Army pushes enterprise systems on a wide front

The Army’s Program Executive Office for Enterprise Information Systems stands on a number of operational pillars. And like many of them, what are perhaps the office’s two most important pillars — Army Knowledge Online and business process improvement through enterprise resource planning — consist of ones and zeros.

On the surface, the thread that binds those digital programs together isn’t readily apparent. It’s there, though, when you look closely, PEO-EIS managers say.

“PEO-EIS programs are much more connected than the naked eye can see,” said Gary Winkler, PEO-EIS' program executive officer. That’s partially because of the office’s commitment to use commercial hardware, software and communications/computing infrastructure gear. “All of our programs are based upon commercially available IT, as opposed to custom-developed products that don't already exist,” Winklersaid.

All of the office's ERP systems use the Army Knowledge Online single sign-on for user authentication to the application/system, Winkler noted. In addition, AKO is the Army’s enterprise collaboration system for rapidly transferring information among all users, he said. For example, Arabic translators use AKO to translate information and enhance identity management capabilities that are necessary in force protection and anti-terrorist activities.

Because PEO-EIS’ systems affect users throughout the Army, Winkler’s office has established the Field Synchronization Directorate "to enhance user coordination associated with system fielding and support activities. Scratch through the surface of PEO-EIS systems, and you will quickly see how they are indeed all related to each other" and how ERP and AKO in particular have evolved, he said.

ERP Challenges

In the private sector, plenty of ERP implementations have exceeded their timeline by more than a year, busted their budgets to the extent that they would have set off a Nunn-McCurdy restructuring if they were in the government world, and then never fully realized their promised business benefits.

PEO-EIS managers say they are fully aware of the pitfalls of ERP implementations, and that’s why they’re taking a holistic view of all the implementations under way to avoid incompatible solutions.

“With these huge, integrated, process-based platforms, you really have to take a more holistic view of the end-to-end business processes, otherwise it becomes very difficult and expensive to make the thing work,” said Taylor Chasteen, ERP portfolio integration officer at PEO-EIS, who has been on the job since summer 2007. “One of the things we want to do as a service department is manage our equipment. In order to do that, we must have consistent master data across the enterprise.”

Master data can be something as simple as the About This Mac function on Apple Macintosh computers, which includes data on the computer's operating system, processors and memory. However, for a helicopter or tank, the master data can be extremely long and intricate.

“It is very difficult to get a holistic view of master data in different systems that have been configured differently and have different governors,” Chasteen said. “Standardizing the data and getting it into a single integrated platform so it is viewable by the people that need the data and manage the configurations is a humongous challenge. So we’re working very hard and effectively with the functional community to make that master data consistent so that the Army can manage its equipment across the enterprise and throughout its life cycle.”

A number of ERP programs are under way at PEO-EIS. One is the Logistics Modernization Program. LMP will manage the Army’s maintenance, repair and overhaul, parts acquisition, planning, and finance for logistics activities, and it integrates more than 70 Defense Department systems. LMP has about 10,000 users, with final deployment to another 10,000 scheduled to begin later this year, Chasteen said.

Another program is the General Fund Enterprise Business System, a Web-enabled ERP system that will manage approximately $140 billion in spending by the Army, Army National Guard and Army Reserves. GFEBS has 3,200 users, with an undetermined number of additional users planned.

“LMP has already proven it can scale; GFEBS still has to be proven,” Chasteen said. “Their end-state is something like 50,000 users.”

The Project Manager-LMP and Project Manager-GFEBS already report or will soon report to the Project Manager-Army Enterprise Systems Integration Program, which provides a single source for enterprise hub services, centralized master data management, and business intelligence and analytics.

“Not only does AESIP have responsibilities for master data management and hub service, it also [has] an overarching systems engineering function,” Chasteen said. “We’ve never really had that before. This is critical for a number of reasons, but for one reason in particular. That is to make intelligent functional allocation decisions across these ERPs. You have various components that together give you the total capability that you seek. You have to make every engineering-based decision on how you allocate those functions across those systems. AESIP now has the capability to do that, which we’re very excited about.”

Transformation Initiative

AESIP also will oversee the Global Combat Support System-Army, a major transformational ERP project for tactical Army logistics that will replace nine older systems.

GCSS-A Release 1.0 was put in place at the 11th Armored Cavalry Regiment at the National Training Center at Fort Irwin, Calif., about two years ago. It replaced only the Standard Army Retail Supply System (SARSS) and picked up the main functions of warehouse management and inventory management.

“There was a lot of concern among the training-oriented leadership that the SAP commercial screens would be too complex, too busy, and we would have training issues,” said Stephen Marshman, Northrop Grumman Information Systems project manager for GCSS-A. “The exciting thing for us is that the soldiers of the 11th ACR adapted to the SAP business processes and were not fazed at all by the screens. The expected training problem did not emerge.”

The advantage of GCSS-A compared with the Standard Army Management Information Systems is that data on parts inventory resides in the same system in which users create maintenance work orders, so the cycle time associated with parts requests can be minutes, not hours or days.

During the past couple of years at the National Training Center, the Army and Northrop Grumman proved they could operate GCSS-A, for which much of the hardware is centralized in a data center, via the Army’s tactical communications network using very-small-aperture terminals.

Beginning in July, the 11th ACR will begin demonstrating Release 1.1 of GCSS-A. The latest version replaces the Standard Army Maintenance System, the Property Book Unit Supply-Enhanced system and SARSS. It also picks up the financial capabilities related to those systems.

Adding the financial data to Release 1.1 was one of the primary problems in developing the software.

“We have a lot of interfaces to external systems, and, frankly the hardest part of this project has been the interfaces,” Marshman said. “Remember that even though this is a fairly large project in the DOD logistics enterprise, there are lots and lots of systems out there."

“GCSS-A is also a financial system of record, so we’re also talking to all the financial systems, and those dialogs are very complex. Any time you have finances involved, you have to have a lot of precision in the interfaces. That’s unique to even commercial ERPs. A large chunk of the development effort goes into the interfaces.”

After Release 1.1, there will be 1.2, which will eventually pick up aviation maintenance and ammunition, plus more finance. Testing of Release 1.2 is planned to begin in late 2011.

Network Consolidation

For the past half decade, AKO has chugged along with about 2.3 million users — consisting of Army users, retirees, family members and other people doing business with the Army — on a separate track that wasn’t necessarily connected to a larger information technology strategy. That’s primarily because there wasn’t such a strategy until recent years when senior leaders approved the Global Network Enterprise Construct, which will consolidate the Army’s loosely connected networks and applications into five network service centers around the world.

Now that AKO and GNEC are on the same playing field, how do the two march together?

“We’ve been working with the GNEC folks to figure out how we fit in,” said Kenneth Fritzsche, AKO/DKO product director. “GNEC is a set of operational ideas for taking the assets you have in place and operationalizing them so that they support the warfighter. In some cases, we are aggressively standing and stomping on their desk saying to the GNEC folks, ‘Look, we have this capability today. It’s already in place. Adopt our solutions.' In other cases, we’ve said, ‘OK, we have this capability. But when you build it for GNEC, we will turn off ours and use the GNEC capability.' "

Two example of capabilities already in AKO that Fritzsche said GNEC should adopt are enterprise and daily management and e-mail. He said he also recognizes that AKO’s capabilities don’t always meet every Army requirement.

In that case, they are developing trade-off analyses that determine the cost to build a capability from scratch versus the cost to close the gap between what AKO provides and what the service needs to offer.

“In many cases, we’re able to bring to their attention a lot of things they would not have considered had we not been going through this grueling process of building this capability,” Fritzsche said. “We are the original Army cloud. Nobody knew how it worked or where we were. All they knew is that if they went to a computer and had access to the Internet, they could get access to AKO and the 500 to 550 different applications all around the globe.”

After users sign in to AKO with a user name and password or via a Common Access Card, they can navigate among applications on various Web sites without reauthenticating. That single sign-on has helped the Army avoid costs because each application doesn't need its own authentication service.

Fritzsche said “the Internet password is one of the bigger security flaws that we have in AKO.” To deal with that, AKO has implemented a number of security requirements, such as requiring more frequent changes of passwords or having more complex passwords.

In addition, AKO recently put in place a knowledge-based authentication system that requires users to register a set of 15 questions out of a pool of 20 that presumably only that person can answer. The types of questions relate to favorite teachers, food and color or vacation memories. During the sign-on process, users must answer three of those questions correctly. Even if people were able to steal a password, they wouldn’t know the answers to those questions, adding another layer of security to the sign-on process.

However, some users, particularly general officers, are irked when asked to frequently change passwords. In summer 2009, during an Army LandWarNet conference keynote address in Fort Lauderdale, Army Vice Chief of Staff Gen. Peter Chiarelli complained publicly about constantly being asked to change the password on his personal digital assistant. If security required him to change it every month, then would it be even more secure if he were required to change it every week or even every day?

Fritzsche offered some context to the situation that Chiarelli and many others must regularly deal with.

“Every time we review questions such as those, it is always a balance between what is secure and what is best for the LandWarNet versus what is best for the user and what makes it more convenient for the user,” he said. “So it is a question of security versus convenience all the time. For general officers and senior leaders, we typically try to convince them that we need to do these things to be more secure, and, ‘Oh, by the way, sir, if you used your CAC, all you have to do is remember your CAC PIN.’ Use it every day, and you’ll never forget it and [you'll] be happy."

“It is when you don’t use your CAC that we have to be more diligent in asking you to prove to us that you are a legitimate user. And that is where the complex password and these additional security questions come in to play. It is always a challenge, and we have retirees and family members who also come to us and say, ‘This is too hard. If you want me to use the system, then you have to make it easier.’ And we have to balance that with the need to protect the applications that you get access to when you come to AKO.”