N A T ION A L S E C U R IT Y • E N E R GY & E N V IR ON ME N T • H E A LT H • C YB E R S E C U R IT Y

© SAIC. All rights reserved.

Defense and Maritime Solutions Advancing the Operational Readiness of the V-22 Osprey Fleet via Cloud-Based Analytics (A Work In Progress)

John N. Wood, Ph.D., Systems Engineering Manager March 2013

SAIC.com

© SAIC. All rights reserved.

Agenda

• Our Role • How Did We Get Here? • V-22’s Information Capital Initiative • Our Approach • Cloud Computing Interlude • Overview Of Supporting Architecture

2

SAIC.com

© SAIC. All rights reserved.

Our Role

3

SAIC.com

© SAIC. All rights reserved.

Fixes IETM problems ID’d by Blue Ribbon Panel

Integrates IETM and ground station for directed trouble-shooting and reduced ambiguity

Adds maintenance data, BRB results, NAVFLIR records, TARs, and other sources for increased context, enabling drastically improved speed and accuracy of analytics

How Did We Get Here? Like Amazon®, It All Started With Delivering a Book…

4 IETM = Interactive Electronic Technical Manual BRB = Built-In-Test Review Board NAVFLIR = Naval Aviation Flight Records TARs = Technical Assistance Request Amazon is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.

SAIC.com

© SAIC. All rights reserved.

Today…

5 Adapted from: http://en.wikipedia.org/wiki/File:Systems_Engineering_Process_II.svg

SAIC.com

© SAIC. All rights reserved.

Tomorrow…

6 Adapted from: http://en.wikipedia.org/wiki/File:Systems_Engineering_Process_II.svg

SAIC.com

© SAIC. All rights reserved.

Information Capital

• Information Capital bridges the gap between logistics, engineering, and other stakeholders by providing total visibility on all aspects of the V-22 fleet – Permits holistic approaches to readiness and cost savings – Provides feedback from active fleet to engineers to address root cause – Automates mundane tasks, providing analysts more time to analyze – Identifies early indications of new or changing trends – Promotes collaboration and reuse within the community

7

SAIC.com

© SAIC. All rights reserved.

Information Capital Roadmap

8

Collect Connect Warehouse Analyze Act

ENABLING INFRASTRUCTURE •Data Collection •Reactive Maintenance •Time-Based Inspection/Overhaul

DATA CONSOLIDATION •Knowledge Development •Fault Diagnosis •Remaining Useful Life Calculation •Inspection Targeting

INFORMATION CAPITAL •Decision Support Toolsets •Prognostics and Optimization •Proactive Maintenance •On-Condition Inspection/Overhaul

SAIC.com

© SAIC. All rights reserved.

Our (Informed) Approach

• Understand the tenants of knowledge management (KM) (Michael Stankosky, D.Sc., founder of KM) – Leadership – Organization

• Build a KM framework (Bernard Lewis, Ph.D., architect of JFCOM’s KM system) – Text and data mining – Integration

• Field capabilities deliberately (Bernard Lewis, Ph.D., architect of JFCOM’s KM system) – Apply Fichman’s results-driven incrementalism – Integrate with Kotter’s organizational change methodology

• With an approach enabled by – SoSE fundamentals (Jo Ann Lane, Ph.D., co-author of DoD’s SoSE Guidebook) – Agile management style (David F. Rico, Ph.D., professor of innovation management) – Cloud technologies (John Sahlin, Ph.D., U.S. Navy CANES architect)

9

– Technology – Learning

– Collaboration – Expertise location

SoSE = System of Systems Engineering CANES = Consolidated Afloat Networks Enterprise

SAIC.com

© SAIC. All rights reserved.

Cloud? Is that safe?

10

According to Gus Hunt, CTO of the CIA: Elaborated by INSA Report:

Cloud computing may be more secure than the traditional client-server approach.

CIA technology chief says cloud is more secure than traditional approaches (ComputerWeekly.com, October 2011)

Information security can be enhanced through a cloud computing approach, but

only when it is built into the model’s design. Cloud Computing: Risks, Benefits, and Mission Enhancement for the Intelligence Community (Intelligence and National Security Alliance, March 2012)

INSA = Intelligence and National Security Alliance

SAIC.com

© SAIC. All rights reserved.

Introduction to Cloud Computing

• Security • Definition • Why Move to the Cloud? • Money for the Mission • Cloud Service Models • New Capabilities • Conclusions Regarding Cloud Computing

11

SAIC.com

© SAIC. All rights reserved.

Definition

12

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network

access to a shared pool of configurable computing resources (e.g., networks, servers,

storage, applications, and services) that can be rapidly provisioned and released with minimal

management effort or service provider interaction.

Special Publication 800-145: The NIST Definition of Cloud Computing (National Institute of Standards and Technology, September 2011)

SAIC.com

© SAIC. All rights reserved.

Why Move to the Cloud?

For us • Necessity! Current, accessible data centers could not support the technologies

and data volume required for Information Capital success

In general (per the U.S. Chief Information Officer) • Economical: Cloud computing is a pay-as-you-go approach to IT, in which a low

initial investment is required to begin, and additional investment is needed only as system use increases.

• Flexible: IT departments that anticipate fluctuations in user demand no longer need to scramble for additional hardware and software. With cloud computing, they can add or subtract capacity quickly and easily.

• Fast: Cloud computing eliminates long procurement and certification processes, while providing a near-limitless selection of services.

13

25 Point Implementation Plan To Reform Federal Information Technology Management (U.S. Chief Information Officer, December 2010)

SAIC.com

© SAIC. All rights reserved.

Money for the Mission

• Eight out of every 10 dollars spent on IT is “dead money" focused on common infrastructure versus mission-specific applications

• Use of third-party cloud providers is an extension of current IT subcontracting practices that has the potential to further reduce “dead money”

14

Gartner Says Eight of Ten Dollars Enterprises Spend on IT is "Dead Money" (Gartner.com, October 2006)

0% 50% 100%

Possible

Traditional Infrastructure Mission

SAIC.com

© SAIC. All rights reserved.

Cloud Service Models

15

Adapted from: http://en.wikipedia.org/wiki/Cloud_computing

IaaS: Infrastructure as a Service

PaaS: Platform as a Service

SaaS: Software as a Service

Cloud Clients

SAIC.com

© SAIC. All rights reserved.

But That’s Not All…

16

Government agencies that have just moved to the cloud may find that their architectures are not truly optimized to take advantage of cloud technologies.

This flows from incorrectly equating data center consolidation and virtualization to

cloud computing.

How to Manage the ‘Cloud’ for Greater Cost Savings (National Defense, November 2012)

SAIC.com

© SAIC. All rights reserved.

New Capabilities (Subset)

• Snapshots of machines and storage drives – Executable image file stored as data that describes the machine and/or storage drive

“instance” – Examples: Trusted image (“last known good”), historical image (executable scientific

research)

• Horizontal scaling – Launch (or retire) multiple instances to address customer fluctuations

• Activity-based rule sets – Monitor usage and/or performance and automate horizontal scaling

• Multiple availability zones – Instances can be executed in new availability zones to address expected or unexpected

disruptions

• Latency-based DNS – Automatically direct traffic to certain availability zones based on actual performance

17

DNS = Domain Name Service

SAIC.com

© SAIC. All rights reserved.

Use Case: Chaos Monkey

• Created by Netflix, now open source tool available to Amazon Web Services® users

• Randomly and purposely disables production instances

18

Netflix Open Sources Chaos Monkey (TechCrunch.com, July 2012)

Continually tests resilience of architecture

Refreshes images to “last known good”

Ensures baseline is maintained

Reduces impact of malicious attack

Automates update process

Amazon Web Services is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.

SAIC.com

© SAIC. All rights reserved.

Conclusions Regarding Cloud Computing

• Cloud computing is a viable option for the commercial world as well as the DoD – USAF MFOQA program of record received DIACAP certification (MAC III, Sensitive) on

AWS® Commercial Services

• Shifts infrastructure burden to IT/cloud professionals, enabling resources to focus on mission – Reduces “dead money”

• Allows for greater capabilities (including greater security), if properly engineered – Trusted images, horizontal scaling, multiple availability zones, etc.

• Aligns with U.S. CIO’s “Cloud First” policy – Zero capital investment, scalable infrastructure, and immediate access to powerful

compute resources

19

AWS is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.

SAIC.com

© SAIC. All rights reserved.

Readiness Information Center (RIC) High-Level Architecture

20

Data Staging

Trans-formed Data

Knowledge Base

Data Mart

DECK-PLATE

Flight Data

Data Mart

Data Mart

Data Mart

Data Mart

Data Mart

Authoritative Data Sources

(Subset)

Repository

Portal Single Sign-On

Modular Tools and Widgets (Subset)

Time Series Analysis

Security/ Admin Tool

Ad Hoc Query

Data Mining

Report/ Graph Gen

Etc.

SAIC.com

© SAIC. All rights reserved.

“Agile” Approach

21

Data Staging

Trans-formed Data

Knowledge Base

Data Mart

DECK-PLATE

Flight Data

Data Mart

Data Mart

Data Mart

Data Mart

Data Mart

Authoritative Data Sources

(Subset)

Repository

Portal Single Sign-On

Modular Tools and Widgets (Subset)

Time Series Analysis

Security/ Admin Tool

Ad Hoc Query

Data Mining

Report/ Graph Gen

Etc.

Increment 1 Increment 2

SAIC.com

© SAIC. All rights reserved.

RIC Increment 1 (October 2012)

• Goal: Maturation of support processes – Consistent data ingest – Execution of ETL processes – Maintaining software updates

• Architecture: Single tool supported by single data mart updated weekly • Identified

– Support functions (documented on wiki) – Software bugs and improvements – Desktop patches/updates required

• Surprised by – Technical limitation of local data center – Financial burden of “large” data storage – Effort required to condition data

22 RIC = Readiness Information Center ETL= Extract, Transform, Load

SAIC.com

© SAIC. All rights reserved.

RIC Increment 2 (December 2012)

• Goal: Test the feasibility of leveraging cloud computing concepts – Built using Amazon Web Services® GovCloud – Separate region designed for sensitive, defense-related data – Physically and logically accessible by U.S. persons only – Supports existing security controls and certifications such as FISMA and FIPS

140-2-compliant end points • Architecture: Array of analysis tools and widgets integrated via OWF and

supported by multiple data marts updated weekly • “Environment agnostic” design philosophy

– Pro: Allows easy transition to military data center – Con: Limits use of enabling technologies provided by cloud vendors

• Evaluation in progress; however, outlook is promising!

23

RIC = Readiness Information Center FISMA = Federal Information Security Management Act FIPS = Federal Information Processing Standard OWF = OZONE Widget Framework Amazon Web Services is a registered trademark of Amazon Technologies, Inc. in the U.S. and/or other countries.

SAIC.com

© SAIC. All rights reserved.

Availability Zone

m1.large 850 GB persistent EBS

m2.xlarge

Accumulo

OWF

m1.small

m2.xlarge

Portal

TCWI

m1.small

S3 Buckets Encrypted

Store of baselined AMI snapshots Store of EBS Data Marts: Accumulo and cube data

Data Extracts

Extract,

Transform,

Load (ETL)

Processors

V-22 Flight Data

Raw Data File (RDF)

Maint & Supply Extracts

Data Staging:

Cleansing and Enriching

96 GB persistent EBS

•10 Instances •5.2TB persistent storage

RIC AWS® Data Flow

24

6x M1 Large Instance: 7.5 GiB of memory, four Amazon EC2® Compute Units, 850 GB of local instance storage 2x M2 (High-Memory) Extra Large Instance: 17.1 GiB memory, 6.5 ECU, 420 GB of local instance storage 2x M1 Small Instance: 1.7 GiB of memory, one EC2 Compute Unit, 160 GB of local instance storage

RIC = Readiness Information Center EBS = Elastic Block Store OWF = OZONE Widget Framework TCWI = T-Cube Web Interface EC2 = Elastic Compute Cloud AWS and Amazon EC2 are registered trademarks of Amazon Technologies, Inc. in the U.S. and/or other countries

SAIC.com

© SAIC. All rights reserved.

The Future?

25

Engineering

Storage

Analytics

Supply

Flight

Virtual Private Cloud

analytics analytics

Data Mart

Data Mart Data

Mart

Data Service Data Service Data Service

app

Text Mining

Information Capital Portal

widget

Continual Improvement

Test widget

Test and Integration Environment

Prototype

widget

Users

Continuous Learning

Delivery

Maintainers

Data Mining

Fault Viewer

Standard Reports

Visual Analytics

Support Staff

Maintenance

25

SAIC.com

© SAIC. All rights reserved.

Thank You

John N. Wood, Ph.D., Systems Engineering Manager 4015 Hancock Street | San Diego, CA 92110 Tel: 619.254.7435 | Email: John.N.Wood@saic.com Visit us at saic.com

26