2017-11-03

Artificial Intelligence from a Military Viewpoint

Artificial Intelligence

Artificial Intelligence (AI) can be defined as follows: AI is a collection of technologies that allow machines, programs or systems to sense, comprehend, act and learn almost like human beings.  

The AI has currently enabled for example the following changes in societies:

  • Warehouse robots and people are working aside in retrieving and storing goods. This has improved warehousing industry.
  • Intelligent automation is supporting maintenance engineers in remote locations and replacing banking officials, insurance analysts, financial consultants, and health measuring personnel in routine functions.
  • The program can learn the rules of a complex board game and beat the best human and preprogrammed machines in the game.
  • Robots serve hotel guests and hospital patients with meals and services they ordered.
  • Risk modelling service learns thousands of incidents continuously and can predict and assess the probabilities of risks than a human being. 
  • Intelligent manufacturing controller can cut the factory downtime almost to zero by collecting information from all the factory devices and taking care of their parts replacement before they break.
  • With driverless and connected cars, the people travelling become targets of online shopping, entertainment or remote working.
  • Use of infrastructure services, business transactions, and service transactions becomes more monitored, and governments can change for example fixed road tolls and taxation to a more pay-per-usage model which enables better guidance of the behaviour of society.

The AI is one enabler of the current revolution in economics, industry, and societies called version 4.0 which is also called the era of cyber-physical systems and Internet of Things. The most evident progress has been made recently in the areas of computer vision and audio processing; natural language processing and knowledge representation; and machine learning and expert systems. The progress is based on improvements in Deep Learning, Big Data and computing power provided by clouds.


The areas of future improvement with AI

Especially the improvement in natural language processing, computer vision, pattern recognition and reasoning and optimisation have been accelerated by machine learning and introduced some signs of machine intelligence. Currently, we are witnessing the next leap expressed in Table 1:



Table 1: Development of AI capabilities 



Foundations of AI and possible vulnerabilities

Deep Learning methods have been one accelerator for Artificial Intelligence. Deep learning refers to the ability of Artificial Neural Networks (ANN) to use more than one hidden layer to process complex data sets, which improve image and speech recognition and natural language processing. Deep learning is a branch of machine learning based on a set of algorithms that learn to represent the data.  A simple Convolutional Neural Network consists of multiple layers that each present different perception as explained in following image categorisation and Figure 2:

  1. Visible layer provides pixels that the sensor could detect
  2. First hidden layer can detect edges based on brightness differences between neighbouring pixels
  3. Second hidden layer detects corners and contours from the edges of the previous layer
  4. Third hidden layer can put together patterns of edges, corners, and contours and create objects and parts of a whole
  5. The output layer can provide features of objects in the picture to be able to differentiate them in groups as a car, person or animal (Goodfellow, Bengio, Courville: 2016; Pp.6).


Figure 2: A simple Artificial Neural Network that detects objects from pictures © Zeiler and Fergus (2014)

Deep learning ANN requires large, high-quality datasets for training.  Either these sets of data will have rules of the knowable situation and AI adjusts to small variations, or AI is self-determining the rules of engagement from a substantial number of events. With low-quality data, machines learn unintended behavioural patterns like Microsoft ‘Tay’ robot who was closed after it was exposed to public interaction and crowd made it a Hitler-loving and ‘Bush did 9/11’ proclaiming bot . Similar has happened in Russian, where Yandex (‘Russian Google’) digital AI assistant ‘Alice’ become Stalinist, suicidal and wife-beating in its replies to questions. 

Ability to apply Artificial Intelligence in Military Force structure depends on the following enablers:

A. Big data collected from all interactions and context to give stability for deep learning

  • Digitalised interactions where action is captured in digital format as near of its occurrence as possible, i.e., highly connected and digitalised ISR systems 
  • Substantial amounts of data require storage capacity and meaningful metadata
  • Society and partners that can provide Big data from events beyond the detection of Military

B. Stabilised processes that make interactions known and repetitive (programmable) or discrete and predictable (learnable for AI) 

  • If interactions and events are known and repetitive, they can be automated which reduces the cost, improves performance and integrity. For example, automated warehouses, report bots, service support, virtual assistants.
  • If interactions and events are discrete but predictable, they can be atomised, i.e., divided into smaller portions, and the whole is controlled by intelligent machines. For example, optimised transportation while drivers are still human, intelligence analysis in parts, supply orders created from independent stores, target acquisition for joint fires shared among the available fire platforms. 
  • If interactions and events remain complex and ambiguous, they may be supported with AI enabled augmented reality that helps humans to analyse situation faster and take necessary actions. For example, the connected shooter has AI supporting his target acquisition by detecting the normal behaviour; a physician is supported by augmented reality while operating a wounded in a field hospital; a commander is supported by augmented reality while assessing the situation.

C. Computing power that is available from cloud computing infrastructure 

  • Automated functions are running on embedded processors, but programming requires modelling and simulation 
  • Atomised work supported by centralised AI requires distributed computing power survivable in a military environment.
  • Augmented reality in complex situations requires ‘IBM Watson’ level high-performance computing power
D. People familiar in data literacy, technological literacy, and human literacy .

  • Data literacy means metadata, ontologies, semantic structures, data governance
  • Technology literacy means understanding of how technical systems work and create the social-technical enterprise called military force
  • Human literacy means understanding and skills in cultural, social, emotional, communication, design, and innovation dimensions.

E. Ability to protect one’s cyber environment 

  • The integrity and availability of AI become crucial to the forces that are depending on them. The possible adversary sees the Information Technology and Communications infrastructure together with the data more tempting target.



What are other nations doing?

AI is one of the most potential technologies which may change both nations and companies posture in productivity and competition.  It has been estimated that up to 50% of existing jobs will be changed within the next 20 years and 75%   by the end of the century because of robotisation, artificial intelligence, Internet of Things, and digitalisation.  

The USA is a clear leader in AI measured in the number of patents and companies. The primary resources for AI research are from global companies like Apple, Google, and Facebook. 

China is second due to their governmental investments although Alibaba and Tencent are doing their share. 2017 published “Next Generation Artificial Intelligence Development Plan” is aiming:

  • 2020 the Chinese AI development and implementation are at global best. The AI-based industry is a key area for commercial growth.
  • 2025 the Chinese AI is the primary driver for the transformation of industry and economy. China is the leading country in AI research and development applying it in industry, health, and defence.
  • 2030 China is a global innovation centre for AI. China is possessing a leading role in the global implementation of AI.

Europe is lacking but the northern countries, Finland and Sweden being right after the USA in AI-based growth.  Finland is following eight paths in developing and applying AI in gaining a national strategic advantage:

  1. Enterprise-driven ecosystems to apply AI
  2. Digitising and improving the data in all areas of society
  3. Helping SME’s in applying AI-based products 
  4. Improving competency, education, and practice in AI related subjects
  5. Research and investment funds support transformation 
  6. AI enabled public services 
  7. Establishing new models for cooperation between Public, Private and Voluntary sectors 
  8. Political efforts within EU.

Finland sees two scenarios as AI implementing society before 2030 :

  • Accelerating with AI: The Gross Domestic Production will grow in average 3% per year and employment will improve 5%. Over 15% of the existing jobs will vanish, but AI and its secondary effects will create 20% new jobs.
  • Braking in applying to AI: The GDP growth may be below 0.8% annually, and employment may become worse than today. Over 15% of the existing jobs will vanish, and they are not compensated with new growth.



Military Affairs from the Strategic Point of View

In reaching out the understanding of how Artificial Intelligence may be changing military affairs within the next ten years, let’s first create a model for military affairs in Figure 3. Military force is a composition of the will of people, organisational competency, personnel, and material resources. The force is in continuous interaction with the society that has created the force. The population is the source for will, education, and resources. The governance is the source for political guidance, mission, will, and priorities. The Clausewitzian triangle is confronting and sometimes in conflict with other compositions of force, population, and governance. Throughout the confrontation, there is the non-kinetic and kinetic power that is projected through several channels like military, economic, social, technical, diplomatic, ideological, and cultural to gain effect on the other side.



Figure 3: A model for military affairs

The AI effects on military depend on how the society and governance are applying the technology since it either enables or slows down the utilisation of military force. There are two strategic approaches where AI may create advantage:

  • Asymmetric capabilities in wielding the force in conflict situation and 
  • Cost-efficiency in the extended military enterprise.

How military is succeeding in gaining the advantage depends on their strategic positioning and the ability to execute the required transformations accordingly.


Strategic positioning in preparing for confrontation

The military can adapt either reactive or proactive posture in their positioning compared to their possible adversaries. Then they need to consider their risk aptitude to determine whether to take higher or lower risk approach. The outcome from the Gattorna (2010) model is four postures for military force in Figure 4: 
1. Proactive: 

  • Protective, risk lowering force is trying to sustain the already gained advantages by all-around improvement and strengths utilisation. The AI would be implemented as the AI enabled weapon systems to come available from the society and partners. They would implement restrictions to commerce preventing the possible adversaries to get the AI-enhanced weaponry. 
  • Pathfinder, higher risk appetite force is aiming to be first to implement the edge of the technology. They would be investing actively in R&D and develop unique AI enabled solutions and have strategic plans implemented to take the AI enabled leap first and gain hard to follow capabilities compared to their adversaries.

2. Reactive:

  • Evolutionary, risk lowering force is trying to keep up the deterrence by improving its capabilities composed of people, processes, and technology gradually but continuously without risking in losing the already gained abilities. The evolutionary force would invest in AI enabled technologies iteratively and possibly without holistic plan thus ending having several generations of AI systems.
  • Operational, higher risk appetite force is trying to gain an advantage by excelling in the execution of tasks. Doing things right with the risk that they are not necessary right things. They have better or more trained soldiers than the opponent. They can use better, or they have more conventional armament. They aim to be faster in deployment and manoeuvre. The Operational force may be the laggard in applying AI enabled technology unless it provides them better performance in force support (e.g., warehouse automation) or force generation (e.g., augmented reality training).


Figure 4: Military strategic postures applied from Gattorna (2010) model to estimate different approaches to AI technology adaptation

How military can adapt the best of the Artificial Intelligence, depends on where they stand in their process and force structure when they are generating, supporting and utilising their force. 


Military Affairs from Operational Point of View and their ability to use AI enabled services 

Military affairs can be modelled based on the three primary functions: force utilisation, force generation, and force support. There are other functions such as deployment and readiness or effect and protection, but they are not considered in this paper. Each of the three functions can be modelled using Ross, Weill, and Robertson (2006) model for enterprise strategy. They defined four operating models as per their standardisation and integration which is applied when defining general force structures in Figure 5 as follows:
1. Highly integrated processes:

  • Coordinated but less standardised force is divided into Service components, but it is commanded by a Joint level coordinating the effort of each component towards the same target. The AI service such as Augmentation may be utilised in helping Joint level commanders to make sense out of complex situation and provide troops with the faster decision than the adversary.
  • Unified and highly standardised force is divided into several regional Joint commands each having variable force structure. The higher command gives orders, measures outcome, develops future capabilities and defines processes. The standard force generation can be supported by augmented reality. The standard logistics can be automated entirely. The force utilisation can use coherently all AI enabled abilities cost-effectively.

2. Low integration in processes:

  • The diversified but less standardised force has Combatant commands that are fighting independently in their areas of operation. They generate and support their forces autonomously. The higher command gives missions to a combatant command. The force can use isolated AI enabled services within their functions, but a full force enablement may appear too costly or time-consuming.
  • Replicated and highly standardised force is divided into Joint commands that have similar force structure but are operating in separate theatres of war. Their force components are generated in a standard way, and the joint logistics provides related supplies. The force can use AI enabled services cost efficiently in training, logistics and force utilisation.



Figure 5: Process assessment of military affairs


What a pathfinder force could do today with real AI enablers, if their digitised structure is unified or at least replicated?

The following vision is created based on real AI enablers and features implemented in the civilian sector. The scenario is assuming that the force is following pathfinder strategy, has either unified or replicated processes, can learn as an organisation and adapt quickly innovative ways of doing business, is already digitised and possesses vast amounts of big data, has computing power available everywhere in the area of operation and can protect its cyber environment.


AI enforced Force Utilisation


  • All soldiers are supported by the augmented reality that is providing them specific information about the environment or the involved task.
  • Units are supported with autonomous vehicles (air, land, and sea) that are working together with humans, communicating by voice and adapting to complex situations
  • Weapon systems are automated in stable situations where the enemy cannot manipulate the detection. They identify friendly troops and neutral persons and deter the enemy
  • Commander is aware of the performance of his troops and their mental, physical and material resources on-time
  • Most of the surveillance and reconnaissance is done by connected sensors and analysed by AI enabled bots

AI enforced Force Generation


  • All training is accomplished either in virtual reality or supported by augmented reality.
  • Training of complex combinations of men and machines can be accomplished in hundreds rather than thousands of hours since AI provides massive part of the experience. Only physical fitness requires more effort.
  • Soldiers and commanders can be teamed into high performing teams without struggling with unfitting personalities
  • Training and exercise risks are minimised so there are no losses during the force generation
  • The readiness of reserves will be maintained higher since there are virtualised exercises for all officers and soldiers within their organic composition.

AI enforced Force Support


  • Warehouse robots and people are working aside in retrieving and storing goods. This has improved warehousing industry. 
  • Intelligent automation is supporting maintenance engineers in remote locations, all spare parts are manufactured on site, or the whole failure device is reproduced in operation
  • Robots and autonomous vehicles provide supplies
  • Logistics command has an on-time awareness of situation over the stretch of the supply chain.



2017-10-06

Information Operation ongoing between US and North Korea

Briefly About the Operation

There is evidence that the US Cyber Command has denied the Internet access from North Korea for several weeks during September 2017. Simultaneously, US Treasury has been tightening the financial embargo around North Korea and tries to freeze their foreign assets and transactions. 

President Trump is acting as the “Bad Cop” in social media ("Military solutions are now fully in place, locked and loaded") while Secretary Tillerson is the “Good Cop” and seemingly has ongoing dialogue with North Korean authorities.

This operation is ongoing while North Korea is trying to create a credible threat of nuclear head (last nuclear test was done 3. September) on a ballistic missile (last launch 15. September) that can threaten US assets directly. The credible nuclear threat has been the goal for three generations of Kims to create leverage to both domestic and foreign policy. 

Some Notable Features Concerning the Operation until Today


  1. USCYBERCOM was suppressing the North Korean only Internet link (provided by China Unicom since 2010) with Denial of Service. The attack seems to have been effective since it lowered the activity of known North Korean hackers. This means that not all of them work abroad.
  2. The Denial of Service (DoS) was said to stop on Saturday, 30. September. On Sunday, 1. October, a new trunk connection appeared provided by Russian railway and telecommunications operator (TransTeleCom). The second link, coming from different Internet infrastructure entirely, makes it more difficult in future to disconnect North Korean’s from the Internet.
  3. Last year North Korea made several attacks targeting Financial systems like Swift. They succeeded to rob about $ 81 M from Bangladesh. The North Korean cyber strategy has seemingly been: 1. Steal sensitive information from other Governments and Industry (South Korean military intranet and governmental smartphones), 2. Create fear and insecurity by launching virus attacks (WannaCry), 3. Steal money to finance the government (Lazarus group attacked Banks for example in Bangladesh, Ecuador, Philippine, Vietnam).
  4. US sees their national electric grid vulnerable to advanced attacks like HAVEX or BlackEnergy. While the US executes the “cost imposition” strategy against Russian and Chinese actors, the same deterrence is not valid with Iran or North Korea. Thus, the US is trying to deny their capability to launch cyber-attacks. The denial is accomplished both by increasing the robustness of the information systems controlling the electric grid and exercising the capabilities in denying the access to the Internet or disabling the cyber arms available to these countries.

Used References:

  1. Karen DeYoung, Ellen Nakashima and Emily Rauhala (September 30): Trump signed presidential directive ordering actions to pressure North Korea. The Washington Post, National security. https://www.washingtonpost.com/world/national-security/trump-signed-presidential-directive-ordering-actions-to-pressure-north-korea/2017/09/30/97c6722a-a620-11e7-b14f-f41773cd5a14_story.html?utm_term=.1c6dc0b101b7 
  2. Michelle Ye Hee Lee (13 September 2017). "North Korea nuclear test may have been twice as strong as first thought". Washington Post. 
  3. North Korea 'fires missile from Pyongyang'. BBC. 15 September 2017.
  4. https://www.nytimes.com/2017/03/04/world/asia/north-korea-missile-program-sabotage.html 
  5. Martyn Williams (October 1): Russian provides new Internet connection to North Korea. 38North. http://www.38north.org/2017/10/mwilliams100117/ 
  6. CSIS: North Korea's Cyber Capabilities. https://www.csis.org/programs/korea-chair/korea-chair-project-archive/north-koreas-cyber-capabilities 
  7. Charles Riley and Jethro Mullen (16 May): North Korea’s long history of hacking. CNNTech. http://money.cnn.com/2017/05/16/technology/ransomware-north-korea-hacking-history/index.html 
  8. US DoD Defence Science Board (February 2017): Task Force on cyber deterrence. http://www.acq.osd.mil/dsb/reports/2010s/DSB-CyberDeterrenceReport_02-28-17_Final.pdf

2017-09-19

Large Scale Broadpwn Vulnerability in Android and iOS Wi-Fi Connections

Definition

Billions of smartphones, both Android and iOS have the same Wi-Fi chipset from Broadcom (BCM43xx family). A recent study presented at Black Hat conference has revealed a major vulnerability in that chipset that opens the smartphone to attacks via Wi-Fi connection. The vulnerability is open on all devices before the versions iOS 10.3.3 (released 20 July) or the July security update for Android, which contains fixes for the flaw. The vulnerability allows an attacker to gain access at the chip level and write programs that can be running on that chip. The targeted phone or user does nothing additional nor does the user notice that device has been exploited.


This vulnerability is first of this kind of exposure (all iOS devices after iPhone 5; all Samsung Galaxy from S3 through S8, inclusive; all Samsung Notes 3; all Nexus versions 5 – 6P), exploiting peripherals not core, does not need any action from user and can be used as a network for worm.

Brief Description

The resourceful attacker develops a worm that exploits the vulnerabilities of the BCM 43xx chips. The attacker presents himself in some event that has many high-ranking officers attending. The attacker infiltrates few of the smartphones (requires only activated Wi-Fi) and installs the worm. When officers return to their command posts and headquarters, their smartphones start to infect other devices within the Wi-Fi range. After few days, the higher commanders and their staffs’ smartphones are prepared for the next phase. 


The attacker, depending on the situation, can exploit the remotely controllable botnet (networks of remotely controlled robots) either collecting all information achievable through microphones and sessions or, in the brink of attack, suppress all smartphone usage of affected officers. This may delay or disable to the reaction of the higher-ranking officers enough to gain the advantage on ground, air or sea (recall the reason for slow German response to the invasion of Normandy).

Recommendation


End-users and administrators:

  • Update all possible Smart devices with:
  • Android: 2017-07-05 security patch
  • iOS: 10.3.3

Military system architects:

  • Broadpwn is a textbook example of using a large surface with a small but innovative effort to tap sensitive information or suppress main information flows. 
  • Military architects should always provide strategic variety for critical information flows and mitigate the single points of failure.

Military Chief Information Officers:


  • No one mean of communications of information processing can be reliable enough. 
  • Always require parallel, independent options for business continuity.


References:


  1. https://www.wired.com/story/broadpwn-wi-fi-vulnerability-ios-android/
  2. https://www.theguardian.com/technology/2017/jul/27/broadpwn-smartphone-malware-bug-iphone-samsung-google
  3. https://blog.exodusintel.com/2017/07/26/broadpwn/

2017-09-15

Watch you Bluetooth usage!

There are BlueBorne vulnerabilities in Bluetooth connections


Definition

Bluetooth technology has been in use since early 2000, and over 8.2 Billion devices are using Bluetooth. Some of the older versions of Android, iOS, Windows, and Linux implementations have a vulnerability that enables remote commands on the target device. There are together eight vulnerabilities that are called BlueBorne. These vulnerabilities were found during Spring 2017, communicated to responsible manufacturers and have been patched in the latest revisions.

Brief Description

The attacker approaches the proximity of the Bluetooth device and connects through Bluetooth wireless connection using buffer copy, buffer overflow, integer underflow or Man-in-the-Middle attack to gain access to the target device, injects malicious software or captures user information.


Worst case is when an advanced attacker reconnoitres the target infrastructure and deploys a worm that uses BlueBorne vulnerabilities to spread over-the-air. Especially, air-gap isolated systems are vulnerable if the Bluetooth is not disabled.

What to do:

The following measures are recommended to mitigate the BlueBorne exploitation: 
1. Update all possible versions concerning the found vulnerability in:
  • Android: Before September 2017 updates
  • Windows: Before September 2017 updates
  • iOS: Pre-version 10
  • Apple TV: Pre-version 7.2.2
  • Linux: Before September 2017 updates
2. If the update is not available or not possible to upload, user should consider disabling the Bluetooth

3. There is a possibility that Bluetooth has other unrevealed vulnerabilities, so the professional organisation should control the proximity of their systems.

References

1. www.kb.cert.org/vuls/id/240311
2. www.armis.com/blueborne/



How military defend against commercial drones?

Threat of drones

Within a few past years, there has been a rise in the number of incidents involving small unmanned aerial vehicles (UAV, i.e., Drones). Insurgent forces in Syria and Iraq together with regular armies in Ukraine have used commercial drones to reconnoiter or strike targets. The defence industry is introducing various means to counter the UAV’s using force, signal hijacking, directional RF interference, directed energy, or other drones.

A Ukrainian serviceman operates a drone during a training session outside Kiev, November 6, 2014. © REUTERS


Iraqi troops are showing commercial drones used by ISIS in Mosul. © CENTCOM

Blunt force

A basic and low-tech solution is to knock out the drone with another object. SkyWall100 system from OpenWorks Engineering is a man-portable compressed air launcher that fires a 22-pound net to capture the drone and parachuting it down.

Signal hijacking

A more delicate countermeasure is to infiltrate and seize the command channel between the remote controller and the drone. The captured drone can then be guided to land in the safe zone. MESMER from Department 13 and UAV D04JA Jammer from Chinese Hikvision are systems that can take over the control of a UAV and direct it to safety.

RF interference

The more longer-range situation requires a system capable of detection, tracking, and disruption. A British made AUDS can detect a drone from 8 km away, track it and disrupt its flight by using radio frequency jamming. A French BOREADES system is an integrated system that uses radars, day-night optronics and UHD video to detect the drone and intercepts it by jamming or luring the navigation system onboard.

Directed energy

In a situation of multiple drones approaching the target at the same time, a straightforward countermeasure is to shoot them down with directed energy weapons. USS Ponce is already hosting the Laser Weapon System (LaWS) to counter threats from small boats to drones. Rheinmetall has laser-based products to counter both commercial and military drones. Chinese researchers have demonstrated a system in 2017 Black Hat conference that uses audible sound and ultrasound emitters to disrupt the microelectromechanical systems as accelerometers and gyroscopes on board a drone.

Other drones

There are several solutions of using other drones to capture hostile drones. One of them is the Drone Interceptor MP200 from Malou Tech that uses a net to capture the approaching vehicle.

Geofencing or electronic wall

The drone manufacturers program their drones not to enter denied areas.  The global positioning signals can be jammed to keep the drones entering denied areas.

Rules of Engagement

US DoD has issued a policy to military bases that they have full legal rights to shoot down private or commercial drones seemed to be a threat. This may apply to other separated military zones, but amongst the people and in public sites, the less violent measures need to be available.

RGP armed drone shot down by Syrian troops © ThinkDefence.co.uk

All US Army troops in operation develop a sensor plan that deploys both passive and active countermeasures against hostile drones. The action is straight forward: "Units must attempt to engage and destroy the UAV using any organic means available, typically small arms fires organic to the unit while simultaneously relocating the unit."
Some airports in Ireland have established a “no drone zone” which is a control measure to ensure there are no drones around departure or approach routes. If a drone is sighted, aircraft is put on hold to clear the path.
Police officers in the UK can only instruct the drone operators to land if they approach sensitive sites or become a safety issue.
Israel Defence Forces do shoot down Hezbollah drones violating Israeli airspace.


References:

Pomerlau, Mark: Army releases counter-drone training document. C4ISRNET. 25. April 2017. http://www.c4isrnet.com/unmanned/uas/2017/04/25/army-releases-counter-drone-training-document/
Defence IQ press: A timeline of the rising small UAS threat. Defence IQ 10.2.2017
https://www.defenceiq.com/defence-technology/articles/a-timeline-of-the-rising-small-uas-threat
Dutta, Sumit: This is how militaries can defend against drones. Defence IQ 14.8.2017 https://www.defenceiq.com/news/this-is-how-militaries-can-defend-against-drones
Goarant, Barbara: CS presents BOREADES. CS official pages. http://www.c-s.fr/CS-presente-BOREADES-son-systeme-de-lutte-anti-drone-a-l-occasion-de-la-demonstration-dynamique-organisee-par-le-SGDSN_a765.html
Silva, Richard De: No Drone Zone. Defence IQ September 2016. https://plsadaptive.s3.amazonaws.com/gfiles/_nilr3emag_-_countering-drones_-_defence_iq_-_oct_2016.pdf?response-content-type=application/pdf&AWSAccessKeyId=AKIAICW5IOYOPOZOU3TQ&Expires=1505470510&Signature=9HweRD7Pn612TpoQ1Dn54DhID6U%3D
Pavluk, Joshua: Four counter-drone technologies we need now. TechCrunch, 23. February 2016. https://techcrunch.com/2016/02/23/four-counter-drone-technologies-we-need-now/

2017-08-31

Russian Turla Group Attacks at Governments and Diplomats

Definition

Russian Advanced Persistence Threat group called “Turla” has been using special espionage attacks against Governmental agencies and Embassies for past year. The backdoor software has been recently detected and “Gazer or Whitebear.” It is very clandestine malware trying to be as unnoticeable and undetectable as possible. The backdoor software collects information from the target and sends it to the controller.

Brief description of scenario

Gazer is distributed via spearphishing email that infects the target with first stage backdoor such as “Skipper.” Skipper downloads Gazer as the primary payload. Gazer uses 3DES and RSA encryption and stores its configuration within the Windows Registry. Gazer wipes files, changes code strings and looks like a video game to remain secret.

Mitigation

The following are some security measures recommended to lower the probability of Gazer type attack: 

  • Security architecture should include several layers to create depth for cyber defence
  • The security operations should be able to monitor 24/7 the traffic flow from and to defended domain
  • There should be more than one layer of virus detection using different detection applications
  • End users should be trained for awareness against phishing attempts



References


  1. https://www.welivesecurity.com/wp-content/uploads/2017/08/eset-gazer.pdf
  2. https://threatpost.com/turla-apt-used-whitebear-espionage-tools-against-defense-industry-embassies/127737/
  3. https://www.scmagazine.com/turla-apt-group-linked-to-gazer-backdoor-that-spies-on-embassies/article/685230/
  4. http://securityaffairs.co/wordpress/55915/apt/turla-javascript-malware.html
  5. https://www.cyberscoop.com/kaspersky-whitebear-turla-russia/

Wireless Local Area Network Man in the Middle Attacks

Definition

Open wireless local area network (Wi-Fi or WLAN), connections in café's, hotels, malls, airports, airplanes and other public places, provide easy and free access to the Internet with a wider bandwidth. Unfortunately, an open and unsecured wireless local area network allows anyone to receive victims traffic and launch a Man in the Middle attack (MitM). Even if the victim is securing the communications for essential services, unsecured communications may reveal the victim's password if they are reused in several services.

Brief scenarios

A hacker creates an “evil twin” Wi-Fi access point in the same premises that open Wi-Fi is expected. Once a victim launches unsecured sessions, a hacker can capture all traffic. Another way is to listen to the public Wi-Fi traffic over unsecured access and sniffing “session cookies” to acquire passwords. If the victim further allows file sharing over the Wi-fi, hacker plants software into the targetted device to execute malicious deeds.
Even if the Wi-Fi access is secured, but the password given to the public is simple, seldom changed or easily cracked, a hacker can obtain the traffic.

Protection

There are the following ways to prevent a probable Man in the Middle attack:

  • Use Virtual Private Network but acknowledging that researchers have studied 283 free VPN apps on Google Play and found that 50% of them store client’s traffic for their use, 38% of them injected malware or malvertising. About 18% of them did not encrypt the traffic. So, use only professionally provided VPN services (Ikram et al., 2016).
  • Use Secure Sockets Layer (SSL), i.e., sessions using https.
  • Turn off sharing by choosing ‘Public’ option from Operating System
  • Keep Wi-Fi off when not using it.


References

1. https://usa.kaspersky.com/resource-center/preemptive-safety/public-wifi-risks
2. http://www.huffingtonpost.com/michael-gregg/six-ways-you-could-become_b_8545674.html
3. http://www.npr.org/sections/alltechconsidered/2017/08/17/543716811/turning-to-vpns-for-online-privacy-you-might-be-putting-your-data-at-risk
4. http://www.icir.org/vern/papers/vpn-apps-imc16.pdf

2017-08-19

Controller Area Network (CAN) standard ISO 11898 data link vulnerability

Description

The Controller Area Network, CAN is the most common (in US the only legal) intravehicular databus standard ISO 11898-1993 for road vehicles. It allows all “Things” within the vehicle to communicate with each other. A university level research (Palanca and Zanero, 2016) has found that normal protocol at CAN link layer intended to handle malfunctioning nodes can be manipulated. 

Since the MILCAN (Open standard for military vectronics) is based on same ISO 11898, although rugged, there might be similar vulnerability within military vehicles (Majoewsky and Davies).

Case of exploitation

An attacker couples into CAN bus, receives the error frames, multiplies and forwards them further causing a Bus Off State to targeted subsystem. This means that targeted system is not listened anymore within the CAN bus i.e. the vehicle does not function as system of systems anymore. 

The coupling is easiest accomplished by connecting additional device into vehicle CAN bus. There is also possibility to use some wireless devices attached to CAN bus. In civilian vehicles, this may happen through Infotainment devices (radio, mobile phone) as happened in Chrysler Jeep hacking 2015 (Miller and Valasek). In military vehicles the vectronics is used more widely to connect sensors, weapons and C3 systems to vehicle. Thus, direct ways to effect the bus are available. Would there be one worm that can take down the fleets of military vehicles when they are dearly needed?

Mitigation

There are no software updates available and since the vulnerability is in the standard protocol itself, it requires to be changed. There may be some technical mitigation measures as follows:
  • Network segmentation or topology alteration
  • OBD-II diagnostic port access
  • Encryption

Universal Serial Bus (USB) communications crosstalk vulnerability

Description of vulnerability

The Universal Serial Bus, is a straightforward way to connect peripheral devices to each other and computer.  The USB is asymmetrical in its topology, consisting of a host, a multitude of downstream USB ports, and multiple peripheral devices connected in a tiered-star topology. A USB host may implement multiple host controllers and each host controller may provide one or more USB ports connecting up to 127 devices. Some of those devices send sensitive information (passwords from keyboards, fingerprint readers, card readers, etc.). 

According to research in University of Adelaide, Australia, over 90% of tested 50 different computers and external USB hubs are leaking information to other ports within the hub/device (Su, Genkin, Ranasinghe and Yarom, 2017).

Exploitation case


An attacker: 
  1. manufactures cheap USB devices and includes USB receiver and communications means. Personnel buy these devices and plug them into their computers or USB hubs. 
  2. Manipulates USB memory appliances and leaves them to be found by targeted people. Studies show that 75 % of found memory sticks dropped on the ground were picked and plugged into a computer.
The acquired USB device receives all data that is transferred through the channel between other devices; recognises important data as passwords, ID’s, profiles; and sends them to the adversary.

Mitigation

There are no software updates available to mitigate the problem. The USB standard needs to be redesigned. Meanwhile, the following measures may help to restrict the exploitation:
  • End users should be trained not to plug any unknown or unauthorised USB device to their systems
  • Armed Forces should ensure that the USB devices provided to them are coming from audited manufacturers, are supplied through controlled supply chains, and are tested before distributed to use.
  • Encrypt all traffic that is send over USB

2017-05-30

Another cyber worm is loose on the Internet from the stock stolen from NSA

WannaCry was just one of the many exploit platforms that were stolen from NSA and now roaming on the Internet. EternalRocks worm is using same SMB vulnerabilities as WannaCry and three other attack vectors. It has not been weaponized yet, meaning that it does not have malevolent features added, but it has been infecting Internet-connected computers apparently since 3 of May.

The EternalRocks worm is an ideal platform that cyber attackers are using to prepare the target for more malicious effects. The behaviour of the work is as follows:

  • In the first stage, the worm uses SMB vulnerability to install itself on the computer. It also downloads .NET components and TOR browser together with C2 communications node.
  • Then it remains passive for 24 hours to avoid detection or analysis with sandboxing (sandboxing is used typically as virtual isolation between the Internet and closed networks to monitor downloaded the program for malevolent behaviour).
  • In the second stage, the worm uses TOR browser to download more executable files. Then it starts a random scan of opened SMB ports on the network it is connected. Once detecting a vulnerable target, it pushes the first stage exploitation to it.

The EternalRocks is such a clandestine worm that only with strong network visibility and monitoring tools, the traffic will be detected.

The military should be careful to ensure that their Internet-connected Microsoft operating systems are updated, and there is a strong monitoring and analysing function in place.

2017-05-07

A Structure of Military Enterprise


The paper provides Enterprise Architect with a business level view of the enterprise structures military have been using to generate, sustain and project the force.  It also presents an evolutionary model that the military enterprise has developed at the strategic level. The attempt is to provide military Enterprise Architects with a simple tool to assess current structure of the military enterprise and create viable options for the development at the strategic level. The paper uses critical realism to describe the changes in military enterprise structures and inductively build up a model that explains its evolution.

A Generic Model for War and Military Affairs

Since the birth of city-state, war has been a constant feature of civilization. Strategies have varied from capturing assets, gaining ransoms, annihilating the main force of adversary, destroying the basis for the economy, exhausting the source of power of the adversary, suppressing the political decision making, and transforming the public opinion.  The utilization of military force has been the main way in gaining these strategic goals.
Military force is not born in isolation. Nor is it yielded alone but in connection to both society and its governing body i.e. political leadership.  Clausewitz defined the triangle of political leadership, society, and military force pictured in Figure 1. 

Clausewitz observed the Napoleonic wars and their political nature stating that war is the continuation of politics by other means.  Lenin enforced this relationship creating a doctrine for the war of classes. He declared that the struggle continues at the political level when means of war are insufficient.  This was implemented successfully by Stalin after the II WW. 
The triad and their interrelationships are a source of power but also potential target to the adversary. Keys to winning a war have been equally the annihilation of military force, capture or suppression of political leadership, turning the public opinion of the society against the other two, or isolating either of the entities from the others.  

When two societies confront each other in some area of interest, there is a possibility that confrontation  escalates into a conflict . In conflict, a utilization of military force is possible since political leadership may not think of the outcome but only resolving the current conflict with available forces in Figure 2.  

This model is very military oriented since it does not illustrate the other lines of projecting power i.e. political, economy, and social.  The paper will add later these lines of force projection into the model.

A Model of Military Affairs

The basic capabilities  of a military organization in achieving the desired effect in a specific operating environment can be modelled as a value creation network pictured in Figure 3,

which is composed of force utilization, force support, and force generation functions.  These core functions may be defined further by readiness, deployment, projection, modernization, knowledge, engagement, manoeuvrability, or protection. The basic functions are further illustrated in Figure 4. 

The force utilization  means that force elements are deployed in operations to project the military force of destruction or threat of it. Use of force is the primary way to affect the adversary’s triadic structure. The avenues or dimensions in delivering the effect are typically space, air, maritime, land, electromagnetic and cyber.  Other dimensions in battlespace may also be resources and time. All the dimensions are at the physical level but changing the human behavior; the physical event needs to be translated into information, which needs to be received by a human to change his/her behavior.
  
The main tactical ways in force projection are engaging, maneuvering and protecting. Force elements maneuver to get into the reach of their targets and to be able to mass their combined arms effect. The engagement with vulnerable and crucial targets enough in the adversary systems may create network effect and suppress the entire system. Protection is to prevent own losses and take care of the society that military force is defending.
The force support means the ability to maintain constant intensity and duration of operational activity to achieve military objectives.  Force support extends out from the military organization using supply chains that may be global in reach, which means dependence on a larger network of value creation.  Supplies are required to sustain the fighting power. Disabled parts of force element need to be evacuated from the battlefield and restore their ability to fight. It is essential to evacuate wounded to sustain their health and prevent the loss of morale.

The force generation or production brings together doctrine, people, and equipment forming them into force elements with the desired capabilities. Force generation is a continuous process to develop operational and organizational concepts and then combines them with technologies, material, workforce, and limited resources to produce combat capability. 

Training of troops is most visible part of force generation. Armed Forces recruit their members from the society either by hiring voluntaries or acquiring them through compulsory military service.  By combining people with military equipment and doctrines, The Armed Forces provides basic and special competency for these members to be able to defend their society. Once achieving sufficient level, this capability is either provided to combatant commands as force elements or send to reserve for possible later need. Training needs to be refreshed before sending reserve force into operation. The force generation also includes the development of material based capabilities by acquiring and integrating them into existing force structures.

The interconnected system of military affairs is commanded and controlled by command structure that extends towards all stakeholders of the value-creating network with contracts and obligations based on legislation. The national law can control only domestic resources. Thus, coalition structures are needed to ensure the strategic durability for a nation.

Evolution of Dimensions in Military Conflict

The ways of engagement in the military conflict have evolved with the development of society described by Toffler (1980)  and technology described by Bousquet (2009) as pictured in Figure 5. 

There is a long history of military action beginning with the first documented battle of Mediggo in 1469 B.C.E. on land (and later, on the sea ) mainly projected by agricultural production which provided some urban centers. The main strategy for force projection in first wave society was massing of people with adequate weapons to annihilate the military force of the adversary.

When agricultural societies were migrated to industrial, their military forces evolved accordingly. Machines that could maneuver below the sea surface  and in the air  were invented and found useful in projecting military force. The new physical dimension of electromagnetic spectrum was invented and besides radio communications, was used in WW II to gain a tactical advantage in the Battle of Britain. Electronic Warfare (EW)  is the use of the entire electromagnetic spectrum and its properties to achieve a military advantage over one’s opponent or to reduce disadvantages. It consists of Electronic attack for engaging, Electronic protection for protective actions, and Electronic warfare support to search for, intercept, identify, and locate or localize sources of intentional and unintentional radiated electromagnetic (EM)  energy to immediate threat recognition, targeting, planning, and conduct of future operations. The main strategy for powerful force projection in second wave society was massing of material, weapons, and fire to annihilate adversary’s military force, suppress her government or harm the society that is providing it.


The third wave society invented Cyber  dimension, a human-made environment where digital information is processed, transmitted and stored. The cyber warfare includes actions by parties to penetrate another stakeholder’s computers or networks for causing damage or disruption . Information becomes the main enabler for massing effect in adversary’s systems attacking the “schwerpunkt” , centers of gravity. Information and cybernetics also become the force enabler that has the potential to transform military forces more than any single weapon system before.

Strategies used in military structuring

Military affairs and their structure can be studied considering their strategy and doctrine. The strategy of an organization is typically reflected in its processes, arranging the units and values . This paper is using a model developed by Jeanne Ross, Peter Weil and David Robertson (2006) to analyze operating methods of an organization.  The model defines two dimensions of process integration and process standardization. These two dimensions are divided into four areas of differentiation in process approach: Diversification, Replication, Coordination, and Unification as illustrated in Figure 6. 

Diversification strategy is evident for least standard and integrated organization, where smaller, independent forces are conducting operations independently in separate areas of operations. They are autonomous in their command, functions, support, and most of the development. The independent forces fight differently, support their action and develop their forces uniquely. These military organizations are usually hierarchically arranged, and value is created vertically along the lines of command.

Replication strategy is mainly after standardized processes that enhance operational efficiency. The goal is to execute standardized affairs faster than the adversary. Tactically and technically the forces are similar, but they are engaged in different areas of operation. The Commander in Chief is controlling the force production and support to maintain and improve standardization. There might be an inspector governance that is guiding the development of arms capabilities and force production.

Coordination strategy is mainly after integrated processes that aim to optimize the operational effect. Multi-arms effects are used to engage a joint adversary in each area of operation. Operational level autonomy of force utilization is enabled by coordinated efforts of force production and support. The Commander in Chief is coordinating the effort of each, possibly specific, force element. Coordination requires pervasive command and control system.

Unification strategy is a combination of integrated processes and standardized force elements. The strategy aims to maximize operational effect and effectivity through similar force elements all facing the same kind of adversaries in their area of operation. Processed are owned by the Commander in Chief or his staff and developed centrally. The maturity of processes enables deep specialization of units since they are always used in combined arms and joint manner.

The evolution of military structures

The following sections will elaborate the various stages in the evolution of military affairs and their structures.

Diversification as natural outcome of evolution

I hope none of you gentlemen is so foolish as to think that aeroplanes will be useful employed for reconnaissance from the air. There is only one way for a commander to get information by reconnaissance, and that is by the use of cavalry. 
General Sir Douglas Haig addressing the British Army Staff College in summer 1914.

The subsequent evolution of Services has diversified them naturally. First land or ground forces were created to protect agricultural assets. Then naval forces to protect critical channels for commerce. Lastly, air forces to utilize industrial technology for mobility and provide a strategic advantage over both land and naval forces. All three Services are fighting their war facing their equivalent adversary in land, sea, and air with only secondary support to each other.  Their force generation and development are different from the others, and they need specific support and supplies as illustrated in Figure 7.

The combined arms tactics for land forces was invented and developed by Gustavus II Adolphus (1594-1632), who maneuvered with a combination of infantry, cavalry, and artillery (fire, maneuver, and protection) preferring movement and attack over fortification. He dismantled the companies and regiments that troops were mobilized to “svadroons (500 soldiers)” and brigades (1500 troops), operational task forces. He was also the first to use replication strategy when he standardized each arm to have pistols with the same caliber, same size swords with cavalry, same caliber muskets with infantry and first light, mobile, regimental artillery with a controlled variation or their caliber. He also rearranged the generation and mobilization of his force were arranged with “rusthol” principle where a farm was to provide a rider, horse, and weapons when called and sustain this resource by providing new “Hakkapeliitta” if the previous died.  He was also the first to use mandatory armed/national service called “värnplikt” to recruit conscripts to fill the ranks (råd). 

The modern, multi-capable air force was created by Germany 1933 – 1939. With training support from the Soviet Union, German aircrew was generated already 1924 in the secret air bases. Due to the constraint resources and geopolitical reality, the Luftwaffe did not adapt Giulio Douhet’s ideas for strategic bombing but developed more close air support capabilities for ground operations and protection of the main land assets. This provided the Luftwaffe with more flexible air force capabilities that its future adversaries who were concentrating on building strategic bombing capabilities.

The command and control topology is following basic commander – staff structure illustrated in Figure 8. 

Commander in Chief (CIC) has all three Services directly under his command. Each Service is confronting their adversary in their dimensionally constrained area of operation. CIC is supported by Headquarters (HQ) providing strategic guidance, sufficient future views, expert advice, and administration support. There is little or no need for coordination between Services as they are independent at tactical and operational levels. Commanders of the Services are deciding both issues in current operations and building future capabilities. Moltke Sr. (1800-1891)  was one of the first to decentralize command and control of this line-staff organization by introducing mission. Instead of orders (Befelhle), he preferred instructions (Weisungen), that provided subordinate commanders with freedom of action as situation emerged.

The Diversified Services with only strategic level Commander in Chief structure is quite usual for peacetime armed enterprises. The Swedish Armed Forces were arranged this way before they launched the revolutionary transformation mid-1990s. Most of the European NATO countries had this structure until the transformation launched after the London Declaration 1990.   NATO updated its command structure 2003 still following these traditional lines.  USA forces were structured this way until 1983  when they established the unified combatant commands to execute operations in geographic areas of responsibility directly under the leadership of the president of US. The Services remained hidden in the structure renamed as component commands. 


Seeking for coordination and unification 

It takes all our Services together plus the industrial efforts of our Nation to win any major war. 
General Omar N. Bradley

The Luftwaffe also introduced first ground-to-air communication system that made a difference in Battle of France.  After the success in flanking French and English forces , the mobile, combined arms tactics of armored forces and close air support was used in Operation Barbarossa launched 1941 against the Soviet Union.

Armed forces have started to seek coordination and unification as their adversaries’ doctrine has evolved more towards combined arms tactics and joint operations. In particular areas of operation, no one Service can sustain their force or fight with success. The availability of combined arms/Branches/Services capabilities in operation opens more options for the commander to counter the enemy courses of action.  The Joint Force also allows the operational commander to pose multidimensional threats to the enemy as illustrated in Figure 9.

The co-operation between Air Force and Land Force that the Wehrmacht invented back in 1930’s was reinvented by NATO and launched as AirLandBattle in 1982.  It was coordinated engagement against all three echelons of Soviet armored troops at the same time. 

The principle of unified action become more important as an adversary was unifying their effects delivered by each Service. Also, the efforts of other than military forces were included into this unification. Thence unified action becomes “a comprehensive approach that synchronizes, coordinates, and when appropriate, integrates military operations with the activities of other governmental and nongovernmental organizations to achieve unity of effort“.  This gradually led to the introduction of Joint Combatant Command, which was organized for mission or theater particulars and had both Joint and Service components. The coordination of force utilization led into defining joint functions like Command and Control, Intelligence, Fires, movement and maneuver, protection, and sustainment. These functions were to integrate both each other and the operational and tactical functions of each component. 

The force generation and to some extent also force development still maintained its diversity and autonomy within each Service.  The Service becomes a provider of force elements, and their force utilization was controlled by component command subordinated to joint combatant command. The USA was amongst the first to adopt this structure in 1983.   The rest of NATO followed starting from 1990.

The tail of armed force has sometimes been reformed following the unification strategy. Namely, logistics has been considered like other Services, and standardization of supply and service functions have promised improved efficiency. Joint logistics was considered as art and science of planning and carrying out, by a joint force commander and staff, logistic operations to support the protection, movement, maneuver, firepower, and sustainment of operating forces of two or more Military Departments of the same nation. 

The organization of military force, after reforms in coordination and unification, may remind of the model presented in Figure 10. 

The commander in chief is supported by general staff headquarters to manage the strategic level. The actual operations are divided into missions or theaters under a Joint Combatant Command that utilizes force elements in coordination. 

The Services produce and develop force units and provide them for the Combatant Command. Logistics are mainly arranged under one unified Support Command that provides support to both diversified Services and cooperating Commands. 
The defense of UK after 2010 Defence Reform Review achieving its full operation on 1st April 2014 , is one representative of this model for defense affairs structure as illustrated in Figure 11. 

The Permanent Joint Headquarters and Directorate Special Forces are commanding all operations abroad. Force elements are provided by Navy, Army, Air and Joint Commands. Both combatant commands and development commands are enabled by enterprise services provided by Defence Business Services, Defence Infrastructure Organization, Science and Technology and Ministry of Defence Police. The supply chain required to provide armed forces is managed by Defence Equipment and Support and Information Systems and Services.

Optimizing the effect and consumption of resources

The operational space has evolved into three levels (physical, information and cognitive). Besides the military line of operation, there also available other ways to project power namely political, economic and social as illustrated in Figure 12. The dimensions of military operations at physical level have evolved to include space, air, maritime, land, electromagnetic, and cyber.  

As the complexity and spectrum of operations, where armed forces are utilized, is increasing and value chains, where armed forces are sourcing its resources, are becoming longer, the unification of fully joint force is often sought. NATO was calling this doctrine as “Comprehensive Approach” since 2011 when they updated the list of tasks in NATO Action Plan. 

Multiservice force provides symmetry of capabilities that protects against asymmetric threats of the enemy. Multiservice capabilities also provide the commander with a wider spectrum of options at a technical, tactical and operational level to strike against vulnerable points of enemy structure. This way commander has more courses of action to unify the effort in massing the effect at enemy centers of gravity.  The enterprise model for unified force is illustrated in Figure 13. 

The Combatant Commands, defined to project force in all four lines of operation, are provided with specialized units fitting best for a concept for operations. They are coordinating effects also delivered by multinational force units and both governmental and non-governmental organizations, not under the military command. The ISAF 2001-2014 was one of the widest spectrum and diversified operations in enabling the Afghan government to provide effective security across the country and develop new Afghan security force . At its height, it included troops from 51 nations. About same time UN was investing in Afghanistan around 291 million dollars via 30 different UNAMA projects to achieve sustainable and profitable development through local communities.  Besides of this, there were UNHCR, Red Cross, Red Crescent, and many other organizations effort in place.

The force generation still includes dimensional specific features in troops training but for example simulation training is growingly provided in combined arms context. There is also a tendency to expose troops to combined arms live fire before sending them to operations or reserve. Some countries, like Sweden, have merged their Service Commands to Joint Commands for operations, production and support. 

The supply chain that is needed to support both force generation and force utilization is a global interdependent value chain.  The demands for more accurate support are meeting more constrained and degraded logistics resources. The solution is globally integrated Joint Logistics Enterprise . The supply chain composed of modularized supply nodes  that are connected by information and transportation networks. This Globally Integrated Logistics can provide support agiler and on-the-need basis allowing leaner force elements in operations. The development of technology increases the demands for specialized logistics, but on another hand, it simplifies more material oriented parts of logistics. The three-dimensional (3D) printing or additive manufacturing enables the production of spare parts, artificial organs, and housing facilities just-on-time within the area of operation (AOO) from simpler ingredients.  The service-oriented architecture, object oriented programming and software-defined features enable new ICT services produced in the AOO just by configuring readymade applets or release of new software components. 

The planning, preparation, and execution of the joint operation are far more complex than any single Service operation.  Thus, the traditional military command and control are too constrained way of governing the military enterprise. The value chain supporting current operations both with supplies and new force elements is mainly process based and trust between different entities in the chain is maintained by agreements and contracts as pictured in Figure 14. 

The operation command is more orchestrating the value chain than issuing orders to subordinates. Orchestration means operational analysis, clear intent and its communication, coordination, synchronization and assessment of combined and joint efforts to gain integrated and multiplied effect in adversary’s system.

The Swedish Armed Forces  are one of the closest to the model of a unified value chain enterprise as illustrated in Figure 15. 

The Commander in Chief is supported by Armed Forces Headquarters consisting of three staffs: Planning, Joint Forces Command, Training and Development Staff. Joint Force Command is responsible for all operations and command of force elements in operations. Training and development staff is in charge of force production, logistics, and medical services.  Directly under the Ministry of Defence is the Defence Materiel Administration (Forsvarets Materielverk)  responsible for material development and sustenance. Also in the UK, a discussion has surfaced in about merging the current air, land,  and Navy organizations.  

Further control over the forces available for politics

The Russian command structure for force utilization  is recently evolved to remind of more holistic approach as per the Lenin/Stalin heritage, where military force is just one tool for intern and international politics. They have multipolar theaters of operation as illustrated in Figure 16. 

All means of force are used under the National Defence Control Centre headed by the Supreme Commander. Operations can be commanded by five Joint Strategic Commands. National Guard, Intelligence organizations, Armed Forces or any of the non-governmental (NGO) organizations can provide troops and services for Joint Hybrid Operations.

The wider basis of troops enables addressing both in-state and international threats in an optimal way, for example, using “little green men”  in manning Crimea but denying their clear identification or having Night Wolves motorcycle club arranging celebrations of annexation . 
The Russian arrangement emphasizes the Federation’s need to have a flexible source of forces under one control and commanded by specialized Joint Command operating in all dimensions of force utilization. This is an example of statewide coordination over all available means of force whether military, media, social, economic, or non-governmental.