ABERDEEN PROVING GROUND, Md. (March 20, 2017) - U.S. Army engineers have developed new technology to enable Soldiers to have better situational awareness while saving the Army time, money and manpower. The technology will configure, inventory, sanitize and restart Type 1 High-Assurance Internet Protocol Encryptor, or HAIPE, devices from one platform in a central location.
Developed by engineers at U.S. Army Communications-Electronics Research, Development and Engineering Center, known as CERDEC, the Common HAIPE Interoperable Manager for Efficient Remote Administration, or CHIMERA, allows for remote configuration, management, software update and cryptographic key loading of multiple modern Inline Network Encryptors, or INEs, from the three major device vendors currently deployed within the Army inventory.
Currently, Army management must be done from multiple hosts, each running on its own unique vendor management software. By creating and using universal software, CHIMERA offers the potential to save the Army time, money and manpower.
“We realized we had three different HAIPE managers, and each one required its own unique laptop, resources, licensing and associated logistics of costs,” said Patrick Doyle, Cyber Security Information Assurance Division lead electronics engineer. “It’s a huge cost to the Army every single year in terms of licenses and ancillary costs such as the need to have unique hosts, operating systems for each software, as well as risk of running outdated software required by the vendor management software to run on said hosts, which gives us a lot of problems in the cyber realm. It can leave our host vulnerable to attack.”
Doyle was one of several CERDEC Space & Terrestrial Communications Directorate Cryptographic Modernization Branch engineers who traveled to South Korea in January to perform a limited user test, or LUT, sponsored by the Program Executive Office: Command, Control and Communications-Tactical, or PEO C3T’s, Product Lead COMSEC Cryptographic Systems, or PdL CSS, to determine if CHIMERA will be released Army-wide.
CHIMERA originally started as a proof of concept engineering test tool in 2014 to see if engineers could successfully manage multiple vendors from a single interface, on a single platform. In January of this year CHIMERA was transferred to PdL CCS to become a non-program of record.
Although South Korea has agreed to host the first operational LUT, several pilots have been previously held with other agencies like the Defense Intelligence Agency, the National Security Agency and the National Reconnaissance Office. CHIMERA has also been tested multiple times by the Army, Navy and Marines.
The biggest help for the Soldier will be in situational awareness.
“Soldiers only have one Common Access Card, or CAC,” Doyle said, “and with every one of our laptops, when a Soldier pulls out their CAC it locks them out. If they have a current system that requires them to monitor all three of their different vendors’ software, and they have to log out and log in to each box, Soldiers don’t have full situational awareness of their cryptographic networks. Soldiers could be looking at one system and say, ‘everything across the board is green.’ But there could be a cyber-attack on another system they are not logged into. Soldiers have no full situational awareness of their full network.”
Prior to the development of CHIMERA, the current software available on the market only provides a limited subset of what CHIMERA can accomplish. The current software options also come with licenses that can range from around $10,000 to $67,000 per license, per network.
“We realized there is big potential to start shifting toward a universal management,” Doyle said. “As it was, there were only a few vendors currently on the market. So without competition there was no innovation. The problem was we had networks that are primarily two different vendors. If you have two different vendors and send cryptographic material from one to the other, you don’t know if it got there. CHIMERA solves this problem by being able to immediately verify receipt when transferred over the network.”
The innovative software is the product of three entity partnership between PEO C3T; the Communications Security Logistics Activity, or CSLA; and CERDEC.
Each of the three organizations has its own role in CHIMERA. All of the managing, funding and purchasing is handled by PEO C3T, while CSLA is responsible for all of the logistics, technical manuals and product lines, and CERDEC is the developer and the prime entity responsible for the integration work, help desk support, engineering, tests, and improvements to the software.
"We still need to engage with higher leadership before moving forward with releasing CHIMERA for Army use," said Kimoanh Le, Secure High-assurance Interoperable Encrypting Link Device acting assistant program manager for PEO C3T's Cryptographic Systems Program Management Office Network Enablers.
The U.S. Army is now in the process of venturing out into the market as the only universal manager with CHIMERA. And because CHIMERA is government owned, it will be offered at no cost to the government.
Media inquiries may be directed to the CERDEC Corporate and Public Communication Office.