Defence has recognised electromagnetic (EM) interference and EM warfare as a threat (…and an opportunity) for well over a century. Reducing an adversary’s information advantage by preventing their access, reducing their confidence or affecting the integrity of information via their sensors and communications networks (whilst protecting our own) can be the difference between victory and defeat.
Of course protecting our own ability to interact with, and exploit the EM spectrum, while safeguarding from interference requires the defence sector to have very high quality situational awareness or EM spectrum surveillance capabilities and means to defend against malicious interference through technology, organisation or process.
Global superpowers have been masters in this discipline for a considerable time - with decades of experience in the offensive use of EM. Russia even has a public holiday, which is celebrated on April 15th each year - ‘the Day of the Electronic Warfare Specialist’. It marks the successful use of EM warfare in 1904 by Russian forces in the Russo-Japanese war.
But electromagnetic interference is no longer the sole domain of bigger nations. There is a new threat, posted by smaller states (i.e. ’non-super powers’) and smaller non-state actors who can now obtain EM interference capabilities at low cost, thanks to continual advances in commercial off-the-shelf (COTS) technology.
Adversaries of all sizes have now begun to invest heavily in their own offensive EM capabilities. There is an increase in technologies and devices to manipulate the spectrum, all the way from cyber like effects through to denial, disruption and even damage.
And, as the number of interconnected information bearing devices used by adversaries and our own forces continues to grow, the utility (and threat) of malicious EM activity will continue to increase. The consequence of this exponential rise in the number of connected electronic devices (or ‘Internet of Things’) is a growing number of communication paths, both civil and military, which are potentially vulnerable to electronic attack. This is a real problem because developed nations rely so much on the transfer of information over wireless networks to underpin their critical national infrastructure.
The growth of wireless communications is a good example. A fibre optical cable buried under a layer of soil and concrete is fairly robust from an exploit. However, that data may later pass via a point-to-point microwave wireless link, before moving back underground. That microwave link is a lot easier to access, interfere, deny or disrupt with than the fibre/cable network it serves, negating the inherent security of the subterranean cable network.
Military IoT – the challenges
Defence is pursuing the ‘Military IoT’ in many forms and different projects. The prospect of increasingly wireless-delivered military capabilities does offer many benefits, but faces the same EM-driven drawbacks that threaten conventional IoT systems. As such, there is a large opportunity to use commercial or civilian technologies in the military environment, to save on large investment in R&D and to capitalise on learnings from those industries.
A true military IoT may be very hard to secure from EM tactics view-point, particularly when introducing technologies from outside the industry. An Open Standards architecture approach clearly has economic benefits but the security and resilience aspects in the defence context need close scrutiny to enable the benefits can outweigh the potential risks.
One method claimed by advocates of open standards as a benefit for resilience is to use multiple redundancy, or meshing, in the field. However, this would require a critical mass of redundancy in the system and the specific nature of defence operations which often require fairly unique tools (e.g. fighter jets), as well as economic factors, make this difficult in these scenarios – you would need a significant amount of devices to achieve true redundancy and only some of those are affordable and deployable with ease.
Perhaps one solution would be to simply turn off the connected technology during a conflict scenario, to operate under the assumption that it would be denied; or at least use this method when preparing for combat, so teams would know how to approach with confidence.
Operating in the IoT era
In the near future, you could imagine a ‘two track’ military. One element possess sophisticated capabilities that depend heavily upon electronics and IT (for example, robotic automated systems, or highly sensitive targeting sensors and software). The second would be a non or minimally-electronic group that would sacrifice electronic capabilities in order to operate in EM-denied or contested environments. The nature in which the correct path is chosen is through the core approach of: Assess; protect; detect; respond and recover. By implementing the correct situational awareness, forces can determine what is needed and respond or recover as required by the situation at hand.
There is a mature discipline around Electronic Protective Measures (EPM) - for example, building blockers into receivers in order to protect them. As of late, however, the trend has been to move away from protecting electronic systems, as protection inevitably adds size, mass and cost to the system and can also degrade operational performance. Protection is often traded-out for increased performance or sensitivity.
The industry is active in several technology areas related to EM interference mitigation and warfare. Human senses have no way to detect EM radiation at the frequencies/wavelengths presently used for wireless data and communications links (like IoT). As a result it is very easy to misdiagnose interference, or device upset or failure, as a hardware or software fault. This is why situational awareness of the EM environment (and the EM spectrum) is so important.
The best way to solve a problem is to first know that you have one: so new solutions in situational awareness and detection are the first step in ensuring operational continuity. Work is also being done on other kinds of resilience, for example: reducing the electronic signature of electronic systems or improving the protection of systems from EM attack.
Essentially, the civil world is making greater and greater use of the EM spectrum, but without a full understanding of its vulnerabilities. And there is another issue: defence is making greater use of this civilian infrastructure - for example, the mobile phones so commonly used by soldiers, supply chains run by civilian contractors, remote drone operating bases operated from home territory many miles from the front line, and so on. And, as the number of these electromagnetic contact points increase, so will the incidents of accidental and malicious EM interference. In instances of ‘grey zone’ conflict (strategic actions taken beneath the threshold of open war), EM vulnerabilities will be exploited in order to attack a nation’s infrastructure directly but deniably. This is likely to get worse over time.