MOD to ditch 36-year-old encrypted comms system -- eyes flexible "sovereign" messaging replacement
"Obsolescence and technical limitation..."
The UK's Ministry of Defence (MOD) is gearing up to replace an aging secure messaging system -- with the High Grade Messaging system, run by Fujitsu, facing "obsolescence and technical limitations" the MOD said.
First piloted in the mid-1970s, the High Grade Messaging system has been operating since 1985.
It is one of a range of military communications systems being ripped out and replaced by newer systems in a rolling modernisation effort. These are largely set to run off software defined data centre (SDDC) nodes that can underpin secure fully virtualised delivery of military operational applications across the MOD.
It forms one of the backbones of British military communications, allowing individual users to compose and send secure messages on and offshore, automate their delivery and distribution, with proof of delivery, an audit trail, multi-level security clearances and secure networking, both within and beyond the MOD to NATO.
The MOD is holding a series of events at MOD Corsham on May 5-7, to present its requirements to potential suppliers. The move comes ahead of an anticipated formal procurement process for a completely new "Military Messaging capability" to underpin MOD-wide Command and Control (C2) communications.
The MOD aims to have it up and running fast, by military procurement standards -- suggesting some urgency to replace the existing system -- with the intention of running it alongside the existing High Grade Messaging system from as early as April 2023, for assurance testing during a planned initial dual-running period.
"There is to be full interoperability prior to becoming the primary and sole deliverer of the MM service. Key metrics will include the ongoing provision of equipment in the event of failure and the ability to ensure no reduction in operational capability through defect or failure," the ministry said.
A new front-end system, meanwhile (zero client, thick client, web client, etc.), will need to be deployed no later than April 2024 in the UK fixed environment and as a global replacement solution no later than April 2025.
MOD messaging replacement: What does it want?
MOD wants a front-end system, a message management system to handle routing; message delivery and audit of messages, hardware to provide centralised storage and support for both the front-end and message management systems. (All are expected to come under regular hostile probing and attack: "The cyber Threat Risk Level for this requirement is Very High", notes an MOD market notice, posted this April.)
The UK needs an "assured capability therefore security of the supply chain will be an important consideration" MOD said, adding that the "capability shall also be ‘Sovereign’ in that it will allow Freedom of Action/Freedom of Manoeuvre for the UK." Suppliers will need to be DV vetted, sole UK nationals and running a UK company.
The new system should be built on commercial off-the-shelf (COTS) configurable hardware and commercially available software, the MOD said. It should be able to "manage a virtual messaging network and enable rapid throughput and storage of data (majority text-only messages) for both short-term instant access and long-term archiving." Despite demanding encryption requirements, it will need to be searchable.
A market engagement notice gives more details: "The front-end messaging interface should be Windows Icons Menus and Pointers (WIMP) and enable most generic messaging and format conversion capabilities. The users will be able to draft, edit and release messages to any approved recipient in a number of Combined Communications Electronics Board (CCEB) standardised messaging formats (including but not limited to, ACP127, DOI-102S)."
See also: FTSE 350 still plagued by “nakedly dangerous” RDP, SMB, Telnet protocol exposure
The message management capability should be able to redirect, track and manage messages in addition to other administrative functions. The system should predominantly run over Internet Protocol (IP) but be able to support any bearer of choice (e.g. Serial). It will be required to have high availability (99.999%) with appropriate failback and back-up design to support when necessary. Both the hardware and software must be able to be integrated into Land and Maritime environments dependent on specific operational or hosting requirements. The solution will also include a deployable (mobile) (“flyaway”) capability which will be required in a number of configurations.
The procurement wants more highlights some of the challenges in modernising a complex IT estate with exceptionally demanding security and operational requirements. Despite spending some £19.5 billion on equipment between 2019-2020 and a substantial overall defence budget, the UK continues to run a number of aging systems like the Air Surveillance and Control System -- run by IBM -- which has "significant obsolescence issues in the supportability of the core system and the associated voice communications system" MOD admitted in 2020.