U.S. Navy Cybersecurity Division Director Rear Admiral Danelle Barrett hashed out the Navy’s effort to modernize its on-ship communication network architecture to simplify data accessibility at Gov Exec’s April 25 Mission to Modernize.
The architecture project, called “Compile to Combat in 24 Hours,” was pitched this spring. Its name comes from the goal of the effort, which would use web-based microservices and cloud capabilities to allow the Navy to deploy new software capabilities in less than 24 hours. It would replace the current, legacy-based network framework.
“We have … a hodgepodge of legacy networks,” Barrett said of the current network architecture on naval ships. “It creates an environment where you can’t the information you need to have an operational advantage.”
Instead, the new end-to-end architecture would push four priorities to modernize the network: data standardization, use of shared infrastructure, automated functional and cybersecurity controls testing, and commercial cloud.
With these components, Barrett said naval ships could depart from legacy server infrastructure, and move to having capability providers that can develop and maintain microservices code hosted on shared infrastructure.
The Navy would align as much data as possible by standardizing it on eXtensible Markup Language (XML), which would allow the service branch to efficiently tag data for big data analytics and artificial intelligence applications. XML would also allow for data compression so that the Navy could transfer large amounts of data with less bandwidth – the latter being at a high premium for most ships.
Barrett’s push for the new architecture has not been without opposition, especially in the areas of data standardization and adoption of shared infrastructure.
“I get lots of resistance,” Barrett said. “What we have in the Navy right now is called ‘data jack-assery.’”
Barrett explained that others within the Navy are afraid that the two components would expand the attack surface of the network, but she said the infrastructure would be backed by DevSecOps, that she wants to adopt zero-trust method, and that change would create a greater impetus for the Navy to improve cybersecurity capabilities.
Moreover, Barrett added that risk comes with change, and that the Navy shouldn’t be afraid to improve because of it.
“The world is going to change,” she said. “If you’re not comfortable with change, get out of the Navy.”