What does DARPA hope to achieve with Plan X? On the outside it looks like they are looking for battlefield mapping or tools for situational awareness. It looks like they are looking for point and shoot weapons and techniques for disabling cyber assets of an adversary. On the outside it looks to me like DARPA is missing the boat, once again instead of pushing the envelope in cyber, they are moving forward one increment.
If this sounds a bit like sour grapes it might be. I was not invited to the DARPA symposium. I don’t have a dog in the hunt for dollars. To be brutally honest I’m not sure I would be the target audience anyways. It has appeared for awhile that DARPA has become more flashy than I like. The Plan X initiative which I thought was going to be a great program now looks like all a massive military industrial complex boondoggle.
There still has been no real discussion of strategy or implementation of weapons in cyberspace. The various aspects that DARPA is going to be looking at are still undefined and if anything poorly analogized. Consider situational awareness and battlefield mapping. A George Mason PhD student almost a decade ago mapped the critical infrastructure of the United States. His work clearly articulated the logical, syntactic, and physical realms of the telecommunication infrastructures and the inherent issues.
Unfortunately we’re stuck in a mental rut that is incredibly hard to get people out of or get thought leadership to even consider. Cyberspace is not the telecommunication infrastructure, it is not the electromagnetic spectrum, and it most assuredly is not like the matrix. Cyberspace if you want to put it into military terms is a domain of information and cognition inclusive of it’s states transmission, storage, and processing.
I know it is an incredible leap backwards but you have to do this if you want to look forward. A letter, a tablet, an obelisk are all examples of information storage, transmission, and processing. I know that flies in the face of all your modern technocentric views, but it is important so that you can look forward. If cyberspace is a domain then you must be able to talk about the domain without confusing the tools to exploit it. A router, computer, or chunk of fiber are tools (technology) that exploit what is a natural domain. They are not the domain itself.
The great mistake that DARPA appears to be making is holding that the network is cyberspace and that all we need is better network attack or mapping tools and we win cyberspace. This is short sighted, erroneous and incredibly inept. Remember that the transmittal mechanism is one element of the triad of cyberspace. As a simple example the information operations practitioners focus on the cognition (processing) by manipulating content and context.
A more technical example is the idea of data. Data can be stored in many different forms. It has no form, meaning, or manifestation other than as data. In cyberspace it is literally the matter of the domain. Some data is benign and some data is critical (e.g. launch codes). This is not the realm of the network. Stuff can be transmitted over the network, but don’t mistake the highway for the people in the cars.
Let’s stop here for a second and take a breather. This concept of information flows irrespective of the network is a big thorn in the side of many. It is however, one of the big reasons that information security fails. Instead of thinking about the idea of how packets move we need to think about the actual information. Some people would say that is a layer of abstraction. Actually I would argue that we’re removing a layer of abstraction. The abstraction of the technology over the information flows is a mental crutch that keeps us from securing the network.
What the DARPA initiative Plan X looks like it is going to do is produce a few things like swords and no armor. Swords that will be based on one singular element of the domain they will be fighting in. If you focus on the network attack aspect you get a gain today. If you focus on processing you get gains way into the future. Quantum computing if it ever becomes mainstream will fundamentally change most aspects of cyberspace and the traditional aspects of crypto-security.
The concept of battlefield maps is interesting if well trod ground. The idea of situational awareness answers the blue-on-green, blue-on-blue, and blue-on-red issue for commander decision-making. What still isn’t being answered is the hyper-specific targeting requirements of commanders. If you employ a JDAM there is a blast radius, kill radius, and all kinds of effects that are known. There is also a risk of collateral damage. For some reason commanders when talking about employing cyber assets continue to be risk averse in ways they never would be with kinetic weapons. More importantly they are only focusing on network attack.
The focus on the network is likely an artifact of having a spy agency as the lead subject matter organization and so many from the technical side of the house in leadership positions. If your job is signals then you’ll focus on the electro magnetic spectrum. There is another element to this though. Some of the intelligence organizations have built rather large forensic (like) groups to exploit storage devices found in areas of conflict. There is a nascent capability to be found in the analysis of the data sets recovered through forensic (like) processes. That analysis is all about the cognitive capability of the analysts and most assuredly is not a part of the electro magnetic spectrum, the network, or restrictive concepts of cyberspace. This is processing by the human mind.
If DARPA wanted to be on the forefront and stop pandering to the political winds they would focus on bringing that analysis capability up a few order of magnitudes. In some ways Palantir, I2, and other companies have only scratched the surface of exploitation of large heterogeneous data sets. The over hyped concept of big data has some roots in this space, but most of the big data types are about processing large data sets based on known filters. Answering the question of national security when you have two unknowns in the cyberspace triad is phenomenally harder.
Unfortunately so many of our strategists developed their expertise, models, constructs, and capabilities in the nuclear era. That colors their thinking to no end with very little reflection on their part. Add to this the Clausewitz and Boyd mafia all who are trying to put reduce cyberspace to their areas verbiage and you have stagnation. Grand strategy of cyberspace is stuck in a hollow construct of nuclear arms era thinking. To make matters worse almost all of the constructs are based around concepts that have little relevance to cyberspace.
Consider the following construct:
Data is stored, processed, transmitted and begets information (data with context) that is storage, processing, transmission which becomes information effects (kinetic, emotional, relational, etc…).
Now strategize that. It’s not a bomb. It’s not a disease. It is not a political pendulum or political influence operation. You can achieve effects through various operational forces that result in something like a bomb, something like a disease, and have political influence. We’re not saying ignore your grand strategy, which should be domain independent. We are talking about the fact that a battalion tank maneuver moving towards contact with the enemy is well understood operational doctrine that is mirrored in air, and sea. We don’t try to redefine strategy based on domain specifics. Well except for that silly Asia pivot business and sea air battle.
This whole cyberspace thing is a new domain that has specific aspects that are incredibly different from any of the other domains. I would expect DARPA to be examining those elements deeply rather than trying to come up with an instant hack on silly enemies (iHose) weapon of the week.
DARPA and the military completely ignore the various aspects of cyberspace that are different than other domains. Though inherently we understand how the sea is different from the land, and why space is different than the air. We have continued to suggest that cyberspace is a manmade domain (which patently is not true) and have refused to sit down and detail exactly what the differences are between cyberspace and the other domains. That would be incredibly important if you wanted to make weapons to fight there. In policy circles there still are dozens of definitions of cyberspace and most of them reflect and element of hubris rather than introspection.
I’m not sure how you can defend when you can’t even define the operational aspects of it. But, that is where we are with cyberspace and national policy. National leaders continue to mix war fighting with management of information systems. The policy implications of that are worthy of an entire book. The base ground truth though is Plan X isn’t about pushing the domain further forward but being flashy. Yeah, I admit it. I wasn’t invited. I also admit that after spending two years specifically trying to have a positive impact on policy. After meeting with leaders at all levels in several nations governments. I think we’re further behind than ever.