World-Class E-Mail System is Hitting Snags at DoD

nferris@govexec.com

D

efenders of the troubled program point to glimmers of light at the end of the tunnel, but many observers doubt the Defense Message System (DMS) will be at battle strength when needed. Even in its incomplete state, however, DMS is a better system than the ones used almost anywhere else.

DMS is much more than an e-mail system for some 2 million service members, and employees at Pentagon offices, defense contractors and intelligence agencies. It also will transmit official orders and policies in both war and peace-whether to direct air strikes or move the Seventh Fleet from one ocean to another.

The system will have a worldwide reach and sophisticated security, while being so easy to use that a two-star general can do it himself. The most important messages will get priority, but all messages will be delivered faster than e-mail normally travels. Surprisingly, in view of its capabilities, DMS is based largely on commercial, off-the-shelf products. It runs on an ordinary Windows PC. To a casual observer, it will look like one of the e-mail packages used in corporate and civilian offices-Lotus Notes, perhaps, or Microsoft Outlook.

The DMS program started in 1995 with the award of the $1.6 billion prime contract to Loral Federal Systems, subsequently acquired by Lockheed Martin Corp. DoD needed to replace its AUTODIN system. A dinosaur of a message system, AUTODIN has become too expensive to maintain and operate. Some say it soon will be impossible to maintain because of all the patchwork upgrades it has sustained during its 30 years of existence.

AUTODIN is remarkably reliable, but it works in an old-fashioned way. An officer wishing to send an official message delivers the text to a telecommunications center, where special operators (much like Radar O'Reilly in the old M*A*S*H television series) enter the text into the system, encode it for security and use special directories to address it to the intended recipient. At the other end, the staff of another telecommunications center receives, decodes and prints out the message and delivers it on foot-a process that can take days if the message is not labeled as urgent.

"The biggest pipe in AUTODIN is a whopping 9.6" kilobits per second, the speed of ordinary PC modems around 1995, says Capt. James Day, a Navy officer who manages the DMS program for the Defense Information Systems Agency (DISA). And AUTODIN cannot handle any attachment to a message. Besides being slow and cumbersome, AUTODIN transmission gives several people access to the contents of a message, with the attendant security and confidentiality concerns.

Incompatible Mail

With DMS, DoD also aims to halt the proliferation of nonstandard e-mail systems within the military services and Defense agencies. Like their civilian counterparts, DoD units have been installing e-mail enthusiastically. There have been some moves to standardize-the Air Force selected Microsoft Corp.'s products as its standards for office software-but a 1992 survey by the Mitre Corp. found at least 22 varieties of e-mail software in use in the Pentagon alone.

When planning a battle or conferring about weapons upgrades, military officers can't spend time decoding e-mail attachments that arrive as gobbledygook. They need assurances that the recipient received the message promptly and read it. They also need to be able to find e-mail addresses for other individuals and organizations. In standardizing their e-mail, DoD will provide better service than most people are accustomed to.

Several years ago, as Defense officials were planning DMS, e-mail technology was at a crossroads in its development. A set of technical specifications known as Open Systems Interconnection (OSI) was competing with the Internet protocol set for market dominance. OSI, which had been adopted as the official standard in Europe and much of the world, was ahead in terms of its technical maturity, so the Pentagon chose part of that set as the standard for DMS.

With 20/20 hindsight, it now seems that the other standard might have been a better choice. Internet protocols have become the commercial standard, while the ones used in DMS are less and less common. But experts say OSI protocols are giving DoD the capabilities it needs, while development of security and directory features in the Internet protocol set still lags. For the time being, gateways are providing adequate links between DMS and other kinds of e-mail.

Besides, the decision is not irreversible. DMS is a software system (it rides atop the information highway known as the Defense Information Systems Network), and it will continue to develop for years to come. Asked about moving to the Internet protocol known as Secure Multipurpose Internet Mail Extensions (S/MIME), DISA's Day replies: "Do we want to get there? Sure." But S/MIME still is not fully mature, and Day has his hands full in the meantime.

The DMS program has been lagging, and everyone with the slightest knowledge of the system has an explanation for what's gone wrong. Day says it's on schedule-but he has pulled off one of the oldest and best moves in the manager's playbook. He has gotten his bosses and colleagues to adopt a scaled-back schedule. Instead of getting DMS in place for all 2 million users, Day now has to deliver it to just 360,000 users by the end of 1999.

That's when the Pentagon has decreed that AUTODIN must shut down. It's widely believed that DoD has to get rid of the old system on Dec. 31 of next year because AUTODIN is not year 2000-ready, but Day says that's not true. The backbone switches will operate after the turn of the century, he says, and the military services and other organizations that connect to the backbone are taking steps to make sure their switches are year 2000-ready as well.

In that case, AUTODIN can continue to operate in certain places if DMS isn't up and running for all 360,000 critical users. Those users, basically the same people and organizations that rely on AUTODIN, were identified by their parent organizations as those needing secure messaging capability.

It's in the Cards

The rest of the potential DMS users likely will continue to use their ordinary e-mail well into 2000, and probably longer. By all accounts, that will suit many of them just fine. User resistance is one of the most often-cited reasons for the slow pace of DMS adoption. The military services have to supply each DMS user with a PC that has a card reader (it looks like a slot near a floppy-disk drive) and with a Fortezza card (it looks and works like a bank ATM card with a user PIN, but with stronger security features).

Fortezza security, developed by the National Security Agency but supplied by commercial manufacturers, encrypts messages so they can be read only by the person to whom they're addressed. It provides the recipient with assurance that a message comes from the person who seems to have sent it. It's not difficult to use, but the extra steps involved-including the need to manage distribution of the cards and restrict them to authorized users-evidently are off-putting.

The cost of the cards, about $50 apiece to DoD purchasers, has been cited as another disincentive. It will add up to $100 million for the cards alone. The card readers are supposed to be factory- installed in all new DoD PCs, also adding slightly to the computers' cost. Then the military services need to buy the DMS software for each user and server, although some are simply modifying their existing commercial software to make it DMS-compliant.

In the early stages of the program, the DMS e-mail software was not ready, but the program office encouraged future DMS users to buy the commercial packages in their off-the-shelf form, with the idea of upgrading to the DMS version when it became available. This strategy has had many advantages, including familiarizing technical support staffs and e-mail users with the products. But some such users now are reluctant to spend the extra money to make their e-mail DMS-compliant.

Clearly not everyone will need the full extent of DMS security. A year into the program, the concept of one very secure system was modified, and now DMS has what Day calls three levels of security: sensitive-but-unclassified, secret and top secret (there is a fourth, most secure level for the intelligence agencies). The Fortezza card provides the lowest level of security. A beefed-up Fortezza Plus card is acceptable for secret messages if other protections are in place.

Meanwhile, changes made in the program last fall allow military users sending nonsensitive messages to do without Fortezza. They can log into the secure system only as needed. This will reduce the costs of the program as well as the load on the DMS system.

At this point, any simplification seems desirable. The program has encountered obstacles at virtually every level, from the local installations that have had trouble figuring out what to name their servers (standard names are needed to ensure message delivery) to the halls of the Pentagon, where firefights over allocating DMS costs erupt periodically.

Although DISA is coordinating the overall program, it is being implemented by the military services, which have separate program offices. The National Security Agency is responsible for DMS security measures, including Fortezza.

Lockheed Martin, meanwhile, has more than two dozen subcontractors at work on the system. Some are the biggest names in the information technology (IT) industry, including Lotus Development Corp., Microsoft, Oracle Corp. and Hewlett-Packard Co. Others bring to the table specific expertise. Enterprise Solutions Ltd., which specializes in secure messaging, is providing user software along with Lotus and Microsoft.

A Firm Foundation?

Many of the software providers are building their DMS products atop their commercial products. Of course, the commercial software is changing rapidly, giving the program a shifting base. For example, Microsoft has changed its mail software from Microsoft Mail to the more complex Outlook, while Lotus is transforming Notes into a World Wide Web-based product, Domino.

Other well-known companies, such as Novell Corp., protested about being left out of the biggest e-mail system on earth. DISA decided to let them sell software for use in DMS if the software passed tests of compliance with the system specifications. However, in the push to meet schedules, DISA has suspended that part of the program, according to J. Gary O. Van Dyke, founder of a Bethesda, Md., company that bears his name.

Van Dyke, whose experience with military communications systems goes back to the early days of the Strategic Air Command, has been hired to help with several aspects of DMS, including the security measures and the outside vendor certification. He describes the program as well conceived but extremely ambitious. Its original schedule was not realistic in view of the lags in commercial e-mail and network security standards, Van Dyke says. "Some of the high-assurance products are only coming out of development now."

One result: DMS has pushed the commercial e-mail software industry to develop better products faster. For example, Frank Vretos, a senior systems engineer for Microsoft, says his company's Exchange server software is the same for commercial clients as for DMS. But while pushing the technology envelope, DMS is in the end a part of the bigger e-mail picture, and it can't get too far ahead of the pack.

DMS requires cultural and business process changes within the military services. The new communications environment, captured by the DMS slogan "writer to reader technology," eliminates many of the middlemen, hierarchies and human checkpoints the uniformed services are accustomed to.

Jonathan A. Gloster, a security expert with Van Dyke, says some of the pilot DMS users asked who was keeping the copies of all the messages sent, referring to the backup printouts they keep for AUTODIN. Like other e-mail systems, DMS does not generate printouts routinely.

Military communications specialists need to learn new client-server technologies and new help-desk manners, even as their numbers dwindle. The contractors and the DMS program offices may have been slow to recognize the degree of cultural change that was required.

They were busy keeping abreast of what some describe as a shifting set of requirements for the system. Other observers say Lockheed Martin's management of the program has not been aggressive enough. A former DISA chief, Albert J. Edmonds, told one interviewer he wished he had paid more attention to DMS. Day says the DMS security issues are some of the thorniest problems he faces, an assessment shared by outside analysts such as the Defense Operational Test and Evaluation directorate.

Turning the Corner

This spring, however, the DMS finger pointing seemed to diminish as DMS installations gathered momentum. "We're into the doing stage," says Lt. Col. Marian Quinn, DMS program manager for the Air Force, which is ahead of the other services in installations. In April one-third of the 94 designated Air Force sites had begun installing the system. More than 700 DMS systems administrators will be trained at a special Air Force school this year.

A new and improved DMS release is expected this summer from Lockheed Martin, and that is expected to increase the adoption rate. As the scheduled AUTODIN shutdown gets nearer, the sense of urgency is likely to grow. But important issues remain unresolved. For example, the operators of the nation's nuclear forces have yet to be convinced that DMS will be secure and reliable enough to carry directives about deploying nuclear weapons.

DISA's Day conveys a guarded optimism when he says, "We're really moving out." The military services have agreed to the scaled-back implementation plan, and the products on the contract are becoming more attractive, offering group scheduling, collaboration tools, World Wide Web browsers and other features. In the end, Day and others suggest, DMS will succeed because of marketplace mechanisms-because it embodies the best of the commercial e-mail products and will evolve with them, while keeping the security measures as painless as possible.

At one time, defense and civilian IT executives thought it likely DMS would become the e-mail standard for the entire federal government and perhaps even much of the free world. That still could happen. Lotus has sold DMS Notes to the Australian government for 9,200 military users. But for now, Pentagon officials will be happy to get 360,000 U.S. military users hooked up by the end of next year.

NEXT STORY: War College Needs More Diplomats