs to continue promoting DevSecOps across the service, Chaillan said. So far, he’s heard all the right things. More than that, though, he wants to see actions to back those words up.

“I have to be a little cautious there, because quite honestly, the leadership in the department always says the right things,” Chaillan said. “I’ve yet to hear them not say the right things. The Space Force, [Chief of Space Operations Gen. John W. “Jay”] Raymond says, ‘We’re a digital service.’ Are you? Are you sure you’re a digital service? I’m not so sure. It’s just easy to say—it’s a little bit harder to walk the walk. And so we need to start doing that and stop talking.”

The Space Force and Air Force need to stick together with their approach to IT and cyber infrastructure or risk exacerbating another challenge Chaillan has identified—a splintering of approaches leading to cyber “silos” in which different agencies work on the same tasks and don’t share information.

“I’m actually very concerned with the Space Force starting to potentially drift away from the Air Force. It would really be a big mistake, compounding on the existing silos between the Army, the Navy, and the Air Force, and fourth estate,” Chaillan said.

Even beyond the service level, Chaillan said, he’s noticed a tendency for wings and other units to develop workarounds and solutions for their own specific software problems. While this is useful on a small scale, it creates larger issues.

“We do have to be careful because if you let everybody code in vacuums … who is going to maintain it—who’s going to sustain it once that person moves on?” Chaillan said.

What’s more, such an approach doesn’t fix the fundamental software issues that plague many Airmen on a day-to-day basis. The problems persist, but those in a position to solve them for everyone aren’t as affected.

“For me, it has always been important to use the [Government Furnished Equipment] device, use the normal network, feel the pain that the Airmen feel when they use those tools, because if you’re not feeling the pain, you’re not going to fix it,” Chaillan said.

On top of all that, in too many instances, people replicate each other’s work.

“We have silos within silos,” Chaillan said. “We have people reinventing the wheel, whether for good reasons or bad reasons, whether it’s ego-driven or for little kingdom-building exercises, and so it’s been a challenge to start bringing everybody together, to realize that if we want to get to the all-domain vision that we keep preaching for many years, that’s not even really new, we need to start having a cohesive cybersecurity and IT capability stack.”

Joint All-Domain Command and Control is another part of Chaillan’s portfolio—he’s responsible for helping to incorporate security into the JADC2 architecture. Right now, though, he sounded a pessimistic note on the program’s future.

“Maybe I’m too blunt sometimes, but I tell people, you know, right now JADC2 has probably zero chance of success, period, full stop,” Chaillan said. “Because it’s effectively not a thing. It’s a bunch of services doing their own things … with different names and different concepts, often reinventing the same wheel.”

Chaillan is not the only one expressing concerns about the lack of coordination. Defense analyst Todd Harrison of the Center for Strategic and International Studies recently told Air Force Magazine that the Defense Department needs to start a joint office to oversee each service’s efforts or risk a “recipe for disaster.”

The solution, Chaillan said, is for leadership to start managing the expansive program on a joint basis to ensure coordination and to issue mandates that can be “living” and updated as new technologies come along.