Smaller Computer Footprint in Air Force Operations Centers Boosts EffectivenessNovember 2010
Topics: Command and Control, Air Force Operations, Netcentricity
When you step into one of the U.S. Air Force's Air and Space Operations Centers, or AOCs, you know you're in a command and control (C2) center. The main room is typically 2-1/2 stories high. Electronic data screens cover the walls, showing maps, weather, and tactical data. The hundreds of PCs and monitors hold the attention of many operators who are assessing and executing aerospace operations during a conflict or a humanitarian operation.
The Air Force has five such major AOCs and nine minor sites around the world, each responsible for planning and executing air campaigns in its own geographical sector. The major centers are designed to operate 24/7 and ramp up to support 1,000 to 2,000 people, including joint and coalition partners, working on Airspace Control Orders, situation reports, and intelligence collection plans.
A common problem in the AOCs is the growing number of PCs on the floor at each operator's station. It is common to have as many as seven PCs, each supporting a different security network for combat operations. If you're an operator, you can see only information from one network at a time, using a switch box to move from one network to another. To keep track when switching between networks, you write on a sticky note what you were looking at. And you also realize that managing five machines and switching back and forth between networks reduces your efficiency.
Improving AOC Efficiencies
MITRE, which has been helping the Air Force improve the efficiency of its AOCs since 2000, saw a way to reduce the number of PCs with a virtualization approach called trusted thin client. The United States Air Forces Central (AFCENT) Command funded a small-scale prototype that verified the concept in 2008.
"The Air Force wants to reduce the computing footprint of its AOCs," says Eric Estochen, associate department head for Operational C2 Systems, within MITRE's Department of Defense federally funded research and development center. "In addition, AFCENT wanted to access various security domains more efficiently, cut electrical power and cooling costs, and ideally reduce the touch labor required to maintain the PCs."
The first AOC to try large-scale virtualization supported operations in the Middle East. In preparation, a prototype trusted thin client was installed at Shaw AFB in South Carolina. Secure communications from multiple network feeds in one building were funneled into a commercially available distribution console. From the console, a single wire (thin client) connected each of the operators and their consoles in multiple buildings. This eliminated many of the PCs normally required for each of the operators.
"The distribution console is the trusted box that enables you to actually see information from each of your networks at the same time," says Estochen. "The console acts as a trusted router, allowing you to interact with all the networks simultaneously. Each network is shown in its own window."
A Flexible Concept
Chris Franklin, MITRE's AOC virtualization task leader, notes that virtualization has many advantages and can be used in different ways. "You've got to make sure you're mapping the type of virtualization to the environment that it's going to be used in," says Franklin. MITRE is applying four types of virtualization to the AOCs: storage, servers, applications, and networks. (See "Four-Way Virtualization.")
"These are not new concepts, but what is new is getting these concepts to work in a C2 environment," notes Franklin. "The challenge is that most of the applications in the AOCs were developed a long time ago. They were never envisioned as running in this type of environment. So porting themmaking them virtualizedis a real challenge. We are also trying to make some of the applications more agnostic by allowing them to run on a variety of operating systems such as Windows 98, Windows 2000, or Windows XP. Removing their dependency on a single operating system allows us to make that application more portable."
Lessons and Benefits
The team learned a lot about the sensitivity of the design to networking. Specifically, the system required a highly reliable network. Also, the team members reduced the number of terminal servers because the estimated capacity was more than needed.
Another benefit resulted from technology's progress. "As the machines increased in power, there wasn't the need to have that kind of computing power for each of the operators on the floor," explains Estochen. "If you can move that equipment back into the server room where the IT professionals are doing the operations and maintenance, you can reduce the number of computers you need to administer and maintain. In fact, the back-room equipment can be virtualized so that the hands-on labor to maintain all the components can be reduced."
Another system maintenance enhancement: Patches and updates can be done at one time at the server level, thus eliminating the need to update individual clients. In addition, having only one cable going to a desktop greatly simplifies troubleshooting.
After evaluating the technology and doing a return-on-investment study, AFCENT agreed to fund a full-sized prototype roughly 10 times bigger than the first prototype. "It worked well and was deployed in the operational AOC," says Estochen. "MITRE served as the technical lead, bringing the different vendors together. It went fully operational in September 2009. We?re hearing great feedbackword gets around between the AOCs and we?re getting strong requests to install virtualization everywhere."
What are the next steps? "The client virtualization is a precursor project planned as a baseline update that rolls out to all the AOCs," says Estochen. "The larger modernization program includes doing virtualization of the components on the server side. We'll be further upgrading the whole infrastructure as well as taking advantage of different program efforts to move forward using net-centric approaches."
by David A. Van Cleave