For many years, Navy ships pulling into port had to drape fiber optic "umbilical" cables over the side from the ship deck box to a pier riser for access to the shore infrastructure. Secure transport of shipboard voice and data communications from Navy ships to the Network Operations Center occurs through these cables.
But corrosion and mishandling of the cables and damage to pier risers have caused communication outages and recurring maintenance costs, and during bad weather, ship communications could be delayed for hours if not days.
But a solution to this problem is underway — the Wireless Pier Connection System. WPCS was developed by the Space and Naval Warfare Systems Center (SSC) Charleston (now realigned under SPAWAR Systems Center Atlantic) and sponsored by Commander, Navy Installations Command (CNIC).
WPCS focuses on installation effectiveness and improvements in shore installation management. This in turn reduces manpower and support costs, as well as installation costs.
The WPCS uses 802.11a and 802.11g technology to provide a reliable Wi-Fi bridge between ships and shore networks. Wi-Fi provides a viable means of extending communications between points where wired connections are restricted due to costs, difficulty, or areas where wire deployment is just not feasible, for example, in locations near airfields, or across battlefields and expanses of water. Utilizing this wireless solution, WPCS allows Navy ships to initiate connectivity to the pier while still up to three miles out at sea.
The WPCS system includes three radios located on the ship: a dedicated bridge radio, attached to an omnidirectional antenna for scanning, and two additional radios for primary and secondary connections to shore. It uses auto-configuration mesh software that facilitates a reliable and continuous connection with the shore network.
Shore-side equipment includes several BelAir wireless nodes that provide connectivity into the shore network architecture. Each WPCS system fits in a six-unit hard case and requires one electrical outlet. The size and mobility are ideal for the limited space onboard ships.
The dockside unit is movable and easily mounted. Designed for all-weather conditions, BelAir wireless nodes are water and dust-proof and can withstand temperature extremes from -40 to 122 F.
Security can be a problem with wireless technology. Radio frequencies can be intercepted by anyone within range with the right equipment. Because wireless nodes can allow possible unauthorized access to networks, network and data security must be incorporated into the wireless solution.
The WPCS addresses this issue with a comprehensive defense-in-depth strategy utilizing wireless security solutions that include Air Fortress Gateway devices and the AirDefense Wireless Intrusion Prevention System. Figure 1 illustrates the WPCS topology.
Type I encryption, proprietary frame structures and a specific IP assignment are used before applying 256-bit Advanced Encryption Standards (AES) layer 2 encryption. AES is the encryption standard for the U.S. government and National Security Agency.
Type 1 encryption refers to a device or system certified by the NSA for use in cryptographically securing classified U.S. government information. Type 1 certification is a rigorous process that includes testing and formal analysis of cryptographic security, functional security, tamper resistance, emissions security (EMSEC/TEMPEST) and security of the product manufacturing and distribution process. Layer 2 encryption introduces virtually no latency or overhead to the network.
Network security considerations include: MAC filtering, fixed MAC address scheme, Remote Authentication Dial In User Service (RADIUS), BelAir proprietary frame structure and WPA2 AES over-the-air encryption using Wi-Fi Protected Access Pre-Shared Key (PSK) authentication.
MAC, also known as Medium Access Control, is a sublayer of the data link layer specified in the seven-layer Open System Interconnection model (layer 2). The MAC layer addressing mechanism is called physical address or MAC address. This is a unique serial number assigned to each network adapter, making it possible to deliver data packets to a destination within a subnetwork.
Network protection features include monitoring and locating rouge nodes (rogue devices or data packets) and interference sources within the WPCS airspace. The AirDefense Enterprise Wireless Intrusion Detection System provides intrusion scanning detection with continuous alarm notification.
To comply with Defense Department policies, SSC Atlantic requested the assistance of the Defense Information Systems Agency's Joint Interoperability Test Command to assess and certify WPCS. For more than two decades, SPAWAR has partnered with JITC during the development, acceptance testing and subsequent fielding of critical shipboard and shore-based communications systems.
As designated by the Joint Chiefs of Staff, JITC is the only DoD organization with the mandate and authority to certify that DoD IT and National Security Systems (IT/NSS) meet interoperability and net-readiness requirements for joint military operations.
To do this, JITC follows the processes outlined in Chairman of the Joint Chiefs of Staff Instruction 6212.01D, "Interoperability and Supportability of Information Technology and National Security Systems." This document establishes policies and procedures for developing, coordinating, reviewing and approving IT/NSS interoperability needs.
In addition, JITC employs testing methodologies that conform with DoD Directive (DoDD) 8500.01E, "Information Assurance" which states that all DoD information systems "shall maintain an appropriate level of confidentiality, integrity, authentication, non-repudiation and availability that reflects a balance among the importance and sensitivity of the information and assets; documented threats and vulnerabilities; the trustworthiness of users and interconnecting systems; the impact of impairment or destruction to the DoD information system; and cost-effectiveness."
WPCS assessment activities were conducted at the JITC Indian Head, Md., test facility from November 2007 through January 2008. During this period, JITC teamed with SSC Atlantic developers and integrators. To ensure that WPCS met DoD requirements, JITC's evaluation consisted of standards conformance, performance, interoperability and information assurance test scenarios.
During the standards conformance phase, JITC evaluated WPCS components in an isolated environment and used test equipment to generate traffic through the WPCS to ascertain whether it conforms to applicable standards contained in the Defense Information Standards Registry.
During the performance and interoperability phases, JITC integrated the WPCS into a representative DoD network, and again used unique test tools to generate traffic across the network to assess the system's ability to exchange information within an integrated architecture.
During the information assurance phase, the JITC assessment team tested WPCS security and its compliance with IA policies and requirements to allow connection to a combatant command, DoD network and the Global Information Grid.
This test effort validated that the WPCS can interoperate with both the GIG and Navy legacy messaging networks in accordance with DoD doctrine and policy. The assessment also verified that the WPCS architecture follows a robust defense-in-depth design methodology with careful attention given to maintaining a clear separation of user traffic from management traffic.
In June 2008, JITC hosted a"“WPCS Forum" at the Indian Head facility with representation from the Office of the Assistant Secretary of Defense (Networks and Information Integration)/Chief Information Officer (ASD(NII)/CIO) Wireless Directorate, Office of the Chief of Naval Operations, SSC Atlantic, CNIC and NSA.
During the meeting, discussion points included DoD's use of commercial waveforms and military frequencies within wireless implementations; the use of bridging devices in the DoD; future changes to the overarching DoD wireless policy; as well as WPCS testing milestones.
JITC testers and subject matter experts also provided a demonstration of the WPCS capabilities in the JITC wireless laboratory.
At the forum, Navy Capt. Jon Kennedy, chief of the wireless directorate, stated that it appears WPCS meets all the DoD wireless local area network requirements in accordance with DoDD 8100.02, "Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense (DoD) Global Information Grid (GIG)." He indicated that the Navy should move forward with the implementation of the system.
Kennedy also encouraged JITC and the forum attendees to participate in future OSD-sponsored wireless working groups.
All attendees agreed that the recent WPCS assessment effort clearly serves as a model for future WLAN test events. As a result, SPAWAR and CNIC will continue to collaborate with JITC for the development and certification of future versions of the WPCS configuration.
Heather Meredith serves as a corporate communications support assistant to the JITC outreach director.
Greg Blanche is the lead test engineer for the WPCS interoperability assessment, as well as other wireless LAN evaluations.
Jackie Mastin is an information systems project officer within the JITC GIG infrastructure branch and test lead for WPCS interoperability test efforts.
Chris Watson is the JITC outreach director. He performs initial oversight of new programs and agreements between JITC and the DoD, federal government and industry partners.