PEOC4I.NAVY.MIL

Integrated Information Warfare for the

21st Century

19 July 2016Dennis E. Bowden

Radiant Mercury Technical Director703-633-3943

bowden_dennis@bah.comdennis.bowden@scmis.nro.smil.mil

Program Executive OfficeCommand, Control, Communications, Computers and Intelligence (PEO C4I)

Radiant Mercury Update to CDSE Workshop

Darlene Gunter PMW 130 Cross Domain APM

619-524-7344darlene.gunter1@navy.(smil).mil

gunterd@spawar.navy.ic.gov

Agenda

• Intro • Capabilities• Detailed Versioning Table • Plans• RADMERC 6.0 Overview

3

BD[1

Slide 2

BD[1 Bowden, Dennis [USA], 2/1/2016

Intro

• RADMERC is a Navy Abbreviated Acquisition Program (AAP) minimally funded through the FYDP

• Operates on a fee-for-service basis • Operates globally supporting the DoD, Intelligence

Community (IC) and Foreign Military Sales (FMS) systems from tactical through strategic level operations

• Large message / data format library available for reuse by other RADMERC customers

4

Agenda

• Intro • Capabilities• Detailed Versioning Table • Plans• RADMERC 6 Overview

5

Capabilities

• RADMERC 5.1.1 is current UCDSMO baseline version Runs on Oracle Solaris 10 with Trusted Extensions (10TX)

Operating System (OS) Supports both formatted and unformatted data types SABI, TABI and TSABI

• A “single box” solution allowing simultaneous data transfer between multiple security domains

• Operates on a wide variety of customer-provided x86 hardware platforms Fully leverages modern multi-core processors

6

Deployed PlatformsSpecific to v5.X

• HPDL380(G6/G7/G8),

DL385, DL360(G6/G7), DL580(G7), z420

• DellR300, R600, R610, R710,

R720, 1950, 2950, R815

• IBMx3650

• Crystal ComputersRS-235, RS-255 RS-

111S13, RS-112RE-412 *tested only

• Oracle/SunX4170, x4270

• KontronCP308 AM4011

• Curtis WrightVPX3-1257VME-1901

• Themis• Core Systems• Germane

7

Capabilities

• Flexible data transfer mechanisms Streaming Sockets: TCP and UDP sockets supporting

COP, simulation, VoIP, video, NTP, etc. File-based: Secure FTP supporting imagery, MS Office,

PDF, video, etc. Java Messaging Service

• Secure communication using HTTPS Concurrent Socket channels can be optionally

configured to use SSL/TLS to secure their TCP communications

8

Capabilities

• Cross Domain Web and Cloud Services Promotes scalability, collaboration and sharing of resources Full support for REST and SOAP based web services

• Secure communication using TLS Concurrent Socket Input and/or Output channels can be

optionally configured to use SSL/TLS to secure their TCP communications

• Cross Domain Collaboration - Chat, Whiteboard, Wiki Provides the Cross Domain component for deployed

collaboration tools• XML Validation and Transformation

9

Capabilities

• Message Analysis and Generation (MAG) parser/ formatter and rules engine MAG engine breaks message data content into specified fields

or sections MAG and Rules engine validates data integrity by verifying

syntax and range checking

• RADMERC is a multi-homed device Multiple network interface cards (NICs) – one per security

domain Establishes connections with multiple hosts over a single NIC Data flows uni- or bi-directionally over each connection

10

The ‘MAG’ allows RADMERC to be highly configurable

Capabilities

• Cross Domain System SNMP Monitoring allows RADMERC to be monitored via SNMP like any other device on the network Based on the NSA defined CDS-SNMP MIB

• Reliable Human Review (RHR) allows unformatted data to be reviewed by a human before it is sent high-to-low Windows Desktop Digital Signature (WinDDS) Workflow tool

facilitates the RHR

• Remote Monitoring options Enabled remote access to management console Established server-client relationship between multiple

RADMERC systems to allow for centralized change control

11

Not-so-typical Capabilities

• Dynamic Rule Set Rule set updated automatically (FBCB2, JSF)

• Load balancing and failover (ADMACS)• Periods Processing (SSN / SSGN)

Network classifications based on mission - 17 approved configurations

• Large Configurations 1200 Channels (FBCB2) 8 Classifications (NCCT)

• Repeatable Accreditation Process (SSNs, NAVMACS, WIN-T)

• Headless operation (USAF B2 aircraft)

Radiant Mercury’s flexibility can handle unlimited CONOPSRadiant Mercury’s flexibility can handle unlimited CONOPS12

Sample Supported CONOPS

Function of Data Flow Radiant Mercury Support

Modeling and Simulation Support

RADMERC processes 1000s of Distributed Interactive Simulation Protocol Data Unit (DIS PDU) messages-per-second

Command and Signal Support

Real-time remote commands to automated devices (e.g., unmanned vehicles, sensor controls, antenna tracking, GBS bandwidth allocation)

Cross Domain Network Management

Device status and control via Simple Network Management Protocol (SNMP) based on the NSA defined CDS-SNMP MIB 1.0.8. Network Time Protocol (NTP) synchronization

Surveillance and WarningInformation about Missile Launches. This is critical information to the Missile Defense Agency (MDA) and the SEW program. It has been enhanced to include data for targeting

Situational Awareness Common Operational Picture, Blue Force Tracking

Database Record Transfer RADMERC supports cross-domain database replication of Logistics and Intelligence databases

Cross Domain Cloud and Web Service

RADMERC facilitates cross domain standards-based query/response web services

National and Tactical Imagery Dissemination

RADMERC is the only Cross Domain Transfer Solution with the capability to sanitize imagery metadata, re-label it for foreign release, and reformat the resulting National Imagery Transmission Format (NITF) product

13

Agenda

• Intro • Capabilities • Detailed Versioning Table • Plans• RADMERC 6.0 Overview

14

BD[1

Slide 13

BD[1 Bowden, Dennis [USA], 2/1/2016

Version

Version Rationale for Change4.X • On sunset list and we are working to upgrade these systems

5.0 • Port from TSOL 8 (end of life) to Solaris 10 with Trusted Extensions from TSOL 8

5.0.1 • Fixed issues identified during 5.0 certification

5.1 • Added new features including support for JMS (Java Message Service), SNMP (Simple Network Management Protocol), HTTPS

• TLS/SSL Channel• Improved MAG Engine Performance

5.1.1 • RADMERC current version being deployed• Enhanced configuration activation time and concurrent socket output

channel to handle higher load• Fixed issues identified in 5.1

6 • Port capabilities to RHEL 6 (SELinux) - additional security features• Lab Based Security Assessment in CY 2016

15

Version

• Three digit number separated by “.”• First Digit

Major Build (i.e. new Operating System)

• Second Digit Moderate Build - functional or security related

improvements

• Third Digit Minor patch - correct deficiencies (functional or security

related)

• Operating System Patches / IAVAs• Closely aligned to NSA’s new versioning policy

16

Agenda

• Intro • Capabilities • Detailed Versioning Table • Plans• RADMERC 6.0 Overview

17

BD[1

Slide 16

BD[1 Bowden, Dennis [USA], 2/1/2016

Plans

• RADMERC 6.0 certification and placement on the UCDSMO baseline is our highest priority

• Improve ease of use while maintaining compliance with DoD and IC guidance

• Explore support for NSA’s “Sidecar” protocol and Filter Componentization Effort to improve filtering capabilities

• Adapt and enhance RADMERC to become a pre-installed, remotely managed appliance Model after commercial firewalls/routers Solution for tactical users such as Navy’s P-8A program

18

Agenda

• Intro • Capabilities • Detailed Versioning Table • Plans• RADMERC 6.0 Overview

19

BD[1

Slide 18

BD[1 Bowden, Dennis [USA], 2/1/2016

RADMERC 6.0 Overview

Oct 2013: Pre Security Design Review (SDR) with NSA Nov 2014: Formal SDR with NSA and UCDSMO Dec 2015: Software Development Completed Mar 2016: UCDSMO RADMERC 6 LBSA discussions May 2016: Software FAT and Alpha Completed 27 Jun 2016: SDR at CERDEC facility, Aberdeen

Proving Grounds, MD July-Dec 2016: LBSA Jan 2017: SAO (planned)

20

Radiant Mercury - Points of Contact

Darlene Gunter, CDS APMdarlene.gunter1@navy.mil

(619) 524-7344

Dennis Bowden, Technical Directorbowden_dennis@bah.com

(703) 633-3943

John Rubel, IV&V Leadrubelj@fgs-llc.com

(703) 400-6909

Kevin Miller, Lockheed Martin Kevin.r.miller@lmco.com

(303) 932-4786

21

Visit us at www.peoc4i.navy.mil

We Deliver Information Warfare Capabilities to the

Fleet.