Uma arquitetura centrada em redes para sistemas de comando e controle militares

Current multi-domain military operations require flexible and adaptable forces that must be able to work with civilian agencies and coalitions in open terrain and urban scenarios. These challenges require informed decision making not only at headquarters but also at the edge of the battlefield, along with network-enabled capabilities and agile command and control (C2) systems. The C2 system should ensure the timely and secure exchange of information originating from networked devices such as radars, unmanned aerial vehicles (UAVs), sensors, armored fighting vehicles, and wearable devices. These networked sensors and effectors form the Internet of Battle Things (IoBT). In this work, a network strategy to achieve C2 agility in the heterogeneous IoBT environment by coupling the application and network in a multi-layer architecture is investigated. The proposed architecture leverages the Software-Defined Networking (SDN) paradigm to orchestrate network services using semantics-oriented data from technologies such as Information Centric Networks (ICN) and Delay-Tolerant Networks (DTN), and applies security mechanisms at the hardware, network, and application layers. Results from simulated scenarios show significant improvement in network metrics as well as network resilience to cyberattacks.As operações militares multi-domínio requerem tropas flexíveis e adaptáveis, que devem ser capazes de cooperar com agências civis e coalizões, tanto em terreno aberto como em cenários urbanos. Tais desafios requerem decisões informadas não apenas nos quartéis generais, mas também na frente do campo de batalha, combinadas com capacidades centradas em rede e sistemas de Comando e Controle (C2) ágeis. O Sistema de C2 deve garantir a disseminação de informação de forma oportuna e segura, obtida de dispositivos interconectados, como radares, veículos aéreos não tripulados, sensores, veículos de combate blindados e dispositivos “vestíveis”. Esses sensores e atuadores interconectados constituem a Internet das Coisas do Campo de Batalha. Este trabalho investiga uma estratégia de rede para obter agilidade de C2 para esse ambiente heterogêneo, acoplando a aplicação à rede em uma arquitetura com múltiplas camadas. A arquitetura concebida utiliza o paradigma de Redes Definidas por Software (SDN) para a orquestração dos serviços de rede, por meio de tecnologias orientadas a dados, como Redes Centradas em Informação (ICN) e Redes Tolerantes a Retardo (DTN), usando mecanismos de segurança nos níveis de hardware, rede e aplicação. Resultados preliminares mostraram uma melhoria significativa nas métricas de rede, bem como resiliência para suportar ataques cibernéticos

UAVouch: A Secure Identity and Location Validation Scheme for UAV-Networks

Emerging surveillance applications of UAV teams rely on secure communication to exchange information, coordinate their movements, and fulfill mission objectives. Protecting the network by identifying malicious nodes that are trying to disturb the system is an important task, particularly in the military domain. This paper presents the design and evaluation of UAVouch, an identity and location validation scheme that combines a public-key based authentication mechanism with a movement plausibility check for groups of UAVs. The key idea of UAVouch is to supplement the authentication mechanism by periodically checking the plausibility of the locations of neighboring UAVs, allowing the detection of intruders that are unable to follow expected trajectories. The proposed solution was evaluated in a simulated military surveillance scenario in which it detected malicious nodes’ position falsification attacks with an average accuracy of above 85%