How the US Air Force Made Its ISR Network Cheaper to Run and Easier to Upgrade
Real-world lessons from a leader of the three-year effort to convert DCGS to open architecture.
Three years ago, the U.S. Air Force decided to overhaul its main intelligence-data network — the Distributed Common Ground System — whose custom-built apps and hardware made upgrades so slow and costly that new capabilities were virtually obsolete the day they finally came online. Thanks to new techniques and systems, many borrowed straight from Silicon Valley, we have already slashed the time needed to implement new ideas by 70 percent while avoiding hundreds of millions of dollars in costs.
As chief of mission applications and infrastructure at the Air Force Research Laboratory’s Information Directorate, I helped lead the effort to overhaul DCGS, along with co-leaders at Air Combat Command and the Air Force Life Cycle Management Center. Here’s what it took, and how other military programs might be able to follow our example.
DCGS, also known as the AN/GSQ-272 SENTINEL System, is used by airmen to produce, process, and disseminate intelligence from data collected through a wide range of ISR platforms. But for all its power, the system was unacceptably hard to upgrade. Its infrastructure was constructed to satisfy single-mission capabilities only. Specifications and scripting associated with these capabilities were held and controlled by private-sector companies, and all applications and enhancements had to go through these systems integrators. It could take up to 84 months to bring new capabilities online, by which time new technologies had often made the additions virtually obsolete.
So in 2014, we began our overhaul. Adopting a “we are they” mindset, ACC/A5-2D led in the governance of requirements, AFLCMC/HBG led in requirements implementation, and AFRL/RI brought forth innovative technology and methodology recommendations for an efficient, modern IT enterprise. The new DGCS would have an open architecture, simplifying the addition of new components and breaking the systems-integrator bottleneck. Its apps and databases would run largely in the cloud, using a commercial-off-the-shelf platform (Pivotal Cloud Foundry) that would allow us to quickly accommodate new requirements and new technology.
To build it, we adopted Silicon Valley’s “agile development” methodology, which breaks projects into small chunks and checks frequently to see whether progress is matching users’ changing needs. Applying agile techniques to all aspects of the redesign, we rebuilt DCGS with an open architecture and commercial-off-the-shelf hardware and software. This allows a culture shift that embraces and exploits the continually improving technology ecosystem delivered by a global marketplace. For example, we use Dell servers today, but tomorrow we could insert HP without reengineering the entire system.
With so much of the computing happening in the cloud, we needed a way to monitor events and system performance across this new DCGS. As well, management needed to be centralized across high- and low-security echelons to keep mission-critical systems working optimally. We selected Zenoss to provide a hybrid on-premise/cloud IT-monitoring platform, along with software and services for extensibility and integration with other key industry-provided hardware and software.
With these new models and tools in place, we are already seeing dramatic improvements in several measures. Moving to open architecture and agile development has sped the adoption of new system capabilities. DCGS users have been able to rapidly integrate commercial-off-the-shelf collaboration tools, including full-motion video and high-altitude exploitation capabilities, while integrating new tools for information correlation and dissemination. And while previously, all new capabilities had to be delivered by a dedicated installation-and-test team, DCGS can now remotely deliver new capabilities from a centralized hub.
We’ve also dramatically cut the time that it takes to certify software as secure enough for DCGS. By testing throughout the development cycle, and deploying onto an accredited platform, DCGS is able to apply the existing accreditation model using a software’s Certificate-to-Field with a Security Impact Analysis for each new capability. DCGS now operates with an established battle rhythm that has slashed the time for security accreditation/certification from 18 months to 30 working days. In several cases, we've done it in 10 working days.
The risk of introducing new components to the platform also has been greatly reduced, because we’re reducing the decision space to individual system components rather than the system as a whole. This means decisions are smaller, and made quicker at a lower cost. For example, we can now buy, test, and deploy new software with a license for our operators for about $1 million. Previously, every time we added a new capability, we would have had to build, test, and deploy the entire IT stack. A mistake could cost $100 million, likely ending the career of anyone associated with that decision. A smaller mistake is less often a career-ender and thus encourages smart and informed risk-taking.
And as we have moved to agile development, we’ve brought our partners along. We have formally educated more than 350 civilians, military, and contractor personnel across our combined teams on Scaled Agile Framework for the Enterprise, or SAFe; today, several of our teammates employ varying forms of agile development.
Bottom lines: before embracing open architecture, the DCGS spent about 70 percent of its funding on infrastructure and 30 percent on the capabilities and applications that users needed to accomplish their mission. Now those numbers are flipping. If we meet our goal, we will have doubled the share of DCGS funding that goes to mission apps instead of infrastructure. And Pentagon cost-estimators who looked at other Air Force and Navy ISR systems estimate that the new DCGS will avoid roughly $600 million in expenditures.
Even with these eye-opening savings, the real benefit to our new open architecture DCGS system is that we are able to develop intelligence from a range of platforms more quickly and easily than ever before. For the men and women who depend on that intelligence, it’s an extra measure of safety, security, and knowledge, and that’s more important than the savings.
NEXT STORY: Donald Trump, Dealbreaker