Blockchain in multi-domain command and control targeting

To effectively plan and accomplish today’s complex military activities in defense of a country’s best interest calls for timely, reliable, trusted, and clear communications across a lengthy chain-of-command covering multi-national forces.


Unlike traditional guard solutions that are accompanied by several drawbacks, such as lack of trusted end-to-end data provenance, blockchain technology can facilitate and accelerate these multi-domain command and control targeting activities by offering reliable, cross-domain virtual identities and policy-based information distribution channels for the target design process.    


The problem: siloed targeting people, processes, systems, and data

Targeting is the process of choosing and ranking targets and assigning the appropriate measures to them. It is often a multi-disciplinary process, calling for collaboration from various joint force staff aspects and mechanisms aided by multiple non-military organizations to:

  • Decide which target to engage
  • Decide the best way to engage them to attain the desired impact within political, technical, and operational limits. 
  • Discover their current hideout with adequate confidence. 
  • Achieve the right effects. 
  • Evaluate the impacts of the engagement. 


data siloing greatly hinders command targeting essential to its different members. These are contributors from different countries, different operational domains (air, space, sea, and cyber), using multiple automated systems running on different networks with distinct classification, authorization levels and security policies trying to produce, distribute, plan, and execute prioritized target information. 


Coalition-based networks and computing power are set up to enable communication between co-located joint targeting squad members. Appropriately categorized information is channeled through these collective infrastructures in a regulated way through traditional cross-domain guards linked to each member’s non-shared national networks.


However, as we discuss in this article concerning cross-domain security, traditional guard methods are affected by numerous downsides, like lack of trusted end-to-end information origin for the information shared. Confidential background information and decision attribution are essential for mission sensitive targeting processes.


The challenge of providing confidential identities for the workforce- person and non-person- interacting across various domains causes lack of trust. Trusted virtual identity is the hub of all verification and approval decisions, and facilitates other integral security operations (non-repudiation, reliability, and encryption).


Traditional centralized public key infrastructure (PKI) methods with their domain-based certification authorities (CA) fail to lend themselves well to cross-domain bridging applications.        


More issues arise from the necessity to guard sensitive identity information across security domains- the subject identifying information contained in CA-generated certificates circulated to top-secret networks can also be classified and hence be shared in other security domains. 


These drawbacks disappoint and limit solid, synchronized targeting information production, collection, and circulation, inhibiting the creation of a confidential joint operational display of a target and restricting situational awareness of the targeting process itself. All these increase the probability of creating sub-standard targeting methods that could make the mission impossible. 


Blockchain-based MDC2 targeting solution

Blockchain technology, coupled with W3C verifiable credentials, offer a trustable solution that is better than siloed multi-domain command and control targeting procedures and participants. Blockchain-based MDC2 targeting solution comprises of three key aspects:


Unclassified multi-domain targeting blockchain consortium

A permissioned, private, random leveling consortium blockchain engaging all contributing security personnel offers a trusted common operational picture (COP) for the targets and situational awareness (SA) of the targeting activity itself. All proposed changes to targets are validated and circulated with the help of this targeting blockchain network. Targeting procedures and strategies, like target selection standards (TSS), are implemented through smart contracts and endorsement programs.   


For instance, a target suggested to be incorporated into the high-payoff list would first be recommended according to the endorsement rule. The recommenders would implement smart contracts with the help of confidential input argument values and requests to systems of record to confirm that the TSS had been fulfilled and create a random ledger transaction read/write set of consent and other uncategorized metadata. The uncategorized information would be dedicated to the targeting consortium blockchain nodes found in each domain to act as an immutable attribution of the policy.  


Classified verifiable credentials and unclassified verifiable presentations

Classified targeting data is confidentially and selectively distributed through digitally signed W3C Verifiable Credentials distributed to every target entity’s virtual identity to affirm its targeting-process assembled traits. A target can be defined as an entity that executes a defined role for the opponent considered for a potential engagement. The MDC2 Targeting procedure gradually creates a logical illustration of a target entity, populating appropriate features using multiple schemes and artifacts. 


These certifiable badges would act as the basis of creating presentations and zero-knowledge proofs (ZKP) to circulate suitably confidential data within and across security domains selectively. For instance, uncategorized certifiable presentations obtained from classified badges affirming high payoff target lists, selection criteria, and the commander’s goals could be distributed to every security domain network. 


Unclassified multi-domain self-sovereign identity network  

A permissioned, public, unstipulated blockchain identity network involves all contributing entities and provides random confidential digital badges and public key enablement (PKE) for all involved parties. Using blockchain-powered self-sovereign identity (SSI, or decentralized PKI), a random W3C Decentralized Identifier (DID) is allocated to each domain, immutably linked to its public key and other uncategorized metadata in its DID document, and circulated through a blockchain network to all identity network nodes found across all involved security entities without the need of third-party CAs.   


Since DID and DID documents are meant to carry only random data, they may be freely spread across all security domains through the blockchain identity network hence offering a mutual all-domain source of trust for digital identity and PKE. DID forms stipulate a DID’s certification and approval methods and also facilitate innovation and collaboration with an entity through its blockchain printed service portals. Service portals found in every network domain act as a means of accessing an entity’s conforming organization of certifiable permits, presentations, and other useful data. 


For instance, a target entity can contain a service portal positioned on both an uncategorized network and a categorized network. Uncategorized information regarding the target can be retrieved from its Uncategorized Service Portal on the uncategorized system. Uncategorized certifiable presentations of a categorized target feature can be shared through the cross-domain guard and accessed on the uncategorized domain through the uncategorized service portal. 


The diagram below shows how a smart contract on the targeting blockchain implements target selection criteria for a suggested target/weapon system arrangement:     

  • A target squad participant hands a transaction suggestion for a target (recognized by its DID) to be considered suitable for a mission using a particular weapon system (recognized by the weapon system’s DID) to approving nodes of the targeting blockchain network. 
  • The targeting blockchain network’s chain-code employs the two DID opinions to question the target’s and the weapon system’s service portals for the specific data necessary to apply the TSS strategy. 
  • The service portals return supportable presentations of mandatory characteristics sharing only the minimum contentions needed by the chain code.


multi-domain command and control targeting
Source: Blockchain Pulse: IBM Blockchain Blog

Not demonstrated in the diagram, the chain-node authenticates the provable presentation signatures using public keys from the identity ledger inputted to the DIDs, utilizes the attribute information to authorize target suitability using the chain node’s business rationality, produces a random ledger read/write set with the determination, and regenerates a signed recommendation. Then, also not illustrated, the signed recommendations are gathered and send to the blockchain orderer for circulation throughout the cross-domain, targeting blockchain nodes for commit.

  • The targeting blockchain network peer nodes give reports upon commit. 
  • After getting a commit report, the target squad member gives a certifiable credential declaring that the target is suitable for attack by that weapon system. The declaration comprises the authorizing blockchain transaction ID and other extra information for thorough provenance. The target domain retains this supportable record plus all other permits that have been dispensed to it, affirming the other attributes. Uncategorized provable presentations of this categorized certifiable credential may be formed and disseminated to uncategorized domain service portals. 


The U.S. Air Force’s senior commander has made multi-domain command and control targeting one of his top priorities. Further reports suggest that now he aspires to see it become the Pentagon’s first development initiative.


How Blockchain technology can be used to coordinate other industries

Blockchain can also be used to co-ordinate the supply chain process in the pharmaceutical industry. All transactions, from the sourcing of drugs to the actual sale can be transparently documented and kept without the likelihood of ex-post information meddling. Once a transaction is initiated, it is kept on the blockchain and is unchangeable. As a result, pharmaceutical firms will be able to prevent human errors, logistical delays, and minimize expenses. 


The technology can also be used to coordinate the energy sector. A confidential blockchain alliance chain offers an energy distributed ledger and energy trading smart contract services. Energy internet comprises of energy resources, energy transmission, energy distribution, energy consumption, energy storage, and other distributed resources, and supports coordinated control and market trading.  


The value of blockchain-powered MDC2 targeting

Blockchain-powered multi-domain command and control targeting can facilitate, speed up, and secure MDC2 targeting operations by offering reliable, trusted identity and permits for all targeting domains throughout their lifecycle. Smart contracts execute targeting strategies on a cross-domain targeting consortium blockchain. This in turn, shares targeting information selectively across domains through certifiable badges and confirmable presentations.  


A distinct cross-domain blockchain identity network acts as a source of trust for digital identities to PKE and all involved members (person and non-person) in the targeting course who issue, keep, present, and authenticate credentials and their presentations without leakage of confidential identifying information. 


When combined, these solution features offer the targeting squad and their supported operation officers with a dependable, provable end-to-end attribution for all target-based data and policy-related resolutions within and across different security domains. This blockchain-powered solution offers cross-domain, cross-national, cross-functional, cross-organizational targeteers and users of targeting intelligence with a confidential joint operational image of each target and its features, precise situational awareness of the targeting process itself, and guaranteed execution of targeting and security strategies. The ultimate result is an enhanced process with more accurate multi-domain command and control targeting. 


Related posts: