News

DOD's 'Hardened' Android Kernel Arose Out of Military Security Study

• By Henry Kenyon
• February 2, 2012

The Department of Defense's custom-built and secure Android operating system came about through research done to study the security of mobile devices for military use.

Work on the hardened Android kernel is a part of the Defense Advanced Research Projects Agency's Transformative Apps program, which seeks to develop new DOD software applications through an innovative development and acquisition process, Mari Maeda, the program's director, said at the IDGA Network Enabled Operations conference in Alexandria, Va., Jan. 25.

The program plans to create a military apps marketplace to encourage collaboration between the development community and users.

For the Android kernel, DARPA built a secure host system consisting of a customized version of the Android 2.2 operating system, Maeda said. Besides hardening the Android stack, the DARPA team also added data and data-at-rest authentication, and the ability for the software to check data integrity.

The hardended version of the Android OS was evaluated at the Army's Network Integration Evaluation (NIE) during two events in the spring and fall of last year, held at Fort Bliss, Texas, and the nearby White Sands Missile Range, New Mexico. Other military services and branches of the federal government are also considering deploying Android devices. And DARPA launched a pilot program in May 2011 to test mobile devices running on the Android OS in Afghanistan with the 3rd Brigade of the 10th Mountain Division, Maeda said.

As a part of the pilot, DARPA developed a dozen applications for use by the 3rd Brigade's troops. The entire brigade was equipped with mobile devices by mid-fall of 2011, Maeda said. The new applications allow soldiers to load imagery and data onto their handheld devices. She added that six Army brigade combat teams are requesting the capability.

As the program expands, DARPA is considering several challenges. One issue is that troops operating in remote areas will sometimes be out of network contact. Some of the applications loaded onto troops' devices require direct network connectivity to run, while others, such as the Tactical Ground Reporting (TIGR) system, can be loaded onto a handheld. Soldiers participating in the pilot have also developed their own applications in theater, such as capabilities to download map data, and a search and rescue app, Maeda said.

One lesson learned from the pilot is that disconnected applications are very useful to troops in the field, Maeda said. Fresh, high-resolution map imagery is also vital. But the challenge is to process map data rapidly in hours as opposed to days or weeks, so that it can be used by troops in the field. Another lesson is that soldiers will tolerate imperfect hardware if it helps them with their mission, she said.

Security is another concern for the system. Maeda noted that the need for security must be balanced with usability. Feedback from the field found that encryption affects performance, and that long password and screen lock codes restricted soldiers' mobile device use.

Troops also like using integrated applications. The challenge is to design applications for modularity where there is a preference for linked applications and plug-ins as opposed to monolithic applications, she said.

The program's next steps involve selecting a new platform for the Army to use. The effort began with the Dell Streak tablet/smart phone, and DARPA is considering the HTC Desire smart phone or the Motorola Xoom tablet, she said.

In the field, the smart phones are a key part of soldiers' equipment for Army battlefield networking programs, such as Nett Warrior. The handheld devices replaced the bulky small computers that soldiers wore because they were more capable and less expensive. But to connect to the DOD's battlefield communications and data networks, soldier mobile devices are connected to Harris AN/PRC-117G tactical radios, Maeda said.

The goal for this year is to be fully networked, Maeda said. If a device can connect to a tactical operations center (TOC), it will then link to secure, non-secret military networks or alliance networks in Afghanistan, she explained.

Another objective is to have handheld devices link directly to servers in rear areas to access data and applications. This is necessary because, although TOCs are part of DOD's battlefield network, Maeda said they are at the edge of the network and prone to data and communications outages because the links to a firebase or an isolated company command post are not very robust. This situation requires handheld devices be able to synchronize data and back it up in the event of communications loss, she said.