2015-12-25

Transformation of military computing; Part C of Introduction to ICT rationalization program of the Finnish Defence Forces from Enterprise Architecture viewpoints

ARCHITECTURE FOR COMPUTING INFRASTRUCTURE

This is the third part of writings in introduction to FINDEF ICT rationalization that took place between 2004 - 2008 from Enterprise Architecture viewpoint.

Evolutionary outcome of few decades of military computing


The structure of computing in FINDEF by 2004 was a result of decades of evolutionary sediments. There was Mainframe (MF) computing providing terminal sessions over remote connections. There were number of stand-alone PC’s providing platform for many special applications for individual needs. There were VAX/VMS, SUN UNIX, Windows Server, IBM OS2 and Novel Netware client-server systems build for specific information system. Since 1995 there had been efforts to standardize this infrastructure but since computing was mainly owned by military branches and Services, there was no will or resources enough behind the rationalization. Most of the computing happened in each garrison within the reach of Local Area Network (LAN). Only Mainframe and some Human Resources related information systems were centralized as depicted in Figure 16.


Figure 16: The AS-IS situation of FINDEF computing in 2004

This structure hyped with over 130 medium or bigger computing sites (over 50 users each), each hosting over 20 bigger information systems, average number for administration tasks was 3000 per site.  There were over 300 different information systems, 5500 different applications, over 600 vendors, about 10% of total personnel and about 10% of annual budget in providing information related services in FINDEF. These services were supporting mainly (75%) administrative functions and not core functions. 

The analysis of linear continuum of this evolution forecasted unpleasant future for computing of FINDEF :

  • There are no more resources to support maintaining this heterogeneous infrastructure in FINDEF
  • The lack of resources and competent personnel is hindering the improvement of network enabled defence capabilities for FINDEF
  • As the complexity of Information technology increased it might become cost-effective to out-source IT support to partners
  • The competence of personnel in FINDEF is not sufficient to maintain heterogeneous IT infrastructure as complexity is distributed in all garrisons.
  • There is no base to build interoperability between Services, with other governmental agencies, with partners or with international allies since data is scattered in hundreds of dedicated information systems
  • The FINDEF is not able to comply with requirements of Information society program by the Government of Finland.

This analysis provided enough evidence to commence the transformation and create the sense of urgency called after in Kotter’s (1996) Leading change. 


New computing architecture for FINDEF

The idea for future computing concept was to gather most of the computing inside the core network and simplify the client in terminal device to degree that it is maintainable by end user. This required continuous connectivity to core computing services. The change in information management was actually requiring different connectivity also since data was born mostly in numerous systems and collected data warehouses. This ended up that no one man was able to make sense nor make decisions disconnected.

Core computing was done in metro information powerhouses, where presentation logic, applications and databases resided. Only thin client remained in end user terminals. Information powerhouses were categorised to centralized datacenters and regional datacenters according to survivability and scalability requirements. All three core computing layers created each a network in which both availability and performance was more scalable. Just by adding storage or processing units to already distributed structure, one was able to adjust the survivability as crises evolves or performance as need for storage or processing power appears. The information powerhouses provided a common session support and standard client platform to all applications. All sessions were protected with virtual private network connection. All clients were maintained with MS system management solutions. All sessions were identified and access granted based on strong identification via smart card. All application had same presentation layer provided by portal where role based access was categorising users first time. Then the actual servers and business applications were consolidated with three different solutions within information powerhouses:

  • Data center cabinet as a service was lowest level arrangement where the server was consolidated as-is from its remote location. Only power, cooling and infrastructure management was provided by information powerhouse and its personnel. Otherwise it remained under the responsibility of original owner. This status was given to servers that had more than 3 years but less than 5 years hardware life cycle left. Presentation layer was normally terminated at second layer with Citric Metaframe so client was changed to browser based.
  • Platform as a service, where existing applications were substituted with ones that were running over provided standard platforms. Those platforms were enterprise solutions as Lotus Domino, MySAP, CISCO computer telephony integration or IBM WebSphere. The standard terminal configuration included client software for these platforms. This was provided to those systems with less than 3 years of life cycle remaining.
  • Software as a service was provided from information powerhouse to replace a number of different applications. Process owner had to choose from provided list what application she preferred and then information powerhouse provided these applications as on-demand service. Process owner was released from other responsibilities and rights concerning applications, infrastructure and their maintenance.

The TO-BE architecture for FINDEF computing infrastructure is illustrated in Figure 17.



Figure 17: The planned computing architecture for 2007 onwards in FINDEF

The migration from distributed and stove piped structure towards more centralized and flexible structure took four years and several steps in improving the competence of personnel.


Consolidation of military computing in creating flexible infrastructure for network enabled defence

Consolidation of the FINDEF computing was divided into two main courses of action depicted in Figure 18. Enterprise resource management area of military affairs was consolidated from all those information systems and networks that were categorised as administrative or supportive computing. This environment was optimized to support client-provider value chain that extended beyond the borders of FINDEF. It was also optimized for effective force production and force support. The consolidation was a migration from over 100 garrison based computing sites either to less than 10 regional sites or directly to three main data centres. Where the Application Service Provider (ASP) maturity of technology and processes were achieved, there outsourcing to Provider Partner was considered. The leading idea was that outsourcing problems before solving them at least at process level is not a long-term solution. 



Figure 18: Consolidation of the computing of FINDEF

As the consolidation of administrative information technology was phased first, there was also requirement for this program to release human resources to execute the second course of action in operational computing. This environment was heading towards integrated command and control structure where main process relationship would be supporter – supportee. It was also to enable do more with less resources as combined arms fires, joint logistics and flexible decision making.

The migration was from unit and arms specific systems towards “cloud computing” structure of about ten data centres that would provide both operational and tactical applications as service besides the organic applications hosted in each unit. This was to enable more flexible use of information in each phase of operation and readiness of defence. Thus Air, Navy and Land command and control systems were hosted AS-IS in operational data centres being forced to exchange data via joint level command and control system. Surveillance and Reconnaissance systems were connected to operational cloud besides their parent units thus enabling the collection and fusing of multisensory picture for enemy tracks. The consolidation in operational environment was to end with separate domains for fires, command and control and sensing.

Together the two main environments for operations and support created the foundation for networked enabled defence: Value chain for both Teeth and Tail enabled with information. This end was to provide ability to use different specialized units together in mission; enable flexible cooperation with different governmental and non-governmental agencies within international context and finally achieve the strategic goal of flexibility in facing whatever surprise adversary and situation might produce.

The consolidation of computing was visible also to end user when the devices of their everyday workplaces changed. This proved right the clause of “Everybody is ready for changes, but nobody wants to change” or as Aristotle says “We are what we repeatedly do”.


Tangible results visible to all end users

The personal and branch driven evolution of electronics was visible on the table of administrative end user. The sedimentation over 10 years of personal computing was evident as each user had in average three personal computers with printers and other peripherals. He was also provided with 2-3 different telephones. He had a number of copiers, scanners and facsimiles available in his office. The maintenance and sustenance of all this electronics was overstretching both available personnel and budget. The change faced by average end user in FINDEF through 2004 – 2008 is illustrated in Figure 19.



Figure 19: Rationalization of administrative ICT devices provided to end user through 2004 – 2008

The biggest change was provided when Internet workstation was replaced by Internet as a service within administrative workstation. This was done in information powerhouses where 30 000 Internet users were terminated with Citrix metaframe and the connection was provided as a service to all administrative users. Since operational environment was providing a special laptop computer for mobility, all administrative PC’s were consolidated into one machine with either 5 years lifecycle provided by C4I Agency or 3 year lifecycle provided by a leasing company. As computers were replaced either within 3 or 5 years FINDEF also got rid of unnecessary busy work during updates of major operating system and excess on-site support.

The other bigger change was the centralization of printing, scanning, copying and faxing. This was again provided as a service by C4I Centre with good support of partner. All peripheral devices were consolidated into department or unit centred multifunctional machines. Costs was transformed from fixed to flexible so expense was only from usage rather than investment. Service was provided as turn-key solution including papers, ink, cartridges and maintenance. It affected about 14 000 users and replaced about 9 000 different peripherals with 2 000 multipurpose machines.
  
Telephony service was also rationalized since average user was not utilizing the added services provided by fixed digital ISDN phone. Together with ISDN-phone the large network of ISDN branch exchanges was also dismantled. More modern mobile telephony service provided by a partner was decided to use for military administrative purposes. Only a small number of analogue telephones was to remain for providing special needs. Operational telephony users were provided with TETRA services and computer integrated collaboration applications in their laptops.

Since end user changes do create the biggest opposition there was important to get the highest level sponsorship behind these transformations. The commander of FINDEF together with all Generals were the first to use new services thus showing example to all personnel. Chief Information Officers in each Service were leading training and awareness sessions and made themselves the “super users” of new devices and IT services showing hands-on to the personnel the example in improving every day knowledge work.

This ends the third part focusing on transformations in computing architecture. The next part is describing the changes in command post architecture of FINDEF.

2015-12-19

Transformation of military connectivity; Part B of Introduction to ICT rationalization program of the Finnish Defence Forces from Enterprise Architecture viewpoints

Utilization of Enterprise Architecture approach in major transformation of Military Affairs and ICT services in Finland 2004 - 2008.

This is the second part of series of writings under this title!


ARCHITECTURE FOR NETWORK STRUCTURE



Vision in changing the connectivity of FINDEF


The concept for military connectivity to guide the transformation of networks is presented in Figure 11. The aim was to build a nationwide mission network that enables troops, platforms and command posts to move within reach of the network and sustain connectivity by roaming between several alternative access points and networks. National level joint forces would be able to operate while supported by the mission network and when assembled together level they would be able to roam seamlessly to use tactical C4I-services. This includes both military and other governmental stake holders important for defence of Finland. Connectivity would be at level of availability to provide reliable connection to centralised data and IT services residing within core network.



Figure 11: A vision for military connectivity in FINDEF

Connectivity would allow both centralized “cloud computing” and “peer computing” at edges of the network. It would also allow connecting visitors from other organizations to join in using shared services.



Reality of 2004 situation in military networking


The military network of 2004 was built for totally different purposes than 2008 vision dictated. The architecture was following traditional approach of connecting sites together. Wide area network (WAN) was connecting sites together by using basic trunk connections provided with PDH and SDH technologies, ISDN family of circuit switching and data packet switching with IP routing WAN. Local networks were providing connectivity within each site. As-is architecture for military networks 2004 is illustrated in Figure 12.




Figure 12: The AS-IS architecture of 2004 transportation networks of FINDEF

Network structure itself was not providing any other value but connection between sites. All intelligence and added value was within branch and terminal devices that used connections to provide ICT services to users. Communications services included transfer of documents, messages and voice. Plain trunk connection services was also provided to Services and Branches capable in hosting their own information structure. The communications services provided in FINDEF 2004 are illustrated in Figure 13.




Figure 13: The communications services provided to average military user in Defence 
Forces Finland in 2004

None of the services were available outside of garrisons unless they were provided with local systems. Logical infrastructure for communications services was not transferable. This led to practise of extending the garrison based ICT-services to operations and exercises. There were situations where garrison based LAN was extended at Ethernet level over hundreds of kilometres to support troops in exercises. All changes needed time to plan since they were unique. Several technicians were needed to configure their specific nodes and systems before service was extended properly. Network was mainly built to support peace time functions of FINDEF and included many old layers of structure that had just remained like sediment in the structure.


Simple, agile and faster connectivity of 2008


The topology of FINDEF network was changed towards two tier structure: 1. Core networks to lay stable platform to centralised cloud computing and majority of enterprise wide ICT services. 2. Access networks to provide reliable connections between users and needed services. Local based networks were gradually migrated towards these two options. The 2008 architecture plan for the networks of FINDEF is outlined in Figure 14.



Figure 14: The TO-BE architecture of 2008 networks for connectivity in Defence Forces

The physical layer of national fibre network was boosted by wavelength division multiplexing (WDM) that provided both higher performance between data centres but also more alternative routes for access network. The data link layer of core network was simplified by using only two strategic technologies (Synchronous Digital Hierarchy (SDH) and Multiprotocol Label Switching (MPLS) to provide both performance and quality in connection services. Legacy technologies (PDH and low band SDH) were migrated towards different access networks since some end devices were not able to use pure Ethernet and IP-connection. New network access (NA) point provided end-to-end managed channels from customer edge to provider edge at IP packet level. This simplified the configuration management and enabled improving the quality of service (QoS) for connectivity. 
New service access (SA) point was provided by using only two access standards: Wireless Local Access with 802.11x protocol and wired Ethernet access on 802.3 basis. This simplified end users means in plugging their terminals to access network and released technicians to manage more complex systems. Voice circuits and services were integrated with IT services (Computer Telephone Integration, CTI) or provided with mobile networks only (GSM and TETRA). This released a number of people to build and operate new ICT-services.  

Communications services were consolidated from each site to be hosted in joint and common “cloud computing” structure. The military connectivity doctrine was changed to user – service from the previous site – site. This enabled two major transformations:

  • Nationally and regionally provided communications services that were accesses via simpler access networks
  • Each end user was able to plug their terminal in network and start using provided communications services as illustrated in Figure 15.



Figure 15: Communications services for 2008 end users and military units

Simplification also released number of technicians and signals troops as local technical complexity was replaced by nationwide service cloud.  This contributed also to diminishing manning resources of Defence Forces.


Execution of the network transformation


The project for iC4ISTAR connectivity was launched 2004 and accomplished the migration of WDM and MPLS networks by the end of 2006 . The network migration was done using products and expertise from Cygate, Siemens and ECI. Technical competence was injected with academics and engineers from Helsinki University of Technology.  Same time national TETRA network and its services was extended within FINDEF in close cooperation with Erillisverkot Oy, the governmental service provider. GSM mobile voice services were outsourced to TeliaSonera. Simultaneously terminal devices were standardized and provided in principle of choose your own device.

New system for access networks was based on development cooperation between FINDEF and private companies. Later Ascom Oy acquired the main development company and created an international concept for military access networks. Access device was accepted as an armament system at 2006.

On 2006 the cooperation between FINDEF and other teleoperators was improved. Standard service catalogue was updated, agreements on cooperation during crises established and FINDEF started to provide and use telecommunications services more professionally. FINDEF started to provide telecommunication services to Erillisverkot Oy for them to further refine them to other governmental organizations. The concept of governmental cooperation was tested in TIETO 2007 exercise.


Military joint operations were accelerated with network services provided to 2008 Rajapintaharjoitus (Annual Joint C4I technical exercise in Finland), where C4 Centre was providing new access network services to major Services and Branches of Defence together with Police and Fire Department. 

This is the end of part B.

The following parts will include architecture views from computing, command post structure, information management and information security points.

2015-12-05

Introduction to ICT rationalization program of the Finnish Defence Forces from Enterprise Architecture viewpoints, Part A




Utilization of Enterprise Architecture approach in major transformation of Military Affairs and ICT services in Finland 2004 - 2008.

This is the first part of series of writings under this title!

SUMMARY OF THE TRANSFORMATION IN FINNISH DEFENCE FORCES (FINDEF)



In preparation for the improvement of the Military Affairs by 2008, there was initiative for preparing the branch of 6 (Communications and Information Systems) to better enable joint and interagency operations within Finland. This program was named The Rationalization of Information Management in Defence Forces (TIERA[1] in Finnish). Program was executed in three phases: I initialization, II preparation and III implementation. This paper is focusing on the phase III – Implementation.

The foundation for transformation was laid in the Finnish Security and Defence Policy 2004 white paper stating that:
  1. Organization and command structure of the FINDEF will be flattened;
  2. Command and Control of Defence will be renewed and integrated;
  3. Administrative information management of the FINDEF will be rationalized.


These strategic guidelines meant that diversification of Services, Commands and Branches will end and Defence Forces shall start transformation towards more flexible, joint and networked organization. New performance was to be found from unification and coordination of military affairs strategy as depicted in Figure 1.

Figure 1: Major transformation of organization and strategic affairs in Finnish Defence Forces 2008

Coordination was needed with joint operations and over distributed command of regional defence in all traditional operational dimensions. Unification was requested in having more streamlined support and force production functions. Transformation in military core affairs was calling after restructuring the whole information management and command systems that were mainly built to support separate functions per Service or Branch of Military. Rationalization also meant that administrative information management was to be provided as common service to all Services and Units within the FINDEF and its strategic partners.


Transformation in Military Affairs was seeking after the redesign of the ICT-structure starting from network topology, providing shared information for “one truth within enterprise” and standardizing most of the business applications at enterprise level. Figure 2 is showing the change from 2004 garrison based “stove pipe” information systems to Enterprise wide platforms, where specialization of the Services were still followed at tactical level. Consolidation of information technology was achieved by concentrating first to administrative and internet domains. As they were releasing resources, focus was turned towards operation and tactical domains. This provided also strategic transformation of resources from support towards core affairs in defence.


Figure 2: The transformation of ICT Architecture in Finnish Defence Forces

The 2008 ICT structure was providing more secure information and processing services both to peace time force production, international operations, interagency co-operation and war time intensive combat. Joint ICT-service provider, C4I Agency of Defence Forces, was established to provide services that enable flat command structure and joint and interagency operations in robust and survivable manner. Local applications and systems were consolidated and their ownership transferred to C4I Agency, which executed very strict elimination/substitution process at technology level. The ICT-structure of FINDEF was divided into seven remaining domains: 1.Internet, 2.Administration, 3.Operations, 4.Intelligence, 5.Sensors, 6.Fires and 7. Land tactical.

In the end of transformation most of the infrastructure, systems and data was operated by Joint ICT-service provider. The Services and Branches remained in charge of processes, information and knowledge. The Services also were to improve their tactical and battle technical capabilities. ICT investments were managed at enterprise level with capability portfolios. All joint and common ICT-systems were provided as a service (SaaS).


VISION FOR SMARTER DEFENCE FORCES



Stove piped approach did not produce major capabilities



The white paper for Finnish Security and Defence Policy 2001[1] declared that:

"The first stage of the development programme will be the issuing of procurement authorizations for intelligence, surveillance and command and control systems in the period 2000-2005. The main procurement projects concern mobile electronic intelligence and surveillance units, combining the data transfer systems of each of the services, information system integration, and modernization of the Air Force surveillance and command and control system to bring it up to par with the performance of the interceptors."


By 2003 though there had not been any major advances in combining data transfer systems or integrating information systems. Every service and branch was improving their own structure and capabilities without common strategy. It was evident that ruling culture of diversification needed to be changed with more drastic means.



Clear vision in context of a bigger picture








The creation of vision started early 2001 when first workshops were launched in drafting a business concept for networked military force modelled in Figure 3. Vision for modern military affairs was based on eTOM[2] business model since it captured all aspects of networked business and value chain.  Customer was replaced with Adversary and value stated as “effect in adversary’s system”. Operations was translated to force utilization and strategy to building readiness. Force support was already in the model as it is formed from networked business model. Management was changed to strategic planning covering the whole networked force with all its stake holders. Relationship management layer was turned to effect delivery. Services layer to teeth of combat i.e. combined arms capabilities. Resources layer was called management of resources and tail indicating both troops in operation and their supporting elements both in logistics and troop production. Supply chain layer was called chain of value in total defence. This indicated Defence Forces need to control the whole chain of value used to enable and deliver military effect.

Figure 3: New concept for military affairs using eTOM framework for digital enterprise
Shareholders were recognized as Government and Citizens closing the sides of Clausewitz’an triangle[3] and extended with personnel of Defence Forces. Strategic capabilities were reduced from the model by running a number of war games against different adversaries in various scenarios. Strategic capabilities of digitized Defence Forces were defined as:
  • Effect based: Contrary to plain attrition of adversary force, the effects are directed to essential nodes of adversary’s force system which causes adversary to lose its capabilities exponentially.
  • Plug and shoot: networked arms and sensor platforms together with troops that can be manoeuvred around the area of operation to avoid being destroyed by counter fire. Still they are plugged promptly to sensor and fires networks and able to deliver their effect in time and place.
  • Plug and manage: a continuous flow of Command, Control, Communication, Intelligence, Surveillance, Target Acquisition and Reconnaissance information flow and services that enable plug command posts into operational network and start conducting operations and tactical tasks.
  • More together: a network of resources that can be tapped as needed and orchestrated with strategic and operational awareness to maximize the effect and support to forces.

This flexible model for military affairs was based on strategic strengths of faster learning and higher level of soldiers together with moral high ground of defending one’s own country.


Experimenting to gain assurance for some key components of new structure




This vision was tested in exercises and development projects[4] in Northern Command during 2001 – 2004. The intermediate report from Northern Command on 2002 was proposing a technical and process blueprints for future Command, Control, Communications, Computers and Information structure. It also provided a concept for distributed command post structure that provided survivable and continuous management of Defence Forces. A transferable Operation Centre (TOC) was one of the experimental projects launched.



The TOC project was funded in the traditional way. The budget plan for years 2001 - 2005 was laid out in 1988. The project was given a task to rethink the whole concept from beginning and not necessarily follow the linear armament development approach. A spiral development method was chosen since objectives were not clear and capability target was moving. The first spiral was very careful minimizing all risks. It build a great confidence since the second cycle aimed to serve a very important exercise. After success, all levels of concept got speed into their development cycles and new innovation was introduced specially at the process level.



Information technology parts provided the most opportunities during the first two cycles, but afterwards the process level gained most results and enhanced the command and control in very profound manner – changing the method of staff work itself and not only the tools around Headquarters.



The TOC project provided an example of iterative development method where the objectives of each cycle were adjusted according feedback from Command post exercises. The project did achieve capabilities that were not imaginable in the year of founding (1998) but within the budget and timetable as anticipated. Figure 4 describes the cycles of spiral development in TOC project.

Figure 4: Development spirals of TOC development between 2001-2003

Experimenting provided needed assurance in:
  • A Survivable Command Post concept
  • Operation and execution processes that enabled distributed plug and manage concept
  • A concept for “cloud computing” services and transferable provision of ICT services
  • A spiral Development Method that provided controlled means to achieve goals that were not precisely defined.




Setting goals at highest level to gain authority for transformation




The transformation of Military Affairs in Finland was defined in the white paper of Finnish Security and Defence Policy 2004[5]. It declared the following goals to guide the change:

“Command of the smaller, more mobile wartime forces in the 2010s requires a situation picture as real-time as possible. To ensure correctly timed command arrangements, an integrated intelligence, surveillance and command and control system will be developed for the Defence Forces. This will enable the common real-time situation picture to be communicated to every service and the creation of sufficient communication links. The command and control system will be internationally interoperable.”

“The Defence Forces’ information management system will be rationalized. The new information technology platform will be divided into operational and administrative environments by the end of 2009. The administrative environment will be highly centralized, allowing allocation of resources to meet the needs of the operational information technology environment and also to enable other security authorities (determined separately) to be linked as users into the system.“

These two statements provided the highest sponsorship to start transformation of both Command and control (C2) structure and ICT infrastructure of the Finnish Defence Forces.



Firstly it launched the analysis of the strategic attributes for the transformation of command structure. Analyses was already started with earlier pilot programme for transferable command post but now it was extended to the Defence Command and its’ Research Centre. Focus was given to intelligence and situational awareness; target acquisition and fires; command, control and battle management; management of support and resources illustrated in Figure 5. The core C4ISTAR processes were supported with enablers as:
  • Virtual execution: No key C2 process function should be too dependent on any site, time, system or specific people as it might be a single point of failure. Virtuality of structure and functions should provide the resiliency required in special area of operations in Finland.
  • Flexible change of execution: If any command post, any troop, any weapon platform in any situation gains advantage over adversary, there should be ability to support that entity with other force elements available. Any feasible improvised means of countering adversary should be exploitable through the force.
  • Competence Acquisition: Ability to learn and adapt to evolving situations. Systematic learning needed to be supported. This meant enabling both individual, team and machine learning during operations.
  • Knowledge Management in four different situations:
             KNOWN – existing structured and unstructured information is available to all
             authorised users.
             KNOWABLE – Reachable data is available for experimenting, expert analyses,
             fact-finding, and scenario planning. Collaboration between decision makers and
             subject matter experts is accelerated.
             COMPLEX – active and forceful reconnaissance is connected with decision makers
             and different experts to enable modelling – probing – recognition – decision cycle to
             be faster than adversaries.
             CHAOTIC – decision makers are trained with a number of situations, decisions and
             analyses of outcome and made familiar with the features of area of operations.

Figure 5: The approach for improvement of C4ISTAR in FINDEF

These enablers and attributes were supported by three parallel structures of ICT services:
  1. Situation services focused to share information on current situation and managing structured transactions
  2. Voice services focused on enabling flexible collaboration with voice, video, chat and application sharing thus providing means for informal communication.
  3. Content management services providing support to formalised, unstructured information management.

The three structures were built strategically parallel and to a degree independent thus providing reliability to digitalized C4ISTAR functions. There were no analogue or manual substitutes available in fully digitalized command structure unlike in previous generation command and control system of 1990’s.[6]

The white paper of 2004 was calling after “The new information technology platform will be divided into operational and administrative environments by the end of 2009.” This provided the strategic level views for information domains and policy in Enterprise Architecture: Tactical domains, Joint operational environment, Administrative environment and eFinland environment pictured in Figure 6.
 

Figure 6: Vision for strategic information environments and their connections in FINDEF
These information domains were to be connected with secure gateways (GW) to allow information flowing in supporting force utilization and out to enable support and force production. Internet based services were to be used from Administrative environment in secure way. Administrative network based services were to be used from Joint operational environment. Services in tactical networks should be hosted both on joint operational infrastructure and on tactical platforms. The vision also predefined that outsourcing was to be used in improving cost-efficiency of ICT service production and in releasing in-house resources to be used more in joint operational environment.


STRATEGY FOR TRANSFORMATION


Major thresholds


The strategy for transformation of military affairs in Finland was divided into three phases illustrated in Figure 7:


Figure 7: Strategic phasing of transformation of FINDEF
  1. ICT Rationalization (TIERA) 2004 – 2008 creating enabling infrastructure for other affairs to be changed. Focus was both on technical development but also improving the ICT service provider maturity. Subprojects included for example Rearranging the network infrastructure, Consolidation of common services in Administrative environment and establishing joint operational environment providing simple information services empowered with collaboration and content sharing.
  2. Development of both operational and support functions of FINDEF with two programs of:
                 Integrated Command, Control, Communications, Computers, Information,
                 Surveillance, Target Acquisition and Reconnaissance (iC4ISTAR) 2004 – 2010
                 focusing on improving force utilization and

                 Enterprise Resource Management (ERM) 2005 – 2012 focusing on enabling
                 force production and support.

Network Enabled Defence 2006 – 2015 where joint and common enablers will support FINDEF to reach towards greater capabilities that provide strategic advantage. This phase was calling after new innovations and research to exploit new capabilities at military levels of tactics, operations and strategy in pursuing towards advantages over possible adversaries.

The challenge of these kind of transformation was captured from Gartner Group saying that there are two major caps to overcome on the journey:
  • First cap is preventing the development of joint functions. This is predominant in enterprises that are diversified with long cultural legacy. This call after the change of power structure within enterprise as “stovepipe” ownerships, investments and service production diversifies the whole of organization.
  • Second cap is preventing the development of joint capabilities. This calls after new ways in approaching adversary, projecting force and effecting in adversary’s system and utilization of force. Militaries throughout the history have struggled with this doctrinal transformation[1].

Campaign plan


The strategy in overcoming these major thresholds included major organizational changes on 2008 to close some strong organizations and create feeling of inevitable change within FINDEF. Leverage for transformation was provided also from outside of FINDEF with program for information society. Government was running this program to change the governance towards enterprise approach, improve the services towards citizens and enable transformation towards information society. This provided necessary outsider to drive development, interagency co-operation and integration with society. The campaign plan presented in Figure 8 was aiming a stage where information would be considered as an asset and also as a weapon. Journey towards these goals should be taken with small development steps. No revolutionary approach but merely accelerated evolution.


Figure 8: The campaign plan for transformation of FINDEF
The in-house transformation of FINDEF ICT structure included parallel experimenting and testing for new possibilities in defence and changing the existing ICT infrastructure. Plan called first the rationalization of administrative information environment and streamlining the support functions in military affairs. Experienced and more competent professionals were then focused to develop joint operational environment and integrate tactical domains with it. The new platform was planned to enable joint, interagency and information operations. As 2004 white paper for security and defence policy was providing the jump start declaration, there was 2009[2] white paper providing acceleration to transformation proclaiming that:

"The Defence Forces command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) systems generate an integrated military situation picture (land, sea and air as well as information and the IT environment). The national system is utilised to expedite planning, command and control and execution. Defence capability against an adversary’s cyber attacks is maintained and improved. The nationwide logistic system taps into the resources of the entire society in supporting military defence."

White paper set goals to integrated situational picture including the “cyber” dimension, protection against cyberattacks is improved and logistics is extended to reach further to defence value chain.

Enterprise architecture

The campaign plan was supported with enterprise architecture planning. First architecture project was established early on 2004 first to define existing structure but quickly it become means to provide orientation in strategic decisions during the journey. The enterprise architecture was divided into substructures presented in Figure 9 and partner to create integrated project team was chosen on late 2003.

Figure 9: Enterprise architecture subdivision in supporting the ICT infrastructure transformation

The planning of architecture was managed from two parallel dimensions: architecture team and business team. Architecture team was focusing on information systems and services layers whereas business team was supporting with business models and processes. Integration, platform and connectivity was planned within each executing project (Networks, Hallnet and Opnet) and firmly governed by J6 division (program office) in Defence Command. 

Besides the main reference architectures for administration and joint operations there were also subsets for Internet based services, interagency enablers, strategic partners and international interoperability efforts. They did not have their own reference plans but were defined features in other references. Tactical information environments were managed in operational reference architecture domain as pictured in Figure 10.

Figure 10: A view to reference architectures of FINDEF

The following chapters will illuminate further the substructures of enterprise architecture of FINDEF as the transformation was planned and executed.


This ends the first part of the paper on ICT transformation in FINDEF during 2004 - 2008 from enterprise architecture viewpoint.