Interview: Lt. Gen. Jeffrey Sorenson, Army CIO

Data sharing in a world without flash drives

Lt. Gen. Jeffrey Sorenson, the Army’s chief information officer since late 2007, has spent more than 20 years in military information technology acquisition and has directed numerous science and technology integration programs for the Army. He spoke with Defense Systems contributing editor Barry Rosenberg about how the Army is coping without flash drives, how he intends to improve data quality and governance, and what he has on the agenda for fiscal 2010 priorities.

DS: How has the banning of flash drives affected the way the Army shares data?

Sorenson: Clearly it has had some operational impacts, which we didn’t have full cognizance about at the outset. When the dictate was put out that thumb drives were no longer going to be allowed, it did have some operational implications because this was how different orders, missions and organizational information were transmitted from headquarter to headquarter. Over time, we’ve had to go back and look at how it is we transfer data, and, clearly, the use of the thumb drive was one of these expedient methods by which information was passed between computers because we didn’t have a system set up properly to transfer the data. So, I don’t want to say it was a blessing in disguise, but it has helped us go back and look at precisely how we transmit data, what data is required, and how can we have that data transferred via the system versus manual thumb drive.

DS: How does this transfer of data happen within the system?

Sorenson: As an example, I’ll go back to the Army Battle Command System. This data was essentially built for functional use.… You had an intelligence system built for the intelligence community, and a fires capability where fire missions were developed. It was functionally oriented. So in many cases, transmitting data was essentially exchanging data on databases. Clearly, the systems were never developed to allow that to happen because they were functionally oriented and not horizontally oriented.

While data rested within a particular functional capability within a database, another user who didn’t need all that data but needed some elements of that database would strip off what he needed and put it on a thumb drive rather than try and populate all that data. Same thing with air tasking orders and things of that nature. The way these particular missions and tasking orders were built was essentially off Excel spreadsheets or systems like that. They were populated from one particular laptop to another because the systems weren’t built to allow data transmission.

So we’ve had to go back and take a look at how can we break down some of the ways by which our data is transmitted and to solve some of these problems through use of the net and Web hosting.

DS: Can Army Knowledge Online play a role in data sharing?

Sorenson: In some cases the answer is yes, but it still poses a considerable challenge because we have not built our systems to essentially effect the data-to-data transmission. It is now system to system. And until we get systems like the [Future Combat Systems'] Battle Command system, otherwise known as [the System-of-Systems Common Operating Environment], out to the field, where they are built on a service-oriented architecture that are essentially drawing data and using modules, we’re going to continue to be pressed with the need to transfer data through either AKO or hosted on a shared drive.

DS: Can you estimate a time frame when that may happen?

Sorenson: I think for the entire Army to do that will be a number of years in the future. We are at this time developing battle command capabilities like the [FCS] that will begin to mitigate that. We also have capabilities like the Command Post of the Future that is beginning to provide for collaboration and use of data transmitted via the system. And there is the whole concept of the network service center by which data can be forward-staged and transmitted via the network as opposed to people picking up their hard drives, or, in this case, what used to be thumb drives or servers, and moving them. We’re still a number of years in the future before we have a net-centric or net-enabled capability that can be used to share data.

DS: You were in Germany to oversee the operational evaluation for the first network service center. What are some of your goals for the operational validation?

Sorenson: We’re excited about the [operational evaluation] because we’re not only looking at the technical issues of how do we make this happen but also the operational piece. How do we make sure a unit can deploy seamlessly and basically transfer their data, transfer their applications via the net, as opposed to picking up servers and all that peripheral capability and putting it in a ship or an airplane and then transporting it? There are also some training objectives we’re looking at in terms of what do we do [to get] this unit prepared to deploy.

And most importantly, what is this doctrine on how we fight the network? How is it that a network service center actually functions in that operational environment…all the protocols, all the operational tactics, techniques, procedures. … There’s a lot of information we hope to get out of it.

DS: Was there anything to be learned in preparation for the operational validation?

Sorenson: It has been enlightening. We learned about the firewalls, for example. Unbeknownst to a lot of folks who had architected what needed to be done for the [operational validation], there were other forces in play that put different restrictions on data being transferred. When the data wasn’t getting transferred, lo and behold, we found the existence of firewalls that people had not planned for. So there’s a lot there, and we have yet to learn how to make this an operational capability that can deploy forward so that the network is there for the soldier, and he doesn’t have to bring the piece parts with him when he leaves.

DS: What are your thoughts on the Obama administration's plans to create a Pentagon command to coordinate security of military computer networks?

Sorenson: I think it’s a good idea. In many cases, as we’ve learned through the most recent Army “Rampart Yankee” and [Defense Department] “Buckshot Yankee” exercise — where we had to go off and remediate computer systems because of some infected thumb drives — that was a rather laborious, manually intensive effort to essentially achieve a capability that we would like to have, which would be machine to machine. Today, you sign on, and if you’ve got the Microsoft operating system, you typically will get a notice in the machine that notifies you of the update. And whether you have a legitimate copy of that software or an illegitimate copy, Microsoft knows of every machine that has a Microsoft operating system and, as a consequence, can continue to update the software to prevent malicious code from continuing to be propagated. That ability to do machine-to-machine updates, machine-to-machine visibility of the network, and machine-to-machine control of the network, will be necessary in the future. Today, we don’t have that capability.

DS: Do any of the individual military services have the capability with their systems?

Sorenson: Negative. So I think what came forward there with that whole operation is how we have built out independent service networks and built them such that is difficult to get to the machine-to-machine updates, or even an understanding of the visibility of what’s on the network. And we all struggled with that as we walked through trying to count the number of computer systems that were operating, either on the [Secret IP Router Network]  or the [Unclassified but Sensitive IP Router Network]. That said, this whole notion of beginning to bring together the computer network defense, computer network operations, the exploitations, the attack … putting that all together so that it becomes a seamless organization makes imminent sense to me.

DS: You’ve expressed your desire for better data quality and governance. Where are you at this point?

Sorenson: We’ve been very successful in this respect. We have at least got the organization put together, and it's beginning to go off and do some great things. We’ve built an organization here that is essentially off now defining and working with what we call “data stewards” that are essentially the proponents within the functional domains as well as within some of the major commands that have the responsibility for validating authoritative data sources. We have expanded the team to include Dr. Richard Wang from [the Massachusetts Institute of Technology], who is a national asset in terms of understanding data quality and in terms of making sure the data is of sufficient quality to essentially make the point that they are authoritative data sources. We also have recently acquired an individual named Dan Jensen who essentially did a lot of the same type of work for the Navy at the Fairfield Data Center in California. And we’ve brought on the data center of excellence folks from the Fort Monmouth organization run by Judy Pinsky.

DS: They are the stewards?

Sorenson: They each have some individual responsibilities to work. What we’ve done is to begin to dissect their areas of responsibility. Judy Pinsky has got the lead on data services and tech support. Dan Jensen is going to be the lead on the data framework. Professor Wang has the lead on quality. We’ve got our group working on policy guidance. So we’re off on two use cases that we are building now — collecting the authoritative data sources to satisfy these use cases.

One you probably read about in the newspaper with respect to suicides by Army members. Clearly, we had to go back in and dig through a lot of different data sources to begin to pull out the systemic issues that are resulting in what has been an increase in Army suicide over the last year or so. And clearly, we had to get into data that the Army surgeon had, some of the data that the G1 had, and some of the data that the Human Resources Command had. So we had all these different data sources, not any of which had the same data, and began to pull those piece parts of data to do some analysis to help try to figure out why we were having this issue. So that’s going on right now with the G1 and the vice chief of staff.

The second use case is what we call the executive management system, by which the G3 of the Army has tasked us to assess and help provide some authoritative data sources for measuring the readiness and operational capabilities of the Army on a daily basis. [We’re] trying to determine those data sources by which we can provide some business intelligence to the G3 in terms of what is the status of the Army on a minute-by-minute basis. He can pull this up and look at it any time he wants. So our organization has gone to talk to the Army Materiel Command, forces command, [Army’s Training and Doctrine Command], and a number of the different functional areas such as battle commands to begin to identify those authoritative data sources by which we do different functions within the Army. It’s a monumental effort at this point in time to try to clean up what data we use — but also more to the point, finding those single sources of truth that we need to operate and propagate as opposed to finding data that is not authoritative data but derived data or enhanced data. We want to get to the data source and make that available, accessible and discoverable by anybody who needs it.

DS: And there are multiple sources of truth, I would imagine.

Sorenson: Well, that’s the problem we’re having. The suicide issue, for example: We have different points of view depending on what data they’re pulling. So we had to take these different data sources, pick out the authoritative data, put it all together to create a better picture for those that could do some judgments, do some, if you will, business intelligence assessments on effectively what was some of the causes for what we were seeing here. So from a success standpoint, I’d say we’ve put together a robust organization. We’ve put together an organization that’s working together to get at the different aspects of trying to essentially manage this data from all aspects, especially policy and guidance frameworks, services, architecture, quality, all those different aspects, to really standardize the processes by which we use data.

DS: What are your fiscal 2010 priorities?

Sorenson: First, we want to make sure we can fund the entire transition to the Global Network Enterprise Construct. We’re talking about funding to field the follow-on fixed regional hub nodes, and our ability to establish the area processing centers. Right now, we have a request in to the Army staff about standardizing the toolsets we use to evaluate the network across the different theater network operations security centers.

We have some other improvements from the tactical side: clearly the Warfighter Information Network-Tactical program, certainly the rifleman radio, and trying to make sure we continue to forge forward with a new tactical radio system. Those are the primary focus areas.

About the Author

Barry Rosenberg is editor-in-chief of Defense Systems. Follow him on Twitter: @BarryDefense.

Reader Comments

Mon, Aug 17, 2009 Lynn Rolf Ft leavenworth

100% agree with Ed's comment. It(cross domain) is here today..educational institutions are very needful of a NIPRNET and ABCS cross domain solution ..in the classroom we have learned how to go "thumb-drive-less" but there is impact to our educational outcome primarily due to time, ease, and efficient collaboration in a staff setting.

Sun, Aug 16, 2009 Ed Hammersla Herndon, Va

Great interview with Lt. Gen. Jeffrey Sorenson but it is very interesting that he does not mention implementing a cross domain solution to solve the Army’s data sharing requirements – nor does the interviewer even raise this question. General Sorenson makes several comments about the end game being able to “seamlessly transfer data across various security levels and horizontal functions.” His comments all but define cross domain solutions for accessing and transferring data. Cross domain solutions are available today and allow authorized users to access and transfer data between multiple security domains at differing classification levels from a single desktop while meeting the government-mandated security requirements to protect the information. The government has even established the Unified Cross Domain Management Office (UCDMO) to help Agencies tackle this very issue. Perhaps Defense Systems can develop an article that helps educate the readers on cross domain solutions and how they are the answer to replacing the flash drive and other mobile devices. And it can be done today.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above