Research in Motion has long-held a stranglehold on all things mobile with the U.S. DoD. Time goes on, and things change. After being turned down by Apple to have access to the iOS codebase, both the Defense Advanced Research Projects Agency (DARPA) and the U.S. National Security Agency (NSA), have announced the release of separately developed hardened versions of the Android operating system (OS) in the past year. More notable was the related DARPA pilot program that deployed smart phones running the hardened version of Android to be tested in combat by the 3rd Brigade of the 10th Mountain Division in May of 2011. The field test leveraged the DARPA Transformative Apps program to make soldiers more effective in the field by taking advantage of the open ecosystem provided by the Android platform and continues in development and testing.

Wartime Deployment of Android

The wartime deployment of secure Android-based mobile devices is a first for the U.S. military. Although RIM’s Blackberry is the primary Enterprise

Spc. Tanner Layton of 1st Combined Arms Battalion, 5th Brigade, 1st Armored Division, communicates with key leaders via a headset using a smartphone application during a field training exercise at White Sands Missile Range, N.M. Credit: Lt. Col. Deanna Bague

solution for DoD unclassified email, the functionality of Blackberry apps has not kept pace with Android and iOS. The DARPA pilot program leverages the small size of smart phones (Android), while providing specific military applications developed to aid the warfighter in the field. For the initial field-test, the entire infantry brigade was equipped with Android devices that allowed soldiers to load imagery (Tactical Ground Reporting system or TIGR), and other combat related data onto the devices. There were a total of 12 apps developed by DARPA for the initial combat deployment of the Android devices. Other functionality tested during the testing was the ability for soldiers to develop their own applications in theater to meet needs in the field. These included additional mapping functionality as well as a search and rescue app.

Lessons Learned from Combat

It may be shocking to some who have never visited the “Hinterland” regions of the world, but in the mountains of Afghanistan and other benign locations that the military operates one cannot assume that there will be WiFi or a cell tower nearby. Realizing this prior to the deployment of Android devices to the front-lines, many of the apps deployed were designed to operate in a disconnected fashion. Updates of fresh, high-resolution imagery could be accomplished back at the HQ (headquarters) of the unit, but an ongoing challenge to complement the mobile technology now being deployed is how to rapidly process mapping data in hours vice days or weeks to distribute to those who need it most. Another lesson “re-learned” is that soldiers will make less-than-perfect technology or equipment work no matter the obstacles if the technology is useful. The smart phones were able to replace the previously used small computers that were bulkier for soldiers already maxing out the gear taken to the field. For the initial deployment, the smart phones had to be connected to Harris AN/PRC-117G tactical radios in order to connect to the DoD battlefield communications and data networks while deployed away from forward operating bases (FOBs).

Making Android More Secure

For the current deployment of Android, DARPA customized (or should we say “forked”) Android 2.2 and built a secure host system. In addition to hardening the Android stack, data at-rest and pure data authentication was added to the OS in order for the software to validate data integrity. Before deployment to the field, the DARPA version of Android was tested and evaluated during two events at White Sands Missile Range, New Mexico and Fort Bills, Texas at the Army’s Network Integration Evaluation. Testing continues in CONUS-based(continental United States) exercises to fix issues found during the deployment and added capabilities under development by DARPA and related organizations.

NSA SE Android Project

A similar USG (U.S. Government) research project using the Android OS is the NSA’s SE (Secure Environment) Android build. Android SE is a secure version of the OS developed by the NSA and was released to the open source community this past January. One of the primary benefits of the NSA build or fork of Android is that it provides stronger ways to isolate apps from both the OS and each other, separates data from application processing, and forces Android-based devices to share information in a more secure manner.

The commercial version of Android; however, relies on discretionary access controls which allow the user or owner of the device authority to over-ride protections. The SE build locks down the security policies on the device which helps prevent malware from running hidden processes on the smart phone or tablet and is better hardened against computer malware. If you are interested in checking out the NSA SE release of Android, it is available under an open source license.

DARPA Transformative Apps Project

Army Android Phone Apps

Spc. Michael Torrez takes a photo with a smartphone of a mock insurgent role-played by Sgt. Jason Bruscas. Torrez is testing the phone application that will allow soldiers to identify an individual automatically through biometrics. Both soldiers are assigned to 1st Combined Arms Battalion, 5th Brigade, 1st Armored Division. Credit: Lt. Col. Deanna Bague

The DARPA Transformative Apps Project is designed to create a wide variety of military-relevant software apps. In the initial combat deployment test of the hardened Android devices, 12 apps were released under the program and made available through a military apps marketplace. The ultimate objective for the program is to make new capabilities available for use in the field in a rapid but effective acquisition process. What has not been published by the DARPA team yet; however, is what “vetting” process these apps go through for security validation, usability, etc. Since the military apps store is limited to those working directly with the project, there is likely less of a danger of purposeful malware, but the danger still exists requiring some type of validation process.

Recently, the U.S. Army launched a larger-scale version of the Army Software Marketplace prototype. The scope of the marketplace launch is a bit larger than the prototype used for the deployment testing. It is designed to delivery web-based or downloadable apps for any device approved to be used on the Army Common Operating Environment on the U.S. Army network. It may just be a matter of time before we start seeing apps created for military use that can fly small drones or UAVs similar to the recreational AR Drone Parrot that now supports the iOS and Android operating systems.

Next Steps for DARPA and Android

Now, we don’t know if the NSA and DARPA teams are working directly with each other, or if the DAPRA developers simply leverage the work NSA has done on Android. The short-term goals for the DAPRA project is to make it fully networked without having to connect the smart phones to tactical communications gear while in the field. If they are able to overcome the technical hurdles with directly connecting to the army tactical operations center (TOC), the soldiers will be able to link to alliance, NATO, or other military networks while in the field.

A follow-on  goal in the coming year is to allow the Android devices to connect directly to DoD servers located in rear areas to access current data and applications. By taking the TOC’s out of the required communications pipeline, soldiers will not have to worry about a loss of connectivity due to a loss of power or other issues with the forward compounds located in austere locations. Even with the greater goal of near-continuous connectivity; however, DARPA still intends on incorporating advanced caching and data synchronization in the event soldiers lose connectivity but still need out their mission(s).

Is the USG New to Open Source Development?

The short answer is no. It may be surprising to the inexperienced developer, but the open systems initiative at the U.S. Department of Defense started on November 29, 1994 when the Under Secretary of Defense for Acquisition, Technology and Logistics directed all DoD agencies use open systems standards and specs for acquisitions of weapons and related systems. Eventually the charter of the then created Open Systems Joint Task Force (OSJTF) transferred and now resides in the Office of the Assistant Secretary of Defense for Systems Engineering. The primary goal of the DoD embracing open standards is based upon it increasing the chances that future changes to a funded system can be done in a more cost effective manner than relying on proprietary standards.

Beginning of the End for the Closed iOS Ecosystem?

In the short to mid-term, the DoD adoption of Android will not likely have a significant impact on the closed iOS ecosystem. For a company who arguably had “more cash on hand than the U.S. Treasury” according to the Christian Science Monitor prior to hitting the debt limit late last year, the loss of being an early entrant to the DoD smart phone market is not yet a game changer. There is development work ongoing by the government to lock-down iOS to meet USG security standards; however, as Android gains market share throughout DoD, these efforts could find themselves going the way of other government cutbacks.