More Virginia-class nuclear attack submarines enter "Silent Service" in 2018. While the subs are getting cool sonar and processing upgrades, any embedded systems need to be secured to protect against SATCOM vulnerabilities.

The U.S. Navy is slowly replacing the 40 aging Los Angeles-class submarines currently in service with Virginia- and Columbia-class fast-attack submarines. The new submarines are designed to be capable of operating within both littoral and deep-water environments to seek and destroy enemy subs and surface ships; the new subs are also meant to project power ashore via Tomahawk cruise missiles and Special Operations forces, perform surveillance and reconnaissance missions, support battle-group operations, and engage in mine warfare.

In 2016, the Navy announced that its force level goal is to achieve and maintain a fleet of 66 SSNs [submersible ship nuclear]. Under its FY2019 plan, this should be completed by 2048. One of the reasons it will take so long to reach this goal is that each sub costs approximately $3 billion and takes, on average, at least 66 months to build in an advanced four-part modular construction.

When the USS Colorado – the 15th Virginia-class fast attack submarine and the fifth Block III submarine – was commissioned in March 2018, Secretary of the Navy Richard V. Spencer said, “USS Colorado is a true marvel of technology and innovation, and it shows the capability that our industrial partners bring to the fight. Today’s world requires undersea platforms designed for dominance across a broad spectrum of regional and littoral missions.” (Figure 1.)

The USS Indiana entered the fleet in April 2018, as the 16th; the USS South Dakota, the 17th, will be commissioned by the end of 2018.

Virginia-class subs are built under a teaming arrangement between General Dynamics Electric Boat and Huntington Ingalls Industries-Newport News. These subs weigh are 7,800 tons, are 377 feet long, have a beam of 34 feet, and can operate at more than 25 knots (28 mph) submerged.

Virginia-class Block III contract

As part of the Virginia-class Block III contract, the Navy redesigned approximately 20 percent of the subs to reduce acquisition costs. The main changes are found in the bow, where the traditional, air-backed sonar sphere has been replaced with a water-backed large aperture bow (LAB) array, which reduces acquisition and life cycle costs while providing enhanced passive detection capabilities.

The subs are equipped with a spherical sonar array that scans a full 360 degrees. With sonar detectors in the bow, fin, and flank, as well as one towed behind it, the Navy says these subs can detect large ships as far as 3,000 miles away.

One large, obvious change from the previous class is that these subs are equipped with a pair of extendable, nonpenetrating digital camera periscopes called “photonics masts” outside the pressure hull, which use thermal imaging and low-light cameras. While submarines have traditionally featured two classic-style periscopes, the new photonics masts host visible and infrared digital cameras atop telescoping arms that can be controlled via wired video game-style controllers. The Colorado is the first submarine to launch with the gaming controller feature aboard.

The Virginia-class design features extensive use of modular construction, as well as the use of open architecture systems and commercial off-the-shelf (COTS) components so that it can “remain at the cutting edge for its entire operational life through the rapid introduction of new systems and payloads,” according to the Navy.

A-RCI and sonar

In terms of signal processing, the Virginia sonar systems use a variant of the Acoustic Rapid COTS Insertion (ARCI, AN/BQQ-10) system, which is made almost entirely of COTS hardware and software.

Lockheed Martin launched the A-RCI back in the 1990s and the program continues to this day. Through the open architecture-based A-RCI the Navy can “take COTS software and hardware products and insert them into battle systems for sonar systems to communicate with surface ships and submarines and get data out to the new P-3s and then hit enemy contacts from the air, surface, and sub surface platforms,” says Brad Curran, industry principal, Aerospace & Defense, Frost & Sullivan. (Figure 2.)

Figure 2: Sailors monitor a sonar console for contacts during an antisubmarine warfare exercise. (U.S. Navy photo by Mass Communication Specialist Seaman Edward Guttierrez III/Released)

According to the Office of the Secretary of Defense, the A-RCI program includes the following:

A sonar system for the Virginia-class submarine
A replacement sonar system retrofitted into Los Angeles-, Ohio-, and Seawolf-class submarines
Biannual software upgrades (called Acoustic Processor Builds [APBs]) and hardware upgrades (called Technology Insertions [TIs]). While using the same process and nomenclature, these APBs and TIs are distinct from those used in the AN/BYG-1 Combat Control System program. The Navy intends for the A-RCI upgrades to provide expanded capabilities for antisubmarine warfare (ASW), high-density contact management, and mine warfare, particularly in littoral waters and against diesel submarines.

A recent A-RCI contract award for sonar engineering was awarded to Lockheed Martin Rotary and Mission Systems in Manassas, Virginia, during mid-2017 for a $130,827,895 cost-plus-incentive-fee, cost reimbursement contract for the procurement of Technical Insertion 18-20 Acoustic Rapid Commercial-Off-The-Shelf Insertion engineering services. The Naval Sea Systems Command, Washington, District of Columbia, is the contracting activity (N00024-15-R-6267).

“In 2017 there were 31 prime sonar contracts awarded totaling $1.4 billion. The king in this arena is Lockheed Martin with $791 million,” Curran continues. “Other primes providing sonar technology to the DoD include Thales and Qinetiq.”

“The DoD is looking to increase their unmanned sonars and UUV [unmanned undersea vehicle] buoy deployments,” Curran says. “There are hundreds out there already, and they want to link them to a central network. Even with increased UUV deployments and unattended sensors, challenges remain on how to enable low-frequency communications underwater. The frequencies are difficult, as is managing the power of the unattended vehicles as they suck up so much juice performing their tasks. Enabling sufficient power in the sensor systems and improving underwater comms remain key goals of the DoD programs.”

Another interesting sonar program getting funding is DAPRA’s Mobile Offboard Clandestine Communications and Approach (MOCCA) program, which looks to achieve significant standoff detection and tracking range of targets through the use of an active sonar projector deployed offboard a submarine and onboard a UUV, according to the solicitation in DARPA’s Broad Agency Announcement. The submarine will need to be able to achieve reliable clandestine communications between the host submarine and supporting UUV without sacrificing the submarine’s stealth. BAE Systems will be working on Phase 1 of the MOCCA project, which calls for designing efficient sonar capabilities to maximize detection range and improve target identification and tracking.

Overall, the new subs feature dozens of new technologies that increase firepower, maneuverability, and stealth while enhancing their warfighting capabilities, particularly within littoral operations.

The Columbia class is the next generation of subs that will follow the Virginia class. The Navy recently awarded General Dynamics Electric Boat a $5.1 billion contract to complete the design of the lead Columbia-class submarine. Construction is expected to get underway in the fall of 2020, and the Navy says it plans to build a fleet of 12 new SSBNs [submersible ship ballistic-missile nuclear].

SATCOM vulnerabilities a concern

Embedded systems play a key role in the Navy’s ongoing shipboard and sub upgrades, but if not properly secured, they can also be a weakness.

Back in 2014, Ruben Santamarta, principal security consultant for security firm IOActive Inc. (Seattle, Washington), warned of major satellite communication and operating system (SATCOM) equipment vulnerabilities.

Now, four years later, he’s demonstrated that the weak security posture of satellite communications products is making hundreds of in-flight aircraft, military bases, and maritime vessels accessible through vulnerable SATCOM infrastructure.

At Black Hat USA 2018 and DEF CON 26, Santamarta described the consequences of these vulnerabilities as “shocking.” The theoretical cases he developed four years ago are no longer theoretical: He publicly demonstrated taking control, from the ground and through the internet, of SATCOM equipment running on an actual aircraft.

Santamarta tested other devices in his latest research (https://ioactive.com/wp-content/uploads/2018/08/us-18-Santamarta-Last-Call-For-Satcom-Security-wp.pdf) and examined attacks using SATCOM antennas. He found that several of the largest airlines in the U.S. and Europe had their entire fleets accessible from the internet with thousands of connections exposed. Maritime vessels around the world were also at risk of attack, because their SATCOM antennas can be used to expose the crew to RF radiation. Essentially, Santamarta concluded, it’s possible to turn SATCOM devices into tools to cause radiation hazards and disrupt RF transmissions.

What are the biggest challenges for the U.S. military to close these attack surfaces? “The U.S. military can be viewed as any other organization or company with a complex structure and a significant amount of assets,” Santamarta says. “In terms of cybersecurity, however, it might be possible that the procedures to locate the affected assets aren’t fully developed, or at least aren’t at the same level as other companies that are more used to dealing with this kind of issue.”

Why is it urgent that the U.S. military address SATCOM vulnerabilities, and what threat does it pose to ships and subs? “SATCOM is a core functionality for the military,” he explains. “By disrupting or controlling SATCOM channels within a military context, attackers gain the ability to impact the regular operations of the targeted unit, both from safety and nonsafety perspectives. Submarines and military vessels use SATCOM-On-The-Move equipment to maintain continuous connectivity. If this communication channel is compromised, the attacker has the ability to isolate the targeted unit and prevent them from either asking for support or transmitting vital messages to other units.”

Also, any sensitive information being transmitted through these SATCOM channels “could potentially be compromised,” he adds.

“Fortunately, in most cases, it’s possible to address these vulnerabilities by installing a new firmware,” Santamarta notes. “Deploying these firmware updates to thousands of embedded systems is certainly a challenge, but it’s still doable,”

One big motivating factor to secure any embedded systems is that nation-states can hack vulnerable SATCOM systems. “To successfully complete a sophisticated attack without being detected, you need resources that usually are available only from the orbit of nation-states,” Santamarta says. “But less sophisticated malicious actors can also leverage these issues to blatantly wreak havoc.”

John McHale, Group Editorial Director, also contributed to this article.

Sidebar 1