The views expressed here are solely those of the author, and do not necessarily reflect those of the Department of the Navy, Department of Defense or the United States government.
In 1946, CAPT Hyman G. Rickover began to explore the idea of a new propulsion plant for the U.S. Navy, one driven by nuclear power. Compared to surface warfare or land-based warfare, submarine warfare was still a relatively new warfare domain. After less than five decades of consistent operational experience, we as a nation were essentially at parity with our competitors. Rickover’s ideas would propel us into a new era of advanced submarine warfare: He did not set out to break the submerged duration and speed records; he did not set out to forever change the hydrodynamic design of submarines worldwide; nor did he set out to be a key figure in a Cold War that would last for decades. These events indeed happened, but they were simply second- and third-order effects of his wildly new propulsion plant design.
For almost four decades now, the Navy has been operating in another relatively new warfare domain, the CYBER warfare domain. Unlike other warfare domains, however, Sailors of every type across the globe deploy to the CYBER domain daily by logging into Navy networks. It doesn’t matter if you’re a senior person qualified in multiple warfare areas or a new recruit with no warfare qualification at all; the entire Navy is exposed daily to the benefits and dangers of the CYBER domain.
Similar to Rickover’s era, some argue we are in the middle of a CYBER cold war — a war in which there is a strong undercurrent of activity that goes relatively unseen by the general public. Despite all this, the commissioned CYBER vessels (Navy networks) with which we deploy to the CYBER domain are antiquated, poorly manned and poorly managed. As a result, they are susceptible to a variety of vulnerabilities.
Rickover’s approach to his program was all-encompassing as he focused on several aspects of the nuclear propulsion plant. One focus was the engineering excellence and system-of-systems design of the propulsion plant. Another was the training of personnel operating his propulsion plants, new recruit to commanding officer, civilian and military alike. He also focused on the ongoing research and development within his program to continuously lead the industry. Finally, he focused on the technical authority’s role, NAVSEA O8, in maintaining a program that, to this day, provides an effective, leading-edge strategic asset to the defense of the nation. This all-encompassing approach is in great contrast to the manner in which the Navy operates its networks.
As a Junior Submarine Officer, I had a conversation with a post-command submariner concerning the submarine nuclear propulsion plant. He told me that of all the things he worried about as a commanding officer, the one thing he did not worry about was the engineering excellence of the propulsion plant. He went on to explain that he received a significant amount of quality training over the years and understood all aspects of the plant. He understood and appreciated the science behind the research and development that contributed to its design. He was confident in the training pipeline’s ability to provide adequately trained officers and Sailors to the Fleet. He understood the quality assurance program in place to ensure the plant’s reliability. Finally, he cited his many years of experience in operating submarines to support his claim of engineering excellence. As a Junior Officer, I could relate to his points based on my own experiences at the time.
In contrast to our nuclear propulsion plants, the engineering excellence of our afloat computer networks is lacking to say the least. If Rickover’s propulsion plants were as finicky as our Navy computer networks, the nuclear Navy might never get underway. While Rickover’s propulsion plants are designed with multiple redundancies and built-in safety margins, our computer networks are not. The ability to safely operate our submarine propulsion plants while performing routine preventive maintenance without impacting the end user is incorporated into plant design.
With our computer networks, however, preventive maintenance routinely removes services from the end user for the duration of the maintenance. Google, eBay and Amazon must conduct maintenance but, as a user, I don’t recall any recent downtime for them. The technology and standards available to them are also available to the Navy. Despite this, our operational commanders are forced to endure network downtime during maintenance periods. If routine maintenance impacts the end user, imagine what a genuine casualty would do. Unfortunately for anyone in the Navy that has used an afloat network, there is no need to “imagine” what a genuine casualty would do. As it turns out, I have experienced the impact of significant network casualties on every vessel I’ve served on. I doubt I am unique in that regard.
You Can’t Manage What You Can’t See
In a nuclear propulsion plant there is a control center where the Engineering Officer of the Watch (EOOW) is stationed. In front of him are several Sailors monitoring panels that provide a variety of propulsion plant indications to track various parameters. The EOOW is able to monitor system response as different evolutions take place throughout the plant; evolutions such as an increased propulsion bell, an electric plant shift, or simply monitoring steady state operations. Numerous control panels and gauges are positioned throughout the engine room that provide watch standers a variety of indications for monitoring plant parameters. These are necessary to properly manage the plant and maintain it operating within design specifications. Many of these indications are connected to alarms that alert watch standers to sub-optimal conditions to allow personnel time to adjust plant parameters and manage a situation before it develops into a casualty.
In contrast, the typical afloat computer network has few indications to provide operators or managers the status of network health or performance. Often, the first indication of a network issue for the Combat Systems Officer of the Watch (CSOOW) is a phone call from a user. Imagine an Officer of the Deck calling the EOOW upon a loss of propulsion and getting a response of: “We are not tracking that issue but will check into it right away,” or worse yet, the EOOW responding with: “Do you have a trouble ticket or is this a new issue?”
Admittedly, the new Consolidated Afloat Networks and Enterprise Services (CANES) network provides some capabilities to address the above issues. Unfortunately, it does not provide the robust and intuitive monitoring we design into our propulsion plants and other critical systems. Nor does the program provide adequate training on how to use those monitoring tools.
Our computer networks have been described by some as a weapons system. Unique among our weapons systems, however, is the fact that every single person in the command operates Navy networks. Networks are used for a variety of tasks (administrative, operational, and personal) not demanded of any other weapons, afloat or ashore. Viewed in this light, the idea that our current information technology culture allows a weapon system of such importance and utility to be put in place without a manned monitoring station is absurd. No one would suggest installing a reactor plant aboard a nuclear-powered vessel without the capability and manpower to monitor its every function 24 hours a day. If a submarine CO left his propulsion plant unmanned, he would be immediately relieved of command. But it’s perfectly acceptable for a ship to get underway with little to no monitoring of network health and performance.
Admiral Rickover understood the importance of the human element in nuclear power and therefore invested heavily in training when he designed his program. New recruits (officer and enlisted) are sent to a six-month book-intensive course on engineering basics that establishes a foundation of knowledge. That course is followed by six months of hands-on training in a prototype nuclear power plant and engine room. Book knowledge is reinforced from experience operating an actual propulsion plant. They hear and feel the machinery; they smell the steam and lube oil; they open and close valves to change plant conditions and monitor plant response.
Trainees who succeed through these first 12 months then report to the Fleet. Upon arrival, they commence their qualification for their engineering watch and begin participating in a structured continuing-training program that is independent of their qualifications. Regardless of rank, billet or qualification, all nuclear-trained enlisted and officer personnel participate in the continuing training program during their entire tour while assigned to nuclear-powered sea billets.
Toward the end of their first sea tour, junior officers attend a Prospective Nuclear Engineering Officer course, where they must pass an exhaustive series of written exams and interviews before becoming a department head. Prospective commanding officers attend an additional intensive course on reactor propulsion plant design before taking command. Clearly, Admiral Rickover recognized the important role humans play in his propulsion system and spared no expense to make sure each continued to function as effectively as its mechanical components.
This is in great contrast to the training received by the enlisted Information Systems Technicians (IT) and officer Information Professionals (IP) who make up the human component of the Navy network system. Some ITs are sent to the Fleet having not attended any A School and without having earned a Navy Enlisted Classification (NEC).
As a new, laterally transferred IP officer, my training consisted of two courses: a 3-week introduction to the Navy computer and communications systems available to the Fleet and a 3-week system security course. Direct accession IP officers will typically get a 5-week IP Basic course as well. Considering the high level of technology in the networks and their complexity, I believe this combined 11 weeks of training is woefully inadequate.
In my opinion, the inadequacy of this training is evidenced by the Navy’s reliance on civilian Fleet Systems Engineering Team (FSET) personnel who augment active duty network professionals on large deck afloat units. These FSET personnel are not in place to offset deficiencies in the number of our network personnel, but rather deficiencies in their knowledge. Admiral Rickover’s nuclear program has no FSET equivalent. Indeed, it would be unthinkable to require civilian technical assistance to operate our reactor plants at sea.
I believe the nuclear Navy training model would lend itself well to Navy networks. I can easily imagine an intensive academic school focused on the basics of computer network engineering and design for both officer and enlisted. That school could be followed by another school at a network prototype where trainees and staff manage and operate an actual Navy network. New students could create their own accounts or conduct routine preventive maintenance in accordance with established procedures, under the watchful guidance of an instructor or senior, qualified student. Technical knowledge, management culture and monitoring practices could be inculcated into students before arriving in the Fleet. The network prototype facility could also act as a research facility for the continued development of network technology and design.
NAVSEA O8 is the single, technical authority on all things regarding Navy nuclear power. They are involved in all aspects of nuclear propulsion plant operations. As a result, there is no ambiguity in how to operate and manage the plant or who to contact if there is a question or concern. NAVSEA O8 oversees every aspect of nuclear power, including training personnel, publishing technical drawings, and writing procedures for every activity in the plant. These activities include switch lineups, valve lineups, and troubleshooting techniques that have been developed, tested and implemented for the Fleet. It doesn’t matter what shipyard constructed the submarine or its propulsion plant; it doesn’t matter where a given plant component was manufactured; NAVSEA O8 has assumed the leadership role as the technical authority and has provided these basic management tools. As a result, the submarine Fleet is able to concentrate on operating their propulsion plants and executing a comprehensive continuing training program rather than spending time on generating diagrams, procedures and other management tools that have not been provided.
Navy networks, on the other hand, fall under the purview of multiple technical authorities. For many afloat networks, the technical authority is Space and Naval Warfare Systems Command (SPAWAR). For afloat networks on the new Littoral Combat Ship (LCS), however, Northrop Grumman is the technical authority. If we include shore-based Navy networks, we introduce more technical authorities.
As for assuming the leadership role as technical authority, none have met the mark. For example, network technical drawings, operational procedures and troubleshooting guides are sparse onboard Navy ships. Because of the absence of these basic tools, the Fleet suffers by not receiving consistent services, troubleshooting is hit-or-miss, and on-the-job training is much less effective than it could be. All these inadequacies lead to a long-term disadvantaged brain trust within the Navy’s IT and IP communities. They also contribute to an environment where operational commanders are continuously skeptical of the reports received from inadequately trained IP officers and ITs who are often unable to translate technical issues into an operational context that’s relevant.
NAVSEA O8 leads the nuclear industry with technology, procedures and a culture of high standards. Navy network technical authorities lag industry in these same areas. I find it exciting to consider what might be the second and third order effects of a wildly new approach to the design, training and management of Navy networks. If a new propulsion plant (not a “weapon” system) can revolutionize submarine warfare forever, just think what a new approach to Navy networks (a “weapon” system) might do for CYBER warfare.
In the early years of submarine warfare, a submarine force was regarded as a poor country’s answer to competing on the international stage with a super power. In fact, the economically inferior Germany of World War II gave the Allies a serious run for their money in the battle for the Atlantic with a relatively inexpensive submarine force. Germany received a lot of bang for their buck from their submarine Fleet. I would argue that today the CYBER domain offers that same opportunity for countries less fortunate than ours. Case in point: Without spending a single penny, my 10-year-old cousin can access the World Wide Web and participate in the CYBER warfare domain. What happens after gaining access is up to her motivation and creativity. She probably doesn’t think of it as a warfare domain, but disadvantaged countries and non-state actors most certainly do. If motivated to do so, these entities could easily compete with us on the world stage.
The more technologically advanced we become, the more dependent we become on our networks, and thus the more they become a tempting target for our adversaries. It only takes a quick review of the headlines to realize the undercurrent of CYBER war being waged under our keyboard-fixed finger tips. If the headlines are not enough, my wife and I both have a letter from the United States Office of Personnel Management (OPM) to remind us. Our letters explain how OPM “was the target of a malicious cyber intrusion.” They report that the information compromised by the intrusion may have included our “name, Social Security number, address, date and place of birth, residency, educational and employment history, personal travel history, information about immediate family as well as business and personal acquaintances.” Despite all this, our Navy continues to operate networks that are antiquated, poorly managed and vulnerable.
Could we accomplish with Navy networks what Admiral Rickover accomplished with nuclear propulsion — a completely new approach to a deployment platform that revolutionizes a warfare domain only decades old? I believe the answer is yes. After all, when our nation invented flight, our Navy embraced the notion of airpower at sea and won WWII. When our nation invented nuclear power, our Navy embraced the notion of nuclear-powered submarines and won the Cold War. Our nation invented the Internet and therefore the CYBER warfare domain. Will our Navy embrace the significance of these parallels and fundamentally change how we design, operate and manage our Navy networks? Will we call upon a Rickover for Navy networks?
Cmdr. Roger Koopman is the Deputy N6/IAM/KMO for Commander U.S. 7th Fleet (CTF 70).