APT & Targeted Attacks
Should We Control a Submarine From the Cloud?
DARPA, which engages in technology research for DOD, is looking for innovative ways to use the cloud to execute applications “when the applications are minimally specific to the particular resources in use,” according to the post on FedBizOpps.gov.
The agency [DARPA], which engages in technology research for the DOD, is looking for innovative ways to use the cloud to execute applications “when the applications are minimally specific to the particular resources in use,” according to the posted on FedBizOpps.gov. “
To date, the cloud computing paradigm has not been effectively exploited in embedded military applications, for reasons related to performance and correctness constraints,” DARPA said in its solicitation, adding that it’s seeking “revolutionary” ideas to overcome those historical constraints.
Embedded applications the agency wants to use the cloud for include applications for command and control of a submarine, in-field data or analysis apps, and image-data processing systems that unmanned aerial vehicles use on board, according to the solicitation.
The definition of “the cloud” seems to be so fuzzy that it’s ok to say you want to use it “when the applications are minimally specific to the particular resources in use.”
I have no idea what that means.
What I do know is that it’s unlikely that the cloud as it’s commonly described is going to be able to provide mission-critical in-field military apps anytime soon. The key words here are “mission critical.” Here’s why:
- Most clouds today aren’t as high availability as non-virtualized environments, with most providers offering three nines availability (99.9%) while other architectures are capable of delivering five or more nines (99.999%).
- Clouds require networks which are relatively easy to disrupt. You don’t have to hack the signal to break the cloud, just mess it up enough that it’s not a signal anymore.
- Clouds require networks which are power hogs, and in the field during military operations, power is at a premium, especially for extended operations.
- If a cloud or network gets compromised, your military assets could be turned against you. Ouch!
A better model for using “clouds” with the military is the ambient cloud model where processing and autonomic behaviors are as distributed as possible, tied to a high availability cloud-based command and control center. The trick here is that connectivity to the cloud will be erratic and spotty in the real world, so the set of cloud enabled military equipment forms an ambient cloud, but commanders can only change instructions whenever a piece of the cloud “checks in” with command and control.
An awesome parallel to this model is the Trend Micro Smart Protection Network which has 100 million nodes connected in an ambient cloud model. The nodes use the Trend Micro cloud for threat information when they’re connected to it, but if they’re not connected, they function like they should. This is WAY more power efficient than using a centralized cloud model, which would require building a massive data center to handle the approximate 5+ billion urls we process every day.
That said, there’s some funny weather joke to be had when you think about using a cloud to control a submarine….it’s right on the tip of my mind.