Changing landscape for rugged data storageStory
February 24, 2020
Awareness is mounting regarding the importance of protecting data-at-rest (DAR) on deployed military platforms. Every time an unmanned aerial vehicle (UAV) is lost, it provides a stark example of the simple fact that what goes up must come down, and there’s no guarantee that what comes down won’t end up in an adversary’s hands.
In 2019 alone, the media reported the loss of at least three UAVs in unfriendly territory overseas. These and other similar losses have been driving the demand for encrypted DAR recorders in unmanned vehicles, whether airborne, on land, or underwater. Designers of these types of deployed platforms continuously look to increase performance and functionality while also reducing the platforms’ size and weight, which increases the pressure on engineers to cool hotter devices in ever-smaller packages.
In parallel, the role of unmanned systems is widening as they host more cameras and sensors to perform new battlefield surveillance tasks, often requiring the capture, processing, and storage of an increasing amount of sensitive tactical data, which heightens data-security requirements on deployed recorders. All of this means that the space available for the DAR recording solution is already small – and getting even smaller – while performance requirements for data storage are rapidly increasing.
Meanwhile, applications are driving the need to support faster network speeds as the amount of data being collected continues to rise. A key goal in DAR storage solution performance is to support full line rate data capture and provide large amounts of DAR storage. Think about this: High-performance sensors can’t be slowed down; if the DAR recorder can’t keep up with the huge barrage of incoming data, then critical data can be lost. As a result, the industry is seeing increasing requirements for DAR storage systems that support 10, 40, and even 100 Gigabit Ethernet (GbE) network speeds.
Higher data speeds result in increased heat and power dissipation, which competes with the desire to keep devices as small as possible. New next-level memory device technologies – such as higher speed and smaller size NVMe devices – have more demanding cooling requirements. While SATA is the standard today and will continue to be around for some time, the next generation of memory devices will require data storage solution designers to expend more time and resources on cooling the memory in ever-smaller form factors.
As security requirements are on the rise for DAR, so are the awareness and understanding of encryption certification levels. Just a few years ago, many system designers and integrators needed to be educated about Commercial Solutions for Classified (CSfC) 2-Layer encryption, an NSA-approved approach for protecting classified National Security Systems (NSS) information. Today, awareness of CSfC as a viable cost-effective approach for Top Secret and below encryption of DAR is relatively high but understanding how to implement a CSfC approved encryption solution in a development project is something designers still struggle with.
More specifically, the ways in which COTS vendors implement CSfC and the roles and responsibilities of the system integrator when deploying this type of encryption must be clarified to realize successful CSfC solution development and deployment. CSfC has increased its visibility in recent years, and NSA continues to provide strong support to this program. Additionally, the time and cost required for certification has significantly decreased, in some cases saving multiple millions of dollars and reducing time to deployment by months or even years. Even better, there are now numerous trusted integrators who can help guide system designers and integrators through the CSfC certification process.
An example of a certified rugged COTS data storage solution for protecting Top Secret DAR is Curtiss-Wright’s DTS1 (Figure 1) , a Common Criteria-certified network attached storage (NAS) device that is endorsed by the NSA and approved by NATO with two certified encryption layers. It also supports an optional MIL-STD-1275-compliant filter that applies test conditions to the input of the vehicle’s 28 volt electrical power system to mitigate against high-voltage spikes, long voltage surges, and ripples that can reduce performance and reliability.
Figure 1 | The DTS1 network-attached storage device is a rugged COTS data-storage device intended to protect Top Secret DAR.
Going forward, we expect certification to become even more important. Simply put, the risks and vulnerabilities will only increase; network speeds will also continue to increase as the desire for more sensor data generates ever-greater amounts of data that needs to be stored. In the coming years, data storage is going to store more data at faster rates in smaller form factors.
Steven Petric is Senior Product Manager, Data Storage, in the Defense Solutions Division at Curtiss-Wright.
Curtiss-Wright Defense Solutions