2025-02-28

Emerging Technologies that Will Enable the Next Digital Transformation Wave for Military Affairs

What are the Emerging Technologies, and Why the Military are Interested?

The military has evolved using emerging digital technologies in three waves (Kale, 2020): 

  1. Digitization transferred content from analogue to digital format and improved military administration and office work.
  2. Digitalisation introduced enterprise-wide systems, like Enterprise Resource Planning, which enabled human, financial, material, and facilities management or battle-space management systems for faster situational awareness.
  3. Digital transformation has enabled revolutions in military affairs, such as Network-Centric Warfare in the US Department of Defense and network-enabled Capability in the UK Ministry of Defence.  

Current waves of transformation enabled by emerging technologies are revolutionising industry (The Fourth Industrial Revolution), commerce (digital biology), facilities (smart homes, cities, and government), and the military (Combat Cloud).

This paper creates an enterprise architecture view of possible digital infrastructure that military affairs may benefit from while planning their second wave of digital transformation for further capabilities. Meanwhile, lethality in battlespace increases, dual-use technology creates tactical advantages, weapon and counter-weapon development takes place in days, arms races raise prizes of armament, and additional defence finances are complicated to gain.

A Systematic Perspective to a Military C5ISTAR Technology Stack Enabled by Emerging Technologies

For a systematic assessment of emerging technologies' impact on Military Affairs, this study divides the technology stack into infrastructure, data, systems, and business models aligned with common enterprise architectures. In this approach, digital modelling or digital twins are the points of interest because they are virtual representations that allow the modelling of the state of a physical entity or system. They are created by digitalising data collected from physical entities through sensors, so various predictions can be made by understanding the behaviour of the physical entity.  Virtualising and digitising the physical world seems a beneficial feature for Military Affairs because it enables the military to :
  1. Create digital models of physical phenomena, run accurate simulations, and gain foresight into possible future.
  2. Improve the man-machine interface with more immersive ways to interact with machines.
  3. Maintain the faster OODA loop at the tactical level with less delayed data transfer, optimised computing, and algorithm-accelerated sense-making.
  4. Bring machine interoperability from recognising the data to sharing the understanding.
The following gives a more detailed view of possible military C5ISTAR technology stack changes.

Infrastructure Layer (networking, transfer and processing)

In this case, the infrastructure layer includes networking, data transfer and processing functions, as illustrated in Figure 1. The wireless 5/6G evolution improves the access network from the edge to terminal capacity and connectivity and lowers the latency if cellular base stations are connected via a high-bandwidth terrestrial network. Non-terrestrial, air- and spaceborne base stations are available, improving accessibility and simplifying the integration. The terrestrial and non-terrestrial 5G base stations compose a three-point access network with standard transfer and networking functions.  This multi-domain connectivity will replace legacy tactical data links while improving the availability of access and roaming and extending the range over the horizon, features essential in the Joint All-Domain C2 (JADC2) concept promoted by David Deptula. 

Furthermore, with higher frequencies, the cell sizes are smaller, and the Effective Radiated Power (ERP) is less, which means that transceivers' low probability of detection and identification (LPI/LPD) improves. However, with lower frequencies, higher transceiver density, and smaller radiation patterns, deploying dual-use Radio Frequency Identification (RFID), the Internet of Things (IoT), and Operational Technology on the battlefield becomes feasible. 

 With 5/6 G enhanced wireless communications, the access network becomes more versatile than the legacy Local Area Network (LAN) topology. For example, command posts can be distributed across a wider area without losing seamless collaboration connectivity. Platforms become cell base stations, providing access points to Mobile Adhoc Networks (MANET) within and between platoons, squadrons, teams, and higher organisations. Expendable, swarming sensors and effectors can be connected to a larger tactical unit even in an electromagnetically contested environment. 

Furthermore, the new Open Radio Access Network (ORAN)  and all-encompassing Internet Protocol (IP) solve the current technical-level interoperability issues. They allow you to create virtual, sliced, or private military network domains parallel to other network users without creating congestion points or bottlenecks. 

The flexible network and transport layers support data flows that enable hybrid clouds and hybrid computing, which varies between different clouds, edges, and endpoints. Hybrid computing provides optimal data processing for a task, addressing anything between real-time, big data, or algorithm-crunching requirements.  

Data Layer

In Figure 1, the data layer is on top of the infrastructure layer. Enabling technologies may include Data flows with different Quality of Service (QoS), Data warehouses, Data Lakes, Lakehouses, Table formats, Business Intelligence, and Synthetic data.

These technologies may be implemented in three main categories of data architectures: Stove-piped, centralised, or data mesh. Stove-piped data architecture is a direct continuum from system-based data architecture. It enables the legacy of functional data owners who use proprietary data models and do not share data unless forced. Centralised data architecture breaks the stove-pipe boundaries and brings data to data warehouses, lakes or Lakehouses. A centralised approach establishes central data functions and provides development and Data as a Service (DaaS) to functions and Forces. However, the central entity may become an administrative bottleneck, isolating data from Forces. Conversely, data mesh prioritises domain-driven design while enabling the teams closest to big data sets to take control of meeting their data preparation and analytics needs. Data mesh enables the democratisation of data so that it’s available to everyone in an enterprise, regardless of their technical expertise, function, or organisation. Each Command of sense and decision-making becomes a citizen data scientist, an officer who can analyse data but doesn’t take on that task as their primary role.  Gartner recognises this with the estimation that by 2027, organisations faced with AI and data security requirements will standardise on policy-based access controls to unlock the value from more than 70% of their data.

Data Flow follows uplinks, and downlinks may become bottlenecks if flow management is not prioritised. Since the transfer layer enables Quality of Service prioritisation, military affairs may arrange vertical and horizontal data flows to provide real-time awareness and longitudinal big data for modelling and forecasting.

Data Warehouses are central data repositories integrated from disparate sources, namely operational systems. They enable straightforward business intelligence queries because the data is aligned, cleansed, and structured. 

A Data Lake is a system or repository of data stored in its natural/raw format. The repository may be a single data store but includes raw copies of source system data, sensor data, and social data in structured, semi-structured, or unstructured formats. Data from a data lake may be used for reporting, visualisation, advanced analytics, and teaching machine learning. 

A Data Lakehouse combines the flexibility of data lakes for working with raw and often unstructured or semistructured data with the reliability and performance of traditional data warehouses that store consolidated sets of structured data.  

A Data fabric is a data management design concept for attaining flexible, reusable and augmented data pipelines and services supporting various operational and analytics use cases. Data fabrics support a combination of different data integration styles and utilise active metadata, knowledge graphs, semantics and machine learning to augment data integration design and delivery.  

The Data Table Formats provide cross-platform compatibility, transaction support, and schema evolution. Developing the Data Lakehouse ecosystem requires open table formats like Apache Iceberg, Delta Lake, and Apache Hudi. Enabling schema evolution is essential for managing data structures over time while maintaining data integrity and backward compatibility. Data Schema management improves interoperability at the upper layers and facilitates establishing a smart machine system of systems.

Synthetic data is created by taking a database, creating an ML model for it, and generating a second set of data. The generated synthetic data has the same patterns and properties as actual data, but it’s not tied to any actual data identifiers. Synthetic data is generated fast, automatically tagged, and provides high-quality data regarding events that rarely happen in the real world, which is very applicable in military affairs. 

Available data in both arranged and raw formats enable a variety of data analytics:
  • Traditional analytics requires a team of IT analysts to comb through data, theorise potential insights, test those insights, and report on their findings.
  • ML-based models can continuously monitor data, pick out anomalies, and alert the appropriate teams in real time without human input. 
  • Business intelligence tools harness raw data to extract meaningful patterns and actionable insights.

Systems and Services Layer

The next layer enabled by the data layer is the systems and services layer in Figure 1. Emerging technologies opening new options for military affairs include human-machine interface (HMI), immersive technologies, spatial computing, metaverse, algorithms, energy-efficient computing, and classical and quantum computing.

The Human-Machine Interface will evolve using immersive-reality technologies based on the current industrial and office interfaces enabled by multitouch video technologies on tablets and smartphones. Human actors will experience real-time interactions in three-dimensional virtual worlds that eventually incorporate the physical world. The evolution runs from a fully computer-generated space in virtual reality (VR) to mixed reality (MR) and further towards augmented reality (AR), where computer-generated objects are superimposed on the real world.

Spatial computing maps indoor and outdoor physical spaces (including people and furniture). Then, the digital content is anchored within the physical world, enabling users to interact with it realistically. 

Furthermore, the metaverse interconnects digital spaces where users can interact, socialise, and create. Spatial computing ensures users' accurate positioning and synchronises their actions. The human-machine interface allows people to have lifelike personal and business experiences online.

Virtualisation and decentralisation of the processing layer enable the distribution of computing workloads across different sites, such as hyperscale remote data centres, regional centres, on-premises centres, and edge points. This ability to distribute workloads supports optimising latency, data transfer costs, adherence to data sovereignty regulations, autonomy over data, and security considerations.  Gartner recognises the trend as follows:
‘By 2025, Gartner predicts more than 50% of critical data will be created and processed outside the enterprise’s data centre and cloud.’ 
‘By 2027, approximately 5% of large enterprises will deploy a hyperscaler distributed cloud solution for edge computing workloads outside data centres.’

Edge computing involves processor-intensive, often repetitive, mission-critical data analytics within devices on the outer edge of a network. With supporting networking and data layers, edge computing enables more real-time intelligence and faster sense-making from tactical to operational levels. Furthermore, edge processing supports machine-to-machine cooperation within the Intranet of Military Things (IoMT)  sensors and actors.

The decentralising layer hosts a variety of algorithms, including AI, optimised to specific functions in support of the business layer. Gartner forecasts this in the business as follows:
‘By 2028, 50% of enterprise platforms will leverage specialised infrastructures to support AI infusion, a significant increase from less than 10% in 2023.’

Next-generation systems and services are developed with tools and technologies that enable modern code deployment pipelines and automated code generation, testing, refactoring, and translation. These can improve application quality and development processes.  The Gartner sees this emerging trend as follows:
‘By 2027, 80% of AI-generated SaaS applications will be up to 80% composite for efficiency of human-AI digital engineering.’ 
‘By 2026, 40% of development organisations will use the AI-based auto-remediation of unsecured code from application security testing (AST) vendors as a default, up from less than 5% in 2023.’

Digital Business Modelling Layer

The last layer enabled by the technology layers is the digital business layer in Figure 1. The next-generation technology layers enable features like digital twin, artificial intelligence-based image recognition, optimisation, expert functions, robotic process automation (RPA), AI agents, autonomic systems, synthetic media, ambient, invisible intelligence, polyfunctional robots, and data-driven military.

A digital twin is a virtual representation of an object or system designed to reflect a physical object accurately. It is built on big data, spans the object's lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to help make decisions. Military Affairs may benefit from digital twin features in the maintenance and repair of platforms, developing system of systems, capability life-cycle management, force generation, and strategic modelling. 

Applied AI technologies use models trained through machine learning to solve classification, prediction, and control problems, automate activities, add or augment capabilities and offerings, and improve decision-making.  These features may benefit military affairs, for example, in financial optimisation, personnel promotion, facilities management, supply chain management, and learning management.

Robotic Process Automation and AI Agents refer to a system or program capable of autonomously performing tasks on behalf of a user or another system by designing its workflow and utilising available tools. Beyond natural language processing, AI agents can encompass various functionalities in military affairs, including decision-making within processes, problem-solving in real-time situations, interacting with external environments, and executing actions. The Gartner foresees emerging features in business as follows:
‘By 2027, GenAI tools will be used to explain legacy business applications and create appropriate replacements, reducing modernisation costs by 70%.’
‘By 2027, more than 40% of digital workplace operational activities will be performed using management tools enhanced by GenAI, dramatically reducing the labour required.’
‘By 2028, 60% of IT services will be powered by the trifecta of GenAI, hyper-automation and metaverse, radically changing the services buyer landscape.’

Data-driven military affairs may witness changes among supporting entities like Intelligence, Military Survey, Logistics, and Operation Centres that provide continuously improved data products to their supported entities. Secondly, the data-driven approach may change military supply chain management as products and support become more cyber-physical, and data outside the military will become more valuable assets with emerging commercial space and cyber operators. Thirdly, the military may be able to execute so-called ‘information-driven operations. The defence organisation should not only be capable of obtaining an authoritative information position (or information dominance), but it must also use information as a ‘weapon’, i.e. as a means or instrument of influence.  Fourthly, the quantitatively thinking commanders may be able to mitigate the analysis paralysis usual with current risk-avoiding sense-making supported with less machine-based analysis. 

Altogether, the digitalisation illustrated in Figure 1 supports the Fourth Industrial Revolution (4IR) and provides potential for Military Affairs to benefit from. The second wave of military digital transformation may create strategic advantages for the Operate, Generate, and Support functions. The UK Army’s digital transformation program, THEIA, has three headline outputs: out-compete the adversary, partner better and integrate with partners, and improve efficiency.   The US Army aims to improve and leverage innovative and transformative technologies: modernisation and readiness, optimised digital investments, and a technically savvy, operationally effective digital workforce.  NATO is talking about using these “emerging and disruptive technologies efficiently.” NATO could improve its operations with military, industry, and civilian partners in every warfighting domain, including sea, land, air, space, and cyber operations. 



Figure 1: An illustration of a possible technology stack on top of more efficient communications


2025-02-26

Why 5/6G Will Accelerate the Digital Evolution of Military Affairs?

 What is 5/6G Wireless, and Why the Military are Interested?

Civilian wireless technology has been advancing steadily through generations of cellular communications, from GSM to 5G, and is now waiting for 6G to be deployed. This evolution of wireless communication has enabled online commerce and social media, almost killing radio and TV, smart cities, smarter governments, etc.  The military has been applying new ways of person-to-person communication, seeking information, and doing everyday business. Sometimes, this application has followed the development of Military Affairs, and sometimes, new services have replaced military proprietary services. Many militaries assess smartphones and 5G connections as Operational Security issues rather than enablers in the Area of Operation.

Nevertheless, ISIS used commercial telephony and personal computing as the foundation for their Command and Control support. National Security Agencies' separate TETRA and P25 systems are being replaced with virtual and sliced push-to-talk services on top of 4 and 5G. Furthermore, 5G waveforms are replacing manufacturers’ proprietary to improve connectivity and interoperability at the tactical level. The dual use of 5G technology is gaining traction within Military Affairs.

Current Military Approaches to Benefit from 5G Technology

Table 1 shows that the Military is not merely a spectator of emerging technologies but actively applies them to military affairs. The intentions vary from enjoying faster wireless bandwidth to integrating sensor-commander-effector-loops on the battlefield. 

Table 1: Samples of Military Initiatives and Approaches to benefit from 5G technologies



What else may the 5/6G technologies offer the military besides faster wireless connectivity? Let’s have a systematic view of possible benefits.

5/6G Changes the Infrastructure Layer (networking, transfer and processing)

In this case, the infrastructure layer includes networking, data transfer and processing functions, as illustrated in Figure 1. The wireless 5/6G evolution improves the access network from the edge to terminal capacity and connectivity and lowers the latency if cellular base stations are connected via a high-bandwidth terrestrial network. Non-terrestrial, air- and spaceborne base stations are available to improve accessibility and simplify the integration. The terrestrial and non-terrestrial 5G base stations compose a three-point access network with standard transfer and networking functions.  This multi-domain connectivity will replace legacy tactical data links while improving the availability of access and roaming and extending the range over the horizon, features essential in the Joint All-Domain C2 (JADC2) concept promoted by David Deptula.  

Furthermore, with higher frequencies, the cell sizes are smaller, and the Effective Radiated Power (ERP) is less, which means that transceivers' low probability of detection and identification (LPI/LPD) improves.  However, with lower frequencies, higher transceiver density, and smaller radiation patterns, deploying dual-use Radio Frequency Identification (RFID), the Internet of Things (IoT), and Operational Technology on the battlefield becomes feasible. 
 
With 5/6 G enhanced wireless communications, the access network becomes more versatile than the legacy Local Area Network (LAN) topology. For example, command posts can be distributed across a wider area without losing seamless collaboration connectivity. Platforms become cell base stations, providing access points to Mobile Adhoc Networks (MANET) within and between platoons, squadrons, teams, and higher organisations. Expendable, swarming sensors and effectors can be connected to a larger tactical unit even in an electromagnetically contested environment. 

Furthermore, the new Open Radio Access Network (ORAN)  and all-encompassing Internet Protocol (IP) solve the current technical-level interoperability issues. They allow you to create virtual, sliced, or private military network domains parallel to other network users without creating congestion points or bottlenecks. 

The flexible network and transport layers support data flows that enable hybrid clouds and hybrid computing, which varies between different clouds, edges, and endpoints. Hybrid computing provides optimal data processing for a task, addressing anything between real-time, big data, or algorithm-crunching requirements. 


Figure 1: An illustration of a possible technology stack on top of more efficient communications

References:

  1. https://5gstore.com/blog/2024/12/05/6g-vs-5g-compare-and-explore/
  2. https://www.esa.int/Applications/Connectivity_and_Secure_Communications/World-first_direct_5G_connection_to_low_Earth_orbit_satellite_opens_new_era_for_mobile_coverage
  3. https://www.islandecho.co.uk/advanced-5g-connectivity-system-tested-rigorously-on-britten-norman-islander-aircraft/
  4. https://governmenttechnologyinsider.com/soaring-to-new-heights-with-airborne-to-ground-4g-5g-communications-and-enhanced-wireless-connectivity-part-1/
  5. https://theairpowerjournal.com/battle-command-architecture-all-domain-operations/
  6. https://www.baesystems.com/en/blog/electronic-warfare---the-invisible-battlespace
  7. https://www.mwrf.com/markets/defense/article/55136984/blu-wireless-the-digital-battlefield-transforming-military-operations-through-data-and-connectivity
  8. https://www.dni.gov/index.php/gt2040-home/gt2040-deeper-looks/future-of-the-battlefield
  9. https://www.nokia.com/networks/radio-access-networks/open-ran/open-ran-explained/
  10. https://www.ericsson.com/en/network-slicing
  11. https://en.wikipedia.org/wiki/OSI_model
  12. https://cloud.google.com/learn/what-is-hybrid-cloud
  13. https://www.gartner.com/en/documents/5850147

2024-12-28

Cyber Defence is More than Cybersecurity - At least from a Military Viewpoint

 Intro

In the model for state-level actions within the cyber environment in scenarios from confrontation to conflict, the military recognises techniques, tactics, operations and strategies, which all execute the political interests as I described in the 2022 paper published in Military University of Portugal in Figure 1. As with other legacy domains, the tactical, operational, and strategic levels are also feasible in the cyber domain, which is gradually taking over the information sphere in the military impact structure. Adversaries (RED) currently use the cyber domain to impact the physical sphere by combining kinetic and cyber strikes to target the defenders' (BLUE) physical systems. Simultaneously, RED uses kinetic and cyber strikes to create fear and confusion in BLUE's cognitive and social spheres. So, with the introduction of the cyber environment, the military faces a more complex theatre than the traditional physical sphere where space, air, land and maritime operations take place. 

Unfortunately, information security promotes only some controls and procedures (e.g., ISO 27 000 or NIST 800 series), and cybersecurity provides some processes or management models (e.g., NIST Cybersecurity Framework, ITIL, COBIT, ISO 38500). These leave the military short at higher levels of confrontation. Therefore, the paper aims to define cybersecurity at military tactical, operational and strategic levels and provides some examples in cyber defence.

Figure 1: A Model for State Cyber Power

Tactical-level Cyber Defence

Model: Military tactics encompass "the art of organising and employing fighting forces on or near the battlefield."   When this is applied in defence of the cyber environment, it may include establishing a doctrine that would nullify the adversary's most probable attack tactics (IT- architecture), preparation of the area of operation (artificial cyberspace), digging the defensive positions (defence-in-depth) and defining the areas of fire (sandboxes, honey pots), setting the tripwires and reconnaissance (vulnerability hunting, monitoring and threat intelligence), preparing the alternative positions (continuation and recovery) and exercise the fire and position changes drill in day and night (incident, problem, change management and red teams).

Principles for cyber defence tactics may include the following:

  • Construct BLUE domain defence against RED attack vectors (e.g., MITRE Att@ck) based on the posture of information security
  • Prepare the BLUE domain using the dimensions of depth in Figure 2
  • Establish kill zones with honey pots and abilities to create sandboxes within the domain
  • Stabilise BLUE baseline of protocols and behavioural patterns to improve the probability of detecting anomalies
  • Establish 24/7 monitoring, use AI to enhance pattern recognition and automate some of the basic response actions
  • Establish security at least at emission, transmission, communications and session levels in the OSI structure
  • Test the domain integrity continuously with penetration testing, black box testing, and vulnerability hunting
  • Configure the recovery of processing, storage and data to meet the operational availability requirements
  • Exercise BLUE detection, response and recovery with red teaming in live domains.

Examples:

BLUE cyber defence observes the following incidents on their monitors: 

  • SIEM in SOC is not receiving log data from several servers, firewalls, IDS, switches and routers.
  • The network management system in NOC indicates that it has lost connection to several servers, switches and routers.
  • The physical security monitor has lost all video and sensor feeds from Data Center A.

BLUE defenders may take the following actions:

  • Confirm the possible loss of an entire Data Centre from other sources 
  • Assess the gravity of the situation and draft Courses of Action (CoA) for remedy and communicate them to Operation Control 
  • Monitor the process of automated recovery of data and services and launch possible manual remedies 
  • Get recovery priorities and decide on CoA from Operation Control 
  • Launch required additional remedies to recover and restore data and services based on agreed CoA and priorities.  
  • Inform Operation Control and end users of the recovery progress.

BLUE threat intelligence receives information that a software development vendor has been breached and their latest application update may be compromised. The BLUE cyber defence may resolve the situation with the following options:

  • Network Operation Centre (NOC) isolates systems running the possibly compromised application 
  • Cybersecurity Operation Centre (SOC) sandboxes the infected area and investigates the situation 
  • IT security patches the software if the vendor has fixes available 
  • SOC deploys additional security controls and focus monitoring to prevent exploitation 
  • SOC detects a variation in standard behavioural patterns in one site running the possible compromised application. NOC kills the ill-behaving computing process that normalises the situation. 
  • SOC observes the malevolent behaviour in the honey bot and checks how automated sandboxing prevents the malware's spread.

Figure 2: An example of a tactical-level view of Cyber Defence 

Operational-level Cyber Defence

Operational represents the level of command that connects the details of tactics with the strategy goals. Operational art may be based on Sun Tsu (know yourself and your enemy) and Clausewitz (Center of Gravity) models. BLUE recognises their power sources and considers them possible Centres of Gravity (CoG) for the RED. Each CoG needs to be assessed from the RED viewpoint, considering different Lines of Operation (LoO) for effecting the CoG and variation of Courses of Action (CoA) needed to achieve the impact in the most beneficial CoG. From all the feasible CoA variations, BLUE estimates the most probable to be considered from the RED viewpoint based on their doctrine, previous behaviour and available resources in a given situation. 

Principles for operational-level cyber defence may include:

  • Recognising tempting CoGs in the BLUE system of systems: essential operations, critical data assets, critical sites as single points of failure, critical services that are not replaceable, critical gateways that will prevent information flows or suppresses systems that cyberspace is dependent (e.g., telecommunications, power distribution, cooling, fuel distribution, garbage collection)
  • Innovating potential lines of operation to access the beneficial CoGs through humans, kinetic ways, cyber-attack vectors, supply chains, dependencies, and peripherals.
  • Assessing each Center of Gravity against potential Line of Operation and trying to optimise available RED resources, cost of attack and benefit of the impact.
  • Varying vulnerabilities, costs of attack, and possible benefits in different scenarios will provide probable courses of action available to the RED.
  • Wargame scenarios to find the most probable CoAs RED would probably be executing a given situation.
  • BLUE deploys different tactics to defend the potential CoGs and finds ways and means to prevent or nullify the RED CoAs until only the most probable remain. BLUE considers active and passive means and ways to address most RED CoAs. 
  • Then BLUE arranges the critical assets' concealment, mock-ups, and hardening. Along the most probable attack vectors, BLUE sets digital sandboxes and honey pots together with physical engagement zones and counter agents. 
  • BLUE establishes reconnaissance, anomaly pattern recognition, movement detectors, and thresholds to detect RED manoeuvre in physical, cyber, and information spheres.

Examples:

BLUE cyber intelligence indicates that RED has created a new hybrid attack vector to suppress 911 telephony service within a region or nation. The situation where people do not get help from 911 may create fear, terror, and panic, mainly when a large number of people gather for an occasion. BLUE operational planning may come up with the following preparations:

  • prepare information distribution through broadcasts, flyers and messengers to ensure correct information and diminish rumours 
  • prepare to switch from 911 SS7 signalling to other signalling options 
  • prepare parallel ways to communicate and receive help like mobile apps, social media or portals 
  • post a soldier with a radio at each crossroad and deploy more police patrols and ambulances on the streets.

BLUE information exchange and cooperation between government agencies are harassed by continuous spear-phishing through the Internet email system. After some dignitaries become victims of phishing and get their data wiped, users are afraid to open any attachments, even from known senders and are quickly losing their trust in the email system. BLUE Cyber Defence Operation planning may come up with the following means to mitigate the quickly escalating situation:

  • Lessen the probability of opening malevolent attachments by encrypting all official emails and attached files. Only encrypted emails are safe.
  • Replace email with a cloud-based digital workspace and establish users' access to this service through encrypted sessions.
  • Bypass the Internet-based information exchange by extending and sharing existing intranet services between government agencies.

RED information operation trolls are spreading disinformation through common social media platforms, and malevolent bots are emphasising the flow of disinformation. BLUE Cyber Defence Operation planning may come up with the following means in support of BLUE Information Operations:

  • Request social media platforms to terminate trolling accounts
  • Request telecommunication operators to shut down connections to bots
  • Plan and launch a distributed denial of service (DDOS) attack to suppress the troll factories connection to the Internet
  • Plan and launch a cyber-attack to turn off the troll factories' power distribution
  • Plan and launch joint fires to eliminate trolls and bot nodes.

Figure 3: An example of an operational-level view of Cyber Defence 

Strategic-level Cyber Defence

Military strategy is "the art of distributing and applying military means to fulfil the ends of policy"  Policy in this context usually refers to national-level security strategy, which defines the main threat scenarios against the state, its sovereignty, and interests. The model for strategic thinking in a cyber environment is based on a technological approach among the five dimensions of military strategy defined by Atkeson . The technological approach to strategy assesses the technical innovation and ability to render obsolete adversary effectors. In a conflict of system of systems, the strategic advantage can be achieved in three ways:

  1. The adversary achieves a strategic surprise by launching a strike at an unexpected time or place from the Defender's viewpoint. Unforeseen situations may occur when conflicting parties assess risks differently, the other side sees an opportunity for a knockout with the first strike, or the Defender's decision-making process fails. 
  2. Systemic effects are "those indirect effects aimed at affecting or disrupting the operation of a specific system or set of systems".  In a cyber environment, the indirect effects may impact power distribution, shutting down electricity, which takes down the telecommunications networks and suppresses all digital communication and processing.
  3. Strategic advantage may be achieved through technological innovation and deployment of capabilities multiplied by emerging technologies, providing strategic dominance over the other party.  The USA and China compete for strategic dominance, seeking advantages from artificial intelligence, big data, quantum computing, and integrated circuit manufacturing. 

Principles of strategic level cyber defence may include:

  • An attacker has an advantage in their cyber environment and freedom of manoeuvre on the Internet. The Defender has an advantage in cyber environments under their control. Hence, Defender should focus on building technological advantage and maintaining dominance in their cyber environments.
  • Defender's cyber architecture includes redundant and robust means for communications, computing, and storage, so even with 50% losses of infrastructure, the essential services and processes run sufficiently, and data remains accessible.
  • Defender raises a threshold against cyber-attacks, declaring assured retaliation with weapons of mass destruction.
  • Defender prepares to cut their domestic Internet domain from the international Internet to diminish vulnerable surfaces and minimise options for direct attack vectors.
  • Defender builds their national Internet domain based on entirely different programming languages, communications protocols, and integrated circuits. It effectively filters all traffic in and out of their national domain.
  • The Attacker builds and prepares strong offensive cyber capability against the weakly prepared Defender, which deters other power projections.
  • Attacker sources their cyber warriors from industry or cyber-criminal gangs to accelerate offensive cyber capabilities and gain a possibility of strategic surprise.
  • Defender advances the information security architecture (Domain-defined –> Service-defined –> Zero-trust –> Content-defined)  of her cyber environment, keeping the security controls and monitoring resistant against the potential adversary attack vectors.
  • The Defender uses global dominance in economy, trade, science & technology, and cyber-physical manufacturing to slow Attacker's ability to build a more effective cyber arsenal.

Examples:

BLUE operates two domains for essential processes and functions that multiply the Forces Generation and Operation performance. Since both are under BLUE's control, he chooses to build computing performance, one based mainly on Microsoft technology and the other on Linux and Open-Source technology.

There are indications that RED aims to use artificial intelligence to automate and multiply its exploitation arms, achieving attack vectors that are ten times faster within the next ten years. BLUE may come up with the following options:

  • Accelerate BLUE's development and innovation for a more resilient cyber environment and countermeasure tools
  • Eliminate RED's ability to execute the disruptive leap in offensive capabilities
  • Build BLUE's target acquisition and attacking tools and strike the strikers
  • Change the architecture of BLUE's cyber environment so it will nullify the RED's higher performance
  • Build a more robust and redundant cyber environment that could absorb ten times more Attacker's attempts.

BLUE plans to digitalise its forces to gain strategic advantage. With digitalised processes in Generate and Operate functions, the cyber environment extends the vulnerability surface. The estimations of digital transformation outcomes include 20x more lethal and 10x more cost-effective force. The extended vulnerability goes beyond BLUE's risk appetite. BLUE may come up with the following options to mitigate the risk:

  • Accelerate the evolution of information security architecture and leap to Zero-Trust or Content-Based security models, which will diminish the vulnerability surface even if the digital realm grows much broader.
  • Instead of building a joint information domain, BLUE creates several parallel domains that are not dependent on each other and can multiply force effectivity.
  • Outsource their common information domain to global network and application service providers so big that RED cannot take them down. Then BLUE focuses resources on the anti-fragility of tactical and operational information spheres.

Figure 4: Strategic-level view of Cyber Defence


2024-10-04

An Approach to the Development of Military Capabilities


 "Thoughts without content are empty, intuitions [perceptions] without concepts are blind" 

Immanuel Kant

A Story

A fictional discussion in RED and BLUE Ministries of Defence:

  • RED Minister of Defence: "Let’s build up the strength of our standing force from 1 000 000 soldiers to 1 200 000, improve the operational transportation speed of our railways from a brigade/100km/2hrs. to a brigade/100 km/1hr., and establish new factories that can manufacture ten main battle tanks per day.”
  • BLUE Operational Commander after the Intel brief: “RED is aiming to improve their land component operational capabilities to achieve a mass advantage in any part of the area of operation. I need four mechanised brigades to counter the emerging capability within the next three years.”
  • BLUE Land Force Commander: “We do not have tanks, ammunition, mechanised troops, trained tank crews, antitank weapons, air defence, supporting fires, signals, engineers, logistics or facilities to generate four mechanised brigades. Armament acquisition takes at least four years, building training facilities takes five years and generating troops takes minimum two years. Each brigade will need at least 500 million investment and produces 50 million annual operational costs.”
  • BLUE Armed Forces Commander: “We do not have the budget nor time to meet the operational demand. Are there other options to address the emerging threat but building symmetric forces?”
  • BLUE Minister of Defence: “Now is not a good time to propose an increased defence budget because elections are within 1.5 years, and popular opinion demands health care for increasing elderly population. What is the probability that RED will use this increased military power against us?”
The above pictures a clash of several contents in varied contexts!

Approaches to Military Capability Development

Developing military capabilities is always a balanced decision between different contents and contexts projected against variety of probable threat scenarios. European Armed Forces are restoring their capabilities in competition with Russia's accelerated military industry and force generation. Some countries have selected to build symmetric armament, others apply modern technology to squeeze more lethal power from their existing capabilities, and some  do what they can in current circumstances.

In every case, the decision-making in capability building is not an easy task since every decision or non-decision impacts the Armed Forces over an extended time and may lead to peril when threats against national security unfold differently than assumed in environment illustrated in Figure 1. Furthermore, maintaining a portfolio of Military Capabilities is affected, for example:

  • Biased and noisy decision-making in an organisation (Kahneman; Johnson; Heat)
  • Path Dependence (Liebowitz & Margolis)
  • Political guidance (Gray)
  • Society´s resources and culture (Bousquet)

The following process brings some systematic analysis and assessment for the military capability planning to provide longevity, balanced sense-making from different points of interest and continuous evaluation of the situation.

Figure 1: Blue vs. Red military might

Building a Concept for Military Capability Development Decision Support

The analysis and assessment process for capability development uses the SDLC V-model  originally created for developing and testing software artefacts, illustrated in Figure 2. The V-model down-slope analysis follows Kahneman's decision-making strategies  utilizing, for example, the following methods:

  • Clustering follows loosely the US DoD DOTMLPFII-programme evaluation model  but with added Budget checkpoint
  • The concept of Operation uses a standard military CONOPS creation methodology. 

The V-model up slope assessment uses operational research methodology, e.g.:

  • Tactical Assessment utilises Lanchester models, 
  • Operational Assessment deploys QJM models, 
  • Strategic Assessment uses systems thinking models of consumption of strategic assets, and 
  • Political Assessment experiments Threat/Prospering Balancing models. 

Figure 2: Capability analysis and assessment with V-model structure

Detailing the Capability Development Analysis and Assessment Process

The process, as illustrated in Figure 3, main functions work as follows:

  • Military capability analysis receives its input from the changes in potential adversaries (RED) via intelligence information, own forces (BLUE) via business intelligence, or environment (Political, Economics, Sociological, Technological, Legal, Environment [PESTLE])
  • The change indicator recognises the change (military intelligence) and possibly pre-estimates its impact.
  • A detected and identified possible impact is forwarded to problem and/or opportunity analysis. This analysis uses existing national defence and military scenarios to detect whether the change is an opportunity or a problem. During the analysis, the key performance indicators for the solution are defined.

Whether a problem or an opportunity is detected, the top-down analysis is commenced. Suppose the problem has surprised BLUE or evolves faster than BLUE expects. In that case, a fast track forwards a quick fix directly to connecting, where urgent need is fitted into the ongoing force generation process and transformation programme is launched.

  • Problem seeks solutions first parallel through DOTMILBIE (B=budget, E=Equipment) phases, and if it is not found, then proceed towards E until there is a solution that meets the given KPIs.
  • Opportunity seeks possibilities to gain advantages over the RED through a similar sequence of analysis.

The top-down analysis provides a concept of operations (CONOPS) for bottom-up assessment to define the detailed design with a sequence of different level war games. The assessment includes the sequence of:

  1. The technical assessment compares the solution/possibility concept against the current and emerging technical capabilities of an adversary
  2. The tactical assessment compares unit-level combat outcomes and varies with strength, lethality, and protection
  3. The operational assessment compares force-level battle outcomes and varies with the area of operation, mode of operation, weather, and quality of troops.

If similar conditions exist, the three wargaming results are verified in live exercises or operations. The wargaming models learn from lessons identified in the live world.

  1. Strategic assessment compares defence-level assets over time and optimises their sustenance over various operations, environments, resources and crises. The assessment is verified using business intelligence collected from BLUE Force over time.
  2. The political assessment reflects the current and future geopolitical, decision making and other PESTLE-related features at the national political level. The assessment is verified using political intelligence collected from international relationships and political decision-making.

Once the top-down concept is assessed through levels of the bottom-up approach, the resulting solution should be considered, optimised and balanced from DOTMLPFII viewpoints and tested successfully at five levels of current and future confrontation. If not, the CONOPS is returned to the analysis process for reconsideration.

The optimised solution continues to the connecting function, where the solution is compared with the existing capability portfolio (composed of three windows: Current, in Generation, and in Planning). Once the suitable timeslot and financing are found, the optimised solution can be introduced to decision-making: Generate new capability or manage the risk other way. If the decision is towards development, a generation programme becomes a part of a 5-10-20-year plan.

During the defence capability portfolio management, the ongoing programmes are continuously compared to national defence and military scenarios and adjusted per emerging needs.

.

Figure 2: A simplified process for military capability development decision support

The above systematic capability analysis and assessment process provides:

  • Continuous and faster analysis and assessment cycle (years to months) than one-time efforts in slower frequency,
  • Faster learning process with improved connectivity to data sources than with only manual research and assessment,
  • Systematic and less biased/noisy process that survives officer rotation than human-centric and dependent process, and
  • Accumulating a knowledge base that enables further automation enhanced with business intelligence, modelling and simulation, wargaming and digital twins.

References

https://euro-sd.com/2024/09/articles/40091/polands-future-armed-forces-take-shape/
https://lordslibrary.parliament.uk/uk-defence-policy-and-the-role-of-the-armed-forces/
https://www.kaitseministeerium.ee/riigikaitse2026/arengukava/eng/
https://en.wikipedia.org/wiki/V-model
https://ia.eferrit.com/ea/e22c190431de180e.pdf&hl=en&sa=X&ei=OhwAZ47NBYWoy9YPtZ-o2Q4&scisig=AFWwaeZLfyOb_lmWYlAEgljNYIGd&oi=scholarr
https://eda.europa.eu/docs/default-source/eda-publications/enhancing-eu-military-capabilities-beyond-2040.pdf
https://www.dau.edu/acquipedia-article/concept-operations-conops
https://www.jstor.org/journal/milioperresej
https://en.wikipedia.org/wiki/Lanchester%27s_laws
https://orion.journals.ac.za/pub/article/view/455
Jackson, Michael, C. (2018) Critical systems thinking and the management of complexity, Wiley, 
https://www.dni.gov/files/ODNI/documents/assessments/ATA-2024-Unclassified-Report.pdf

2024-09-21

Nine Approaches to Transformations

Intro

A recent study by McKinsey sees that digital technology will continue driving and forcing organisations to transform.  Their survey found that 89% of the respondents had launched some digital transformation. Unfortunately, they only captured 31% of the expected revenue lift and realised just 25% of the total expected cost savings. Transformation of socio-technical enterprise is challenging and becomes increasingly challenging according to Mustafa Suleyman and Michael Bhaskar or Simon Johnson and Daron Acemoglu . 

Introducing new technical opportunities, migrating legacy content in new processes and knowledgebases, introducing new ways of working, providing people with new competencies and career paths, providing new value to customers, and opening potential markets to grow is not easy to orchestrate over months and years while most of the old structure, operational costs expenditure, laggards among personnel, habituated customers, and sub-optimised shareholders are setting obstacles on the transformation paths.

This essay studies nine approaches to transformation from a personal experience perspective, aiming to summarise their feasibility to a challenge: Project portfolio, Engineered swimming lanes, Capability portfolio, Digital transformation, Linear change management, Organisational transformation, Culture driven transformation, Operational performance optimization and co-designed social change. 


Figure 1: Nine ways to approach transformation 

1. Project Portfolio

The first approach, and sometimes the simplest, is a project portfolio. The portfolio analyses the current situation (AS-IS). It defines where the enterprise needs to be in the end state (TO-BE). These two positions represent the end of the transformation roadmap. The number of projects (Temporary endeavours intended to create a specific unique outcome)  is established to provide one tangible step after another to take the enterprise towards its visioned end state, as illustrated in Figure 2.

Figure 2: A classical project portfolio approach in transformation

Naturally, the portfolio will include interdependent projects, so their timing and scope need to be well adhered to proceed with firm steps. Unfortunately, as always with a human endeavour, there are typical pitfalls that need mitigation:

  • Original project plans cannot consider all variants in the future and, therefore, need adjustment to the portfolio's situation before launch.
  • Outer forces always affect the transformation, so minor and more extensive amendments are needed to keep paths clear and steady.
  • Measuring only projects' achievements does not drive the transformation, so leading and lagging indicators are required to keep a steady pace at the transformation level.
  • Project management may be in everyone's comfort zone, so natural tendency may focus on project-level doings while deviating from the end state and achieving milestones on the way.

The project portfolio is feasible in shorter transformations where migration or change does not fit the current organisational structure but requires temporary ways to arrange people to deliver the outcome. The portfolio may be actionable in cases where technology needs modernising and end-user training.   

2. Engineered Swimming Lanes

A slightly more structured approach compared to the project portfolio is the engineered or designed swimming lanes way to arrange projects in the portfolio. For example, the swimming lanes may be defined in a military way (DOTMLPFII  or TEPIDOIL ) or architectural way (facilities, technology, information, processes, competencies, business value streams, products ). The swimming lanes are sometimes divided into phases, such as the COBIT plan, build, and run, to align life cycles between each project and make procurement easier to manage, as illustrated in Figure 3.

Figure 3: Transformation arranged as swimming lanes with life cycle phases

The swimming lane approach is feasible in engineering and specification-led transformations, e.g., large ERP  or C5ISTAR  implementations. Naturally, there will be challenges like:

  • Focusing only on each lane but forgetting the impact in other lanes, like producing doctrines (D) or tactics, techniques and procedures (TTP) without implementing them in the information systems (I) or training them to operators (T).
  • When several projects must achieve the RUN phase simultaneously to enable some significant change, individual project-level delays may ruin the entire plan. Hence, intermediate solutions or alternative projects need to be in place to ensure reliability.
  • Focusing on lanes will not deliver the transformation. Hence, clear leading and lagging drivers  must keep up the pace on roads towards TO-BE.


3. Capability Portfolio

Stepping more strategically, larger enterprises, especially the military, need to manage the life cycle of their core capabilities and assess their impact in the market or area of operation against their adversary or competitor capabilities.  For example, in military affairs, some capabilities are based on platforms (e.g., main battle tank) with several decades' long life cycles. Maintaining their applicability and reliability with mid-life updates (MLU) is cost-effective if the adversary is not aiming to disrupt with faster evolution (arms race ). Capability may comprise life cycle lengths varying from 30+ years to 24 hours, as illustrated in Figure 4.

Figure 4: Capability portfolio managing life cycles

Transformation is managed through the life cycle, calling platforms to the assembly line for MLU, which is typical for the main battle tank, fighter attacker, or frigate. Migration and replacement projects are typical for information technology hardware, whose life span seldom lasts five years. Software updates and patches are more frequent and require continuous integration (CI)  processes run by existing development and operation organisations. 

The capability portfolio also manages personnel, training, facilities, and other elements. Common mistakes observed using this approach:

  • Not understanding which elements have the shortest life span or are more sensitive to warehousing environment changes. Some armaments may run on old operating systems, creating a significant vulnerability when connected to other effectors. Rocket engines, integrated circuits, and electricity require stable warehousing conditions.
  • Retiring a long-served platform or arm also retires all trained reservists, gravely impacting the war-time order of battle.
  • Not following the technical life cycle but extending hardware or software life span for cost-saving reasons may lead to higher replacement costs (Year 2000 bug)  or dependency on rare technical competencies (legacy software ).
  • Not following adversary (or competitors') intentions, deploying higher-performing sensors and effectors, and keeping old equipment stocks may lead to strategic surprises during the first engagement days. 

4. Digital Transformation

Digital transformation is developing organisational and technology-based capabilities that allow an organisation to continuously improve its impact against adversaries in operation, lower its operation costs, and, over time, gain and sustain operational or strategic advantage over adversaries.  Projects cannot deliver digital transformation, which requires changes at all layers of the enterprise: technology, information, processes, and affairs, as illustrated in Figure 5.

Figure 5: Gears of Digital Transformation

The continuous transformation cycle  needs a technical foundation where information is digitised using platforms. The platforms enable organisations to digitalise their processes, improve cost-efficiency, create new products, or provide new value. Based on digitised information and digitalised processes, organisations may seek significant changes in their business, making sense of areas of interest (network-enabled capabilities ) or deploying effectors (Mosaic Warfare ). 

Digital transformation requires to build a culture and operation model for an enterprise and hence vulnerable, for example:

  • Political or owner's agenda changes resources or mission. Swedish Defence Force was building Nätverksbaserade Försvaret  in early 2000 to transform their capabilities and address the future Russian threats when a political decision cut their resources and changed their mission.
  • Focusing on technology roll-out but forgetting to transfer human behaviour 
  • Focusing on process performance and productivity indicators to gain cost-savings but not using opportunities to find new ways for affairs. 

5. Linear Change Management

The classical change management models of Kanter (1992)  and Kotter (1996)  explain several sequential steps to take in managing organisational change. The first step usually includes defining the organisation's position, why change is required, and the situation's urgency or "burning platform". Then, there is a need for strong leadership and a capable team to define and communicate the vision. Communication spurs action, and leader enables it by empowering and removing obstacles. On the road to change, a leader celebrates achievements and anchors them in the organisation's structure. Finally, there is no way to return, and the organisation may only mature and achieve a new equilibrium, as illustrated in Figure 6.

Figure 6: Linear steps in the transformation path

Naturally, the sequence of steps does not address the change because it was initially defined from common mistakes made by studied organisational changes. Nevertheless, change management approaches transforming affairs/business as a complex socio-technical system. It puts human and working society at the centre of the transformation. 

Change management may fail in numerous ways:

  • Communication is the leverage for action, but humans usually need to hear WHY and what is there for me, our team, and the higher good. Purpose enhances motivation, which accelerates action. Many transformations claim that communication mistakes cause failures in change.
  • Suppose the vision and communication do not visualise a new or better purpose after the transformation. In that case, the legacy culture eats many good ideas for breakfast. 
  • Even after successful communication, there will be friction on the journey and pure opposition to change. An average of 30% of personnel will oppose or be passive when facing the change.  
  • Suppose the strong leader is not walking the change talk. In that case, the vision and journey remain distant and threatening to personnel. They do not hop on the transformation train.

6. Organisational Migration

Firmly established institutions with a long history cannot change because the culture, heritage and values of organisations and people are fixed. Radical transformations of affairs, business or operations require smaller units outside the parent organisation to experiment and grow in new ways. Some experimentations may fail, but some may scale fast in new ways of doing things. The parent enterprise arranges promising subsidiaries under a new viable enterprise model to meet the future. As illustrated in Figure 7, the old structure and operation methods will be terminated.

Figure 7: Organisational transformation through migration

Military Forces launch these probing organisations as Future Force Units, experimenting first in exercises, then limited level in operations before launching more comprehensive force generation and deployment. Commercial organisations may acquire and merge small entrepreneurs with new technology products or extend markets to keep up with their competitors.  Other companies innovate new ways of doing business, products, and operations with their partners, within governmental innovation incubators, or in cooperation with universities.  

Since transformation aims after the radical restructuring of affairs or disruption of social structure, mergers, acquisitions, innovation networks, or consortiums face many confronts, for example:

  • Leaders proceed without ruthless modelling and simulations with unrealistic expectations of new ways. Eventually, they do not realise the imagined value, meet the political risk appetite, or survive on the battlefield as expected. 
  • Integrating smaller, agile, more entrepreneurial cultures under the established institutional culture fails because of culture clashes, organisational misfits or power structure. 
  • "military organisations are societies built around and upon the prevailing concepts of war. A challenge to an established concept is a challenge to the organisation's social structure." Institute and culture eat experimenting subsidies for breakfast. 

7. Culture-driven

Organisational culture can be perceived as consistent, observable behaviour patterns in organisations. Incentives powerfully shape culture. Culture defines the process of "sense-making" in organisations.  Therefore, culture cannot be bypassed if transformation aims to change profound ways in the organisation. The culture-driven transformation starts with leadership, whose sense-making, behaviour and incentives must be changed first. Based on visible changes in leadership, their stories of different purposes towards a better future have more credibility to spread among personnel, creating further stories of new purposes and values. Storytelling  empowers people to behave differently, seek new ways, and acquire new competencies. The shared journey towards the vision establishes new connections among people, binds new links and incubates new ideas. The different transparency and open communication provide leadership with better information, improving organisational sense and decision-making. A positive cycle of continuous cultural transformation, illustrated in Figure 8, transfers people's behaviour, migrates information towards new flows, and acquires new technology.

 

Figure 8: Culture-drive transformation

No cohesive culture exists in any enterprise , so culture-driven transformation is not straightforward. For example:

  • If the storytelling does not emphasise strategic goals and value creation, the subcultures hang on to better legacy stories. The fighter pilot stories of the Air Force culture do not quickly transfer to heroic stories of remote controllers or successful missions of unmanned aerial vehicles (UAV). 
  • Central Transformation Office cannot monitor cultural-level powers since they are not visible in project or enterprise resource management systems. The cultural transformation indicators can only come from the business leaders and commanders.
  • Influencers (individuals in the business unit who have large, informal social networks and are trusted and respected by others for their transparency, institutional knowledge, and ability to make sense of change) and those responsible (for initiatives, their implementation and new ways of value creation) approaches may differ in units and forces. Their alignment is essential in creating stories that empower personnel towards the journey. 
  • Each unit may have different role models for virtuous behaviour. Units use different concepts and terminology for understanding and conviction. Formal reinforcement mechanisms are different for each Service . Self-confidence, teamwork, and skill building differ between Navy and Land Forces or Sales and Manufacturing.  These foundational cultural differences require different stories, echoed by influencers in proximity and expected from their commanders or managers.

8. Operational performance-driven

Affairs or business-level transformation may focus only on improving a process or operational performance. Performance improvement may be compliance, quality, productivity or maturity-oriented, as illustrated in Figure 9. All the above are feasible if the process or operation is at least the maturity level "defined". Below that maturity, other means are better. The quality approach improves, for example, process reliability, standardisation or best practice, and product or service quality. There are also quality frameworks for the entire enterprise.  

Continuous improvement of operations (LEAN or Toyota  approach) is part of the organisational culture that brings problems upfront, eliminates all waste (muda) in continuous effort (kaizen), and uses the pull principle to avoid overproduction and storing along the value stream.

Capability maturity improvement  is the third approach in this category. Starting from US DOD requirements for software development quality, the CMMI models have expanded to help organisations understand their capability and performance. They offer a guide to optimise business results using good practices, performance measuring, reliability and life-cycle costs analysis, and sustainability estimations. 

Figure 9: Operational or process performance-driven transformation

Operational optimisation improves the quality of service, output and cost-efficiency, but implementing it may face the following challenges:

  • Even a CMMI 5-level software developer fails if the definition of the requirements is unclear, the required effort is underestimated, or the outcome is expected within the unrealistic deadline. 
  • Performance is evaluated, and certifications are granted for an organisation, never being established at behavioural or cultural levels. 
  • LEAN transformation is a strategy that cannot be delivered as a project. Continuous improvement requires continuous measurement and ridding of evident waste. The understanding and need for action should be written in policies and adapted to the culture. 
  • LEAN is a holistic transformation involving the entire enterprise. It takes years to accomplish and requires involvement from all personnel, not only the early adaptors. 
  • None of the quality management applications are successful if the management does not support them, there is no connection to financial performance, and process performance goals are not established or measured. 

9. Social, Co-design driven

A broader social change requires better tools than projects, programs, portfolios or implementations of strategies. One approach for social change is co-design, which uses design thinking methodology but in a more cooperative nature.  Design thinking is a method teams use to understand users, challenge assumptions, redefine problems, and create innovative solutions for prototypes and tests. Design thinking includes the phases of 

  1. empathise with the society or user group, 
  2. defining their challenges and possible solutions.
  3. cycles of prototyping and testing will provide a solution that everyone can agree on
  4. deployment may begin.  

There are three approaches societies or enterprises may use to free people to solve problems in Figure 10. Emancipation delegates authority to new teams to seek and test solutions, establish a unit, and merge back into society or affairs after maturation. Liberation empowers personnel to innovate and improve (Google's 20%-time policy)  anything they are passionate about. Abolition is a method to reform existing behaviour by banning constraints or freeing people from current legislative or social codes to find more suitable codes of conduct as a society.  In the enterprise, this may be implemented by establishing subsidiary companies outside of the parent company's institutional management and letting the subsidiary find the best ways of production and engage with their customers with a more entrepreneurial culture. 

Figure 10: Co-design approach to social transformations

Degrees of freedom, delegation, and understanding of outcome may vary in the three levels of co-design. So do the challenges in using this method for transformation, for example:

  • Co-design is an iterative and collaborative process, which can make it difficult to predict outcomes. Institutes may perceive this lack of predictability as high-risk and hesitate to invest. 
  • Attempts to innovate new behaviour and value fail because long-term plans are missing, lack of innovation or entrepreneurial mindset, fear of failing, lacking means to engage competent people, or lack of budget. 
  • According to the statistics from the US, about 45% of new companies fail within the first five years. The reasons for failures may include not understanding the market, establishing the business processes, not having enough starting capital, or expanding too fast. 


 REFERENCES:

Lamarre, Eric; Smaje, Kate; Zemmel, Rodney. Rewired: The McKinsey Guide to Outcompeting in the Age of Digital and AI (p. 1). Wiley. Kindle Edition.

  Suleyman, Mustafa; Bhaskar, Michael (2023): The Coming Wave - Technology, Power, and the Twenty-First Century's Greatest Dilemma

  Johnson, Simon; Acemoglu, Daron (2023): Power and Progress - Our Thousand-Year Struggle Over Technology and Prosperity

https://www.linkedin.com/pulse/msp-managing-successful-programmes-singh-msp-pmp-csm-/
  AXELOS: Management of Successful Programmes; Programme impact matrix

https://en.wikipedia.org/wiki/DOTMLPF

  https://en.wikipedia.org/wiki/Capability_management

  https://guides.visual-paradigm.com/understanding-the-architecture-content-framework-in-togaf-a-comprehensive-overview/

  https://en.wikipedia.org/wiki/Enterprise_resource_planning

  https://www.redcom.com/what-is-c5isr/

  https://www.intrafocus.com/lead-and-lag-indicators/

https://discover.dtic.mil/wp-content/uploads/809-Panel-2019/Volume3/Recommendation_37.pdf
 
 https://www.britannica.com/topic/arms-race

  https://en.wikipedia.org/wiki/Continuous_integration

  https://en.wikipedia.org/wiki/Year_2000_problem

  https://www.droptica.com/blog/5-problems-working-legacy-software-how-deal-them/

https://www.airandspaceforces.com/article/0392stealth/

  Applied from Lamarre, Eric; Smaje, Kate; Zemmel, Rodney. Rewired: The McKinsey Guide to Outcompeting in the Age of Digital and AI (p. xiv). Wiley. Kindle Edition.

  https://mitsloan.mit.edu/ideas-made-to-matter/5-building-blocks-digital-transformation

  https://en.wikipedia.org/wiki/Network-enabled_capability
 
 https://www.darpa.mil/work-with-us/darpa-tiles-together-a-vision-of-mosiac-warfare

  https://www.foi.se/rest-api/report/FOI-R--0671--SE

https://www.cio.com/article/278677/enterprise-resource-planning-10-famous-erp-disasters-dustups-and-disappointments.html
 
 https://c4isys.blogspot.com/2024/03/contemporary-operational-theatre-and.html

  Rosabeth Kanter, Barry Stein, and Todd Jick: ”Implementing Change” chapter in The Challenge of Organizational Change (Free Press, 1992)

  John Kotter: Leading Change: Why Transformation Efforts Fail, 1996

https://hbr.org/2012/09/ten-reasons-people-resist-chang

  https://en.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Alphabet

  https://www.a-star.edu.sg/enterprise

  https://direct.mit.edu/isec/article/47/2/48/113546/Dangerous-Changes-When-Military-Innovation-Harms

  https://orgmapper.com/why-do-mergers-and-acquisitions-fail/
  https://ssl.armywarcollege.edu/DCLM/pubs/Military%20Innovation%20Through%20Brilliant%20Mistakes%20(Hill,%20Allen,%20Army,%20July%202014).pdf

  https://hbr.org/2013/05/what-is-organizational-culture

  https://www.forbes.com/sites/isaacmizrahi/2019/02/19/storytelling-is-a-different-story-for-each-culture/

https://www.mckinsey.com/capabilities/people-and-organizational-performance/our-insights/a-single-approach-to-culture-transformation-may-not-fit-all

  Mansoor, Peter R.; Murray, Williamson. The Culture of Military Organizations (p. iv). Cambridge University Press. Kindle Edition

  https://www.mckinsey.com/capabilities/people-and-organizational-performance/our-insights/a-single-approach-to-culture-transformation-may-not-fit-all

  Mansoor, Peter R.; Murray, Williamson. The Culture of Military Organizations (p. iv). Cambridge University Press. Kindle Edition

  https://www.mckinsey.com/capabilities/people-and-organizational-performance/our-insights/a-single-approach-to-culture-transformation-may-not-fit-all

https://efqm.org/the-efqm-model/

  https://en.wikipedia.org/wiki/The_Toyota_Way

  https://cmmiinstitute.com/

  https://cmmiinstitute.com/resource-files/public/take-your-organization-to-the-next-level

https://www.diva-portal.org/smash/get/diva2:835753/FULLTEXT01.pdf

  https://aisel.aisnet.org/cais/vol17/iss1/36/

  https://kaizen.com/insights/why-are-most-companies-failing-with-lean-implementation/

  https://kaizen.com/insights/why-are-most-companies-failing-with-lean-implementation/

  https://www.villanovau.com/articles/six-sigma/avoid-six-sigma-project-failure/

  Noel, Leslie-Ann (2023) Design Social Change: Take Action, Work Toward Equity, and Challenge the Status Quo. Standford d.school Library

  https://www.interaction-design.org/literature/topics/design-thinking

https://medium.com/@nareshnavinash/googles-20-time-policy-60d5706084be

  https://www.dissentmagazine.org/article/abolition-as-method/

  https://www.macementer.com/insight/co-design-is-dangerous

  https://www.ideapoke.com/growthleader/reasons-innovation-fails/

  https://www.investopedia.com/financial-edge/1010/top-6-reasons-new-businesses-fail.aspx