AEDC Innovation Grant research generates tactical solution for test facility security.

Interface could save money, increase test time

ARNOLD AIR FORCE BASE, Tenn. – Engineers at Arnold Air Force Base have researched the use of a Cross-Domain Solution, or CDS, interface to allow plant operations systems outside of the plant control room to remain unclassified during classified test programs.

Scott Howard and Greg Halliburton, Department of Defense team members with the Arnold Engineering Development Complex, Test Information Systems Section at Arnold, along with members of the Controls Design team with the Test Operations and Sustainment contractor, National Aerospace Solutions, worked to determine whether plant control parameters could be normalized with the addition of a CDS.

According to Howard, an Instrumentation, Data, and Controls, or ID&C, engineer, this research was done as part of an AEDC Innovation Grant, and while the CDS interface is not currently in place, it is one of several options being reviewed. 

“The grant helped determine that the use of CDS would be a feasible option,” he said. “It would reduce maintenance costs resulting from security requirements and reduce concurrent testing conflicts. It would also increase test throughput.”

With the current procedures in place for changing classification levels, starting a new test is not always a quick process.

“Routine inspections and maintenance of protective distribution systems, or PDS, in plant create a significant cost burden to both AEDC and test customers,” Howard said. “With the anticipated advanced programs coming in the future, the current cost will easily increase by hundreds of thousands, if not more.”

Plant control systems that are directly associated with setting test facility conditions are required to become classified whenever a test program is classified. Therefore, having classified plant systems has an adverse effect on turnaround time when there are multiple active test projects due to the declassification procedures required to change between classification levels.

 “Implementing this innovative solution would prevent plant control systems from requiring a classification higher than CUI (controlled unclassified information),” said Chris Carr, AEDC ID&C engineer. “We would still be able to meet the security constraints without hindering Plant operations.”

Carr also explained what exactly a CDS is and how it works.

“A CDS is a capability that allows interoperation of systems of differing classifications,” he said. “This takes the form of a device that acts as a ‘guard’ that selectively blocks, allows or redacts data and prevents unauthorized network access.” 

Carr noted that three mechanisms are required to implement such a solution: a means of determining security level of content, a means of filtering that content per the security relationships and a means of controlling network flows without breaking the transport protocols in use.

“CDS systems already exist as National Security Agency-approved and certified solutions that have demonstrated proven performance and effectiveness in actual DOD use,” he said. “Such a solution shows great promise in assisting with the demands of security requirements and the requisite hardening and inspection of associated AEDC communications infrastructure.”

The CDS capability is already in use by the warfighter, enabling information sharing across different security domains in tactical vehicles, aircraft and dismounted soldier systems, according to the General Dynamics website, maker of the Tactical Cross-Domain Solution, or TACDS. The General Dynamics TACDS was used as part of this AEDC Innovation Grant project.

Sloan Campbell, a new AEDC ID&C engineer, was involved in setting up the CDS testbed and capturing data to be analyzed and reported back to the government customer. Based on the group’s findings, Roger Vaughn, AEDC ID&C functional manager, said he thinks that the CDS interface could also be beneficial to AEDC test facilities.

“CDS would allow testing to occur in a more efficient manner and would be an effective way of continuing our current procedures without derailing what we’re already doing,” he said.