Director, Operational Test & Evaluation
|FY97 Annual Report|
FY97 Annual Report
GLOBAL COMMAND AND CONTROL SYSTEM (GCCS)
|DISA ACAT IAM Program|
Total program cost (TY$) $750M*
Life cycle cost (TY$) $3B*
Full-rate production 4QFY96
Science Applications International Corp.
SYSTEM DESCRIPTION & CONTRIBUTION TO JOINT VISION 2010
GCCS is the central command and control (C2) system for achieving information superiority in the Joint Vision 2010. It is an integrated, reliable, and secure command and control system linking the National Command Authority (NCA) down to the Joint Task Force (JTF) and Component Commanders. As the top-level infrastructure for automated support to command and control (C2) operations worldwide, it provides seamless battlespace awareness, including a fused battlespace picture, by exchanging data, imagery, intelligence, status of forces, and planning information. GCCS employs client/server architecture using commercial software and hardware, open systems standards, office automation, government developed military planning software, and worldwide web technology. GCCS rides on the Secret Internet Protocol Router Network (SIPRNET) communications backbone or can be accessed from dial-in remote terminals.
The Joint Staff officially declared GCCS the System of Record (SOR) on August 30, 1996, and simultaneously shutdown the legacy system it replaced, the World Wide Military Command and Control System (WWMCCS). Earlier, WWMCCS had to be downgraded from Top Secret to Secret while the few truly Top Secret missions were rehosted onto a small hybrid subnetwork of WWMCCS mainframes and remote dial-in terminals, called the Top Secret Support System (TS3). In this fiscal year, TS3 was replaced by GCCS(T), a small GCCS-technology-based network exchanging top secret information through double encryption on the SIPRNET. Anticipating that this transition would culminate in a user decision of whether to declare GCCS(T) the SOR and shut down TS3, versus the more traditional acquisition decision, the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence developed a new type of management contract called an Evolutionary Phase Implementation Plan (EPIP). In conjunction, DOT&E incorporated many lessons learned from the original GCCS v2.1 fielding into the planning process associated with the EPIP. In this process, GCCS does not constitute a centrally managed and funded joint program because each Service and Agency manages and funds the migration of their C2 systems to GCCS-developed standards. This new approach became the model for the next much more challenging upgrade, GCCS v3.0, which involves changing the operating and database management systems, which places backward compatibility limitations on the transition. This testing will be done in FY98.
TEST & EVALUATION ACTIVITY
The Joint Interoperability Test Command (JITC) of the Defense Information System Agency (DISA), planned and conducted OAs on several upgrades to GCCS and on GCCS(T), in compliance with the TEMP. An OA, conducted December 10 to 20, 1996, evaluated the GCCS v2.2 upgrade at CENTCOM. It confirmed that v2.2 was ready for fielding, but the installation process needed to be faster and several problems warranted fixing. For the GCCS(T), the Joint Staff and the JITC assessed the operational risk in order to tailor the level and scope of testing. Even after adding a functional operations period for installation check out and minor fixes, transition from the laboratory to a stable, fully networked, and secure configuration in the field was problematical. During the set up and testing period from April 29 through June 25, 1997, there were two repeats of an end-to-end scenario exercise, an independent side test, and a final OA. In parallel, security testing took just as long to complete in time for a June 26 SOR decision. Anticipating similar transitional problems, the test plans for v3.0 include multi-stage independent DT&E, appropriate exit criteria before involving large numbers of operational users in an OT&E, and operational testing of both the installation-transition and the C2 processes.
TEST & EVALUATION ASSESSMENT
The GCCS(T) successfully completed a simulated crisis planning exercise culminating in a successful downgrade and transfer of the resulting operational plan into the Secret GCCS system for execution. GCCS(T) can access status of forces information on GCCS and can interoperate with the Marines' deployable system. After security testing, the Joint Staff granted GCCS(T) interim authority to operate at the Top Secret level. The Defense Special Weapons Agency (DSWA) conducted parallel tests of their specialized capabilities and found no significant problems. However, testing also revealed the following anomalies with the non-DSWA capabilities, which are listed in descending order of operational impact: intermittent problems and delays logging on, occasional database error messages during stress testing, inability to send Focal Point (a commercial security application) messages from two sites, and serious formatting errors in printing at two of the five test sites. Because these problems were not debilitating and GCCS(T) performed much better than TS3, the Joint Staff proceeded with the transition and shut down TS3. In subsequent testing, GCCS(T) proved it can handle its designed workload, and all the former problems were corrected except the Focal Point requirement which was dropped by the Joint Staff.
Overall, the installation, initial configuration set up, and transition processes have proven very problematical in both GCCS and GCCS(T). These may be inherent difficulties with commercial architectures integrating products from many vendors and government sources. Improper configuration becomes a challenge and a principal cause of information warfare vulnerability. After testing, there are no widely effective tools and supporting policies for monitoring and enforcing configuration control. On the positive side, the following will contribute to better system performance and streamlined tests: detailed planning and testing of the transition process, an early start on security testing, sufficient schedule time to incorporate lessons and fixes, comprehensive exit criteria for each stage of testing, and focusing testing on the high consequence areas.
|Join the GlobalSecurity.org mailing list|