3OS Paper #3

Abstract: The average lead-slinger doesn't care about Series C funding of startups but concepts like commercial return on investment (ROI) are very applicable to the wartime efficacy of a knuckle-dragging door-kicker in modern warfare. The way the planning, programming, budgeting & execution (PPBE) process, the Joint capabilities, integration and development system (JCIDS) works, and the way the military industrial complex (MIC) is organized prevents fundamental innovation. The US DoD will need to drastically change acquisitions policy to make national defense worthwhile in all coming scenarios.


Strategic Defeat Snatched from the Jaws of Tactical Victory

For most veterans reading this blog, the idea that the Global War on Terror (GWOT) could be viewed as a loss isn't difficult to imagine. The Biden Administration's disastrous departure from Afghanistan,[1] a haphazard mess of poor planning by civilian leadership thrusted on the US DoD shouldn't have shocked anyone paying attention. That the Taliban regained control of Afghanistan after the US departure[2] was a story written earlier when poor civilian planning lead to a chaotic departure from an ill-prepared Iraq and allowed for the rise of the Islamic State of Iraq and Syria (ISIS).[3] For veterans who watched all their hard work come completely undone, seeing these things happened often lead to re-hashing buried post-traumatic stress (PTSD).

Yet the end results of combat operations for American troops in the GWOT is pretty much similar to the end results of combat operations in Vietnam; defeat snatched from the jaws of victory. In Vietnam, overwhelming American air power in late 1972 had forced the reluctant North Vietnamese to the negotiating table and they agreed to terms that would end US involvement. Two years after the US left Vietnam, the North invaded again, and won.[4] Likewise, American abandonment of the field of battle gave an otherwise hopeless enemy an opportunity to return to power, especially with the Taliban. Even an otherwise defunct ISIS is seeking a return to glory amidst draw-downs in Syria.[5]

Were America the losers? Not really. The free people of Vietnam, free Afghans (especially women) and the Kurds are all among the losers in these fiascos. But the real winner over American adventurism in Afghanistan has arguably been China. And that's not directly in Afghanistan at the moment; if anything, the hasty US withdrawal wasn't ideal for China's economic interests in Afghanistan.[6] No, the reason China is the big winner are American strategic failings, particularly our sunken treasure at scale. The estimated total cost, including debt spending, interest, and associated war costs to the Department of Veteran's Affairs (VA) is likely over $8.5 trillion.[7] With a T.

Figuring an $8.5t cost, the added context of that is vital. First, it only cost al-Qaeda around $500,000[8] to drag us into the GWOT. That lack of parity - a 17,000,000:1 ratio - is worth it just for a terrorist organization to prick us with low-cost attacks and force massive expenditures to counter. But when viewed through the context of China, it's been a disaster. While we spent trillions and mired ourselves in counter-insurgency (COIN) operations, China has been able to exploit a booming economy, massive intellectual property theft, and a very favorable purchase power parity (PPP) imbalance, to arguably outspend the US Department of Defense (DoD) over the past few years.[9] With that advantage, China has found themselves growing in capability and capacity while the US can arguably no longer be capable of fighting two theater wars at once,[10] a capability the US DoD had lauded since World War II.

And yet there's no denying the US *HAD* to invade Afghanistan and defeat the Taliban and al-Qaeda. It was an absolute moral imperative, and a "go do" from civilian leadership in the Executive and Congress.

Waste, Waste, and Waste

Much of this wasteful spending is owed to the US DoD being stuck in an "honorable waste" cycle and attached to an acquisitions policy - and requirements within it - built around The Cold War.

The US DoD's acquisition policy has basically been on a never-ending cycle, rotating between policies of "efficient, mission-focused acquisitions focused on mission accomplishment," "fraudulent abuse," and "honorable waste." In fact, these cycles pre-date the existence of the US DoD itself and go all the way back to the Civil War era and earlier. Unfortunately, the pivots between these three tend to all be bad; when we're "Efficiently Operational," bad people take advantage of the system, and we end up with "Blatant Fraud." That leads to policy creating systems so bloated we have the "Honorable Waste."

Basic rotation of US DoD Acquisition Policy
But what's truly sad is that in order to get from "Honorable Waste" to "Efficiently Operational," usually a lot of good people have to die.

The US DoD has been in the "Honorable Waste" since during the Cold War. And this actually makes sense given the scale that a multi-generational fundamental challenge the Cold War was.

It's much harder for the winners of a multi-generational contest like the Cold War to change than it is for the losers. And I don't think it's a coincidence that we're still building systems, buying things that cost billions of dollars, and issuing them to our Soldiers, Sailors, Airmen and Marines today, that in many cases, were actually designed before the end of the Cold War. We're still, to grossly over-simplify, designing and building and fighting with the same tanks...
...It is literally our duty to deter unwanted wars, and history is filled with examples of what happens when a civilization fails to deter its adversaries. They get into unwanted wars. Obsolete technology can lose you a battle. But obsolete systems, obsolete vision causes unwanted wars, and loses them.

- Isaac Taylor, former Chief Technology Officer, Defense Innovation Unit.

Most Veterans of Afghanistan and Iraq won't consider our tactical engagements within country as tactical losses, and unto themselves, they are not. Acknowledging our adventurism benefited China at the strategic scale is a rough admission, yet an invariable truth. Over the course of the Cold War, the US built a great many of the systems in use today: the Navy's Arleigh-Burke, Los Angeles, Ohio, and Nimitz class ships and submarines, almost all of the armor in the Army, including the M1 Abrams and M2 Bradley, and most of the current aircraft fleet in the Air Force and Navy, including the A-10 Thunderbolt II, B-1 Lancer, B-2 Spirit, B-52 Stratofortress, F-15 Eagle, F-16 Fighting Falcon, F-18 Hornet, and F-22 Raptor, which were all designed and procurement decisions were all made during the Cold War.

Hammer #1: Mjolnir - Building a Hammer for The Fulda Gap

The US DoD built it's entire force structure around the Soviet threat, particularly to Western Europe. For Joint Terminal Attack Controllers (JTACs) and the associated fires community, the A-10C "Warthog" was seen as the pinnacle of close air support (CAS) for the COIN and counter-terrorism (CT) fights as part of the GWOT. Yet the A-10 (and the AH-64 Apache attack helicopter for the Army) was built for attacking older Soviet T-72 tanks in the Fulda Gap, as that would be the assumed primary attack vector for Soviet armor to push west. In 2023, the Fulda Gap is hundreds of miles west from a larger North Atlantic Treaty Organization (NATO) footprint that not only includes the majority of the former Warsaw Pact nations, but also several former Soviet Socialist Republics such as Latvia and Estonia.

The transition from the Cold War to COIN is seen as successful because from a myopic war fighting perspective, of course it was. However, we brought the wrong military to that fight. Over the course of the Cold War, we built a military to go toe-to-toe with Ivan; he had a big hammer and sickle, so we built our own hammer.

The hammer we wanted, but not the one we deserved. (Benjamin Higham)

The right military to fight a near-peer fight against a great power like Russia was or China is, can be highly effective, tactically, in a COIN and/or CT fight. By virtue of expense, it's almost always at the cost of being a net strategic loss.

As we examine costs to fight a COIN/CT engagement, the necessary expenses are actually minuscule if acquisitions and associated tactics, techniques, and procedures (TTP) are willing to change. There's a hesitation to lean into the COIN/CT oriented acquisitions because of a perception that such equipment wouldn't be valuable during a high-end force-on-force major combat operations (MCO) against a near-peer. That is however a fallacy for multiple reasons.

The first reason an acquisition of only high-end MCO capable systems is flawed is that high-end MCO only maintains its speed of frantic fifth-generation combat for a fraction of total engagement. The perception of a non-nuclear shooting war with China involves an assumption of a massive scale of hyper-sonic weapons criss-crossing the Pacific while fleets of Chinese fighters engage US fifth-generation fighters in epic dogfights. And yes, some of that may happen, but in time frames measured in minutes. The reality on the ground in a current war between major powers - Russia and a NATO-backed Ukraine - has more in common with World War I than with that fantasy. Yet that isn't to say that modern equipment and TTP aren't in use in Ukraine; they absolutely are. However, they aren't the fantasies that fighter pilots have when they dream of being the next Robin Olds.

This is what the Last Ace, Brig Gen Steve Ritchie (Ret) looked like in 2014. He was, relative to everyone on active duty in 2014, old. He's even older now in 2023. The point is, he achieved ace status in 1972, and will likely be the last human ace in Air Force history. (C-Span)

While there is a sliver of truth that antiquated systems like the F-15E aren't survivable in those opening stages of an MCO with a near-peer, and the newer systems like the F-35 or F-22 are, and also capable of accomplishing most of the same missions as their older counterparts, that's only half the story. The cost to develop, maintain, and supply the newer systems is counter-productive for any mission except a high-end MCO. So the better question is: should it even be trying to do any other missions?

Hammer #2: Maslow's Hammer - Everything Looks Like a Nail Outside of the Formosa Strait

When all we had was Thor's Hammer, it basically became Maslow's Hammer and everything the US DoD saw was a nail.[11]

The Air Force fighter mafia is so eager to convert to fifth-generation platforms because it's the type of fight they want to fight, but very few senior leaders ask the harder questions about what they really will need to do.

When the Cold War methodologies for acquisitions remain, and the Fulda Gap has been replaced with the Formosa Strait, the JCIDS process churns on and attempts to re-fight the previous war, 3-5% more effectively than during the last future years development plan (FYDP) cycle. The Air Force is busy at work right now trying to build Maslow's Hammer again, only with more expense and less capacity.

It doesn't matter if this thing is good at CAS or not; it shouldn't be doing it (Jonathan Case / Lockheed Martin)

The details about specific air frames are in the next paper, but the bottom line is that platforms as acquired now aren't relevant to any wars, and they are a reflection of the current acquisition system and the old way we organized ourselves.

Days US aircraft spent in combat in permissive environments vs. non-permissive environments between 1991 and 2017. (Pietrucha)

The US DoD will need to fix acquisitions just as rapidly as they fix the ability to pivot TTP if there's going to be any hope of winning future wars of any type without bankrupting America.

Hammer #3: The Myth of the $600 Hammer

As Isaac Taylor is quoted above, the Cold War's hangover on US DoD is to the point of it driving our very ideas about the basis of maneuver warfare. Lessons from the war in Ukraine and along other domains like cyber and across other instruments of national power in the diplomatic, information, military and economic (DIME) are difficult to permeate the Pentagon.

In 2014, the US Air Force (USAF) CAS community took a hard stance against USAF leadership about the F-35 vs. the A-10, and why there's more information about that in paper number four, the entire debate is based on a naïve assumption about the right tool for the wrong fight.

That debate is the equivalent to French musketeers debating flintlocks in 1812 while standing shoulder-to-shoulder in line formation wearing brightly colored uniforms. A slightly better weapon for that fight was far less important than radically changing tactics & strategy, and modifying the entire logistics and acquisitions systems around it.

The $600 hammer - itself a myth - is a reflection on numerous issues in US DoD acquisition. Reality of the $600 hammer - really, $435, itself a ridiculous price, was over-marked by $420 like every other line item in a bulk purchase to spread around overall research and development (R&D) costs.[12] It's a reflection of bad accounting practices in general, but part of a larger problem endemic throughout the US DoD. The acquisitions system is a total disaster.

This is why we can't have nice things. (Defense Acquisition University)
"Every system is perfectly designed to get the results it gets." - W. Edwards Deming

That image above shows the requirements process and the acquisitions process at the program executive office (PEO) level, as well as a brief summation of the budgeting process, but that, in detail, is also a nightmare.

The budgeting process. Designed to make innovation impossible.

The laws in both Title 10 and the code of federal regulations (CFR), as well as the assorted DoD policies is massive; between just the Federal Acquisition Regulation (FAR),[13] it's Defense Supplement (DFAR),[14] and the Procedures, Guidance, and Information (PGI),[15] alone are combined for over 4,000 pages!

So who do these policies benefit?
The war fighter? Definitely not.
The taxpayer? Not really.
The military industrial complex? Absolutely.

Major defense contractors who cannot compete in non-regulated industries have made billions in ensuring that the status quo remains as-is, and that existing regulations continue to favor them for acquisition. And how some of the major defense contractors maintain policy in their favor is just pure corruption.

While the video focuses on Congressional corruption, corruption within the US DoD is rampant with a revolving door[16] that incentivizes every part of the already confusing and unnecessarily complex system to continue to be so. This doesn't merely include senior flag and general officers leaving the DoD for cushy positions at places like Lockheed-Martin or General Dynamics, but even includes how the best and brightest from our contracting officers through program managers (PMs) are paid much better from the traditional defense industrial base (DIB) corporations. All of these personnel are incentivized by the market structures as they exist right now to keep the status quo.

Because there's lucrative incentives for keeping the DIB working towards a continual "Cold War" style of equipping and fielding, the machine mostly works towards more complexity, more exquisite high-cost solutions and more difficulty in the acquisition process.

DAU is a Bug, not a Feature

The Defense Acquisition University (DAU) is a great organization filled with a ton of awesome performers working very hard to simplify the acquisitions process for the tens of thousands of people involved in DoD acquisitions. DAU has even sponsored efforts to simplify the massive burden the process puts on those in the DoD charged with its various levels of "queep."

While DAU tries hard, their mere existence is proof of a problem. When an operator or pilot or maintainer catches orders to work in acquisitions at a higher level command (such as a Major Command (MAJCOM) in the USAF), the Pentagon, or at a PEO or system program office (SPO), they must take a few DAU courses before they can be an action officer of any type. The idea of training unto itself is obvious; any new role, no matter how good you are at your core occupational specialty will require some training. There is a reasonable expectation there'd be a command-level or PEO-specific type of training for the few things you'd need to know to be good at acquisitions relative to the massive burden of training already parcel to becoming good at your job and assigned to an acquisitions role. Yet acquisitions is so byzantine, with so much tyranny of regulatory capture and so much complexity that there is a need for so many courses that an entire University with a full catalog is required. No offense to the fine personnel that work at DAU, but ideally, they shouldn't have to exist.

The regulations and policies that create a need for DAU are in large part influenced by the DIB through Congressional lobbying, but they are also influenced by internalized policy within the DoD itself.

In many PEO or SPO offices, there is an air permeating the entire culture that is best summed up by an apocryphal fable about the five monkeys and a banana on a ladder.[17]

That's just the way it's done around here. - Not someone you should trust with National Security.  

Of course this culture then ranges in everything from policy overreach to requirements feature creep. There's probably no more famous example of feature creep than the M2 Bradley Fighting Vehicle (itself a very formidable weapon system in 2023, but a disaster of acquisitions in its early years.) The HBO film "The Pentagon Wars" is a dramatization with many liberties taken, but does capture the spirit of many issues with acquisition and the associated communities of PEOs, the test community, etc.

As a whole, defense acquisition policy is at its core, two things: incremental, which we've already covered, and woefully myopic. These two things, in proper context could be good things. An incremental approach, as part of a larger grand strategy towards transformational goals would be ideal. However, this is nowhere near how it really works. Instead, each PEO operates within a vacuum, beholden only to their own requirements and staff procedures. This is why the F-22 Raptor and F-35 Lightning II, the only two American fifth-generation combat fighter jets, both produced by the same primary contractor, Lockheed-Martin, have totally incompatible[18] low probability of detection (LPD)/low probability of intercept (LPI) communications systems. The F-22 uses "Inflight Datalink" (IFDL), while the F-35 uses "Multi-function Advanced Datalink" (MADL), both of which are completely incompatible with not only each other, but the entire rest of the US DoD. The adage of "the best way to eat an elephant is one bite at a time" or the theory of writing small bits of well-written code as its own elegant solution that then becomes part of a larger transformational solution are pipe-dreams. In reality, there's no master plan, no collaboration, and no optimization. Each system is only slightly more optimized for the narrow mission set it is developed to accomplish than the previous iteration.

No direct LPI/LPD communications between F-22 and F-35 even in 2023. (Original photo by MSgt Jeremy Lock/USAF)

The second thing that defense acquisition policy is to its core is over-standardized. There is a serious problem with using the same regulation to govern how to buy all things when numerous things are significantly variable and there are assorted advantages to buying various classes of things differently. Its not merely a question of direct benefit to the war fighter as well; at the scale upon which the US DoD operates, its purchasing decisions have national security ramifications from a grand power perspective. Until 2016, the only way to buy commercial software solutions other than basic systems like Microsoft Office or Windows was no different from a requirements and budgeting perspective than buying an aircraft carrier (other than rules about budget oversight). Even now, with the announcement of Replicator, the procurement rules for buying small unmanned aerial systems (sUAS) are no better than rules for building a new fighter jet, even though the entire point of Replicator was to take advantage of commercial dual-use technologies and economies of scale. The regulations for buying a hammer and buying an F-15EX shouldn't even be in the same league. In fact, there's shouldn't be so many regulations on buying hammers. But alas, that's another reason this blog is named "three hammers." Because there's at least three signatures of people who make six figure incomes required to procure a hammer through the capital acquisitions process.

Leadership is both constrained by policy and hamstrung by fear to try and fix acquisitions. In the USAF, leadership in general is discouraged from innovation and instead have instilled rewards for "playing it safe." Lemay and Doolittle would probably never make O-6 in the modern Air Force, and its doubtful that Boyd's papers would move beyond a weapons instructor course (WIC) white paper. Innovation, like strategy, are things that need to be career incentives, though there's more detail in the next paper.

Infinite Complications

The history of US DoD procurement regulations is a tale of evolution and adaptation, reflecting the changing needs and challenges faced by the government in acquiring goods and services. While there's Constitutional precedence in some regulatory burden for the US DoD acquisitions system, particularly surrounding "two year money,"[19] the journey for the modern US DoD begins during the Civil War, where the Union Army's need for vast quantities of supplies led to the establishment of the Bureau of Clothing and Equipage in 1861.[20] This marked one of the earliest formal efforts to regulate federal procurement. The Civil War also witnessed the emergence of corrupt practices and fraud in government contracts, prompting the government to take measures to combat such malfeasance.

The aftermath of the Civil War saw the enactment of the False Claims Act of 1863,[21] aimed at deterring fraud[22] by allowing private individuals to bring lawsuits against those who defrauded the government. Despite its early origins, the False Claims Act remains a critical tool in the fight against procurement fraud in the modern era. The late 19th and early 20th centuries saw the government continue to refine procurement regulations[23] as the nation's industrial and military needs grew. The 1930s saw the establishment of the Federal Supply Schedule, a precursor to today's General Services Administration (GSA) schedules, which streamlined procurement processes and enhanced efficiency.

The 1980s marked a turning point in the history of regulations for the US DoD, characterized by both progress and challenges. The procurement environment became more complex with the growth of technology and the globalization of supply chains. This period also witnessed several high-profile cases of procurement fraud and abuse, including the notorious "Illwind" scandal, which involved bribes, kickbacks, and bid-rigging in defense procurement contracts.[24] In response to such scandals, the U.S. government embarked on a series of reforms aimed at improving transparency, accountability, and competition in federal procurement. Of course these reforms only served to increase the scope of complexity leading to things like JCIDS and the DAU.

Modern efforts for streamlinging acquisitions such as "Middle Tier Acquisition Reform" ratified in §804 of National Defense Authorization Act (NDAA) 2016[25] are great initial steps, but they pale in comparison to the complexity of the problem or the depth of the commercial sector they are trying to appeal to. To truly appreciate the scale of commercial technologies being missed out on by the US DoD, it only takes looking at what many leaders want and the pathways used to acquire the technology in place in the US DoD to understand.

Gaining Access to the Missing Trillion Dollars

Everyone has had the thought: Siri can navigate me to the office, why don't I have that for my [insert combat system here]. The answers are myriad, but one of the keys is the massive amount of commercial work that went into creating an architecture where Siri and navigation can even exist. The open systems interconnect (OSI) seven layer model describes everything from the physical layer of networking to the application layer, and each of them has enjoyed billions of dollars of R&D by corporate entities seeking commercial gains in order to create an infrastructure that can support it. An example of the areas where commercial R&D have invested is listed below:

  1. The software to convert human language into "words."
  2. The artificial intelligence (AI) based system to understand human speech, inflections, etc., and convert that into actual commands.
  3. The large language model (LLM) system to parse commands across different human languages into a "task."
  4. The cloud infrastructure those technologies exist upon.
  5. The algorithms for calculating efficient road navigation routing.
  6. The massive work to digitize road navigation processes, including underlying AI-based processing of the road rules and mapping from satellite imagery (itself a multi-billion dollar effort).
  7. The commercial sector efforts for road mapping from commercial satellite imagery and associated commercial sector satellite market efforts, and the AI-based processes to maintain those datasets.
  8. The various application programming interface (API) inteconnections for various other inputs into traffic patterns & congestion, police locations, etc.
  9. The massive investment in the relational database (RDB) to facilitate these data systems.
  10. Miniaturization of the global positioning system (GPS) radios, processors, and interfaces for use of GPS data (the GPS constellation and underlying technology are actually results of US DoD R&D. However, US DoD use of GPS was still the portable special navigation (PSN)-13 "Defense Advanced GPS Receiver (DAGR)" as of 2021, a nearly one pound block of uselessness in 99.9% of all situations.
  11. The investment in waveform optimization and bandwidth efficiency in congested radio spectrums for use of cellular networks.
  12. The routing technologies for moving data between cell towers and the Internet's backbone.
  13. The hundreds of billions of dollars in R&D in hardware to enable these to work efficiently and keeping Moore's Law on track.[26]
  14. Various underlying network technologies including massive improvements in virtual private networks (VPN), domain name system (DNS), and assorted other technologies to enable underlying technologies.
  15. Assorted software development infrastructures to leverage rapid agile development.
The R&D behind internet technologies plus the infrastructure on it is worth literally trillions of dollars. Not easily replicable with an app.

For a system like Siri to be able to use a voice command to navigate you to a destination, there's 30+ years and trillions of dollars of R&D and infrastructure development involved to make that technology possible, just as there's been massive investment by private sector entities to enable mobile technologies. And yet, in war, most of this infrastructure doesn't exist. For one, the US DoD actively destroys it if the enemy has it, usually with explosives. This is to be expected; if the enemy can't enjoy command and control (C2), largely enabled by modern communications technologies, our forces have greater freedom of maneuver, operational advantage, and overall lethality. So, if this infrastructure exists in the enemy territory, we blow it up. We actively deny network infrastructure, communications spectrum, and in many cases, even electricity to the systems required to enable technology like Siri or Waze.

Despite the fact we have a profound advantage by destroying that infrastructure, the R&D spending to take advantage of that is ripe for us to reap the advantages from. However, instead of the US DoD using this, American commercial R&D is leveraged much better by China, and we're facing a much more difficult combat situation in a near-peer confrontation.

To rectify these advantages we've ceded to a near-peer, we need to fundamentally change how acquisitions works relative to commercial technology. Not merely the procurement processes in contracting which have changed, but the requirements processes and the budgeting/funding processes which sadly haven't. And software acquisitions throughout the US DoD has been modernizing, but hasn't nearly enough. Those "five monkeys and the ladder" have no idea what Agile even means when it comes to software, much less how to manage it.

If you're working on agile software in the government, stop and ask yourself: are you, really? (Defense Innovation Board, "Detecting Agile BS")

Adding to the graphic above, if software development program planning includes a preliminary design review (PDR) then a critical design review (CDR), it's not agile. In fact, many SPOs would replace only the actual "slinging code" phase of the software development lifecycle (SDLC) from the traditional waterfall model with the agile portion around morning scrums, then, when deliverables failed, write off agile as if its a failure. No, government acquisitions policies are the failure, not agile.

If a USAF member wrote an AF Form 1067 "Requirements Modification Proposal" document for creating the iPhone in 2004,[27] what the US DoD and the DIB would have created by 2007 would not have been anything close to an iPhone, nor would iterative development made the tool available to a warfighter even remotely close to as viable.

Even the excuses previously lauded - things like cybersecurity vulnerabilities for the US DoD are significantly different than the commercial world are based on assumptions without evidence. The naïve belief that US military secrecy is significantly more advanced than commercial interests isn't just flawed, its backed by a very large inequity in funds. The commercial sector's spending of an estimated $202.7 billion in 2022 on cybersecurity[28] puts the paltry National Security Agency (NSA) budget to shame (the entire budget for all Intelligence activities across the entire Federal Government was $89.8 billion in 2022,[29] and that figure includes everything from paychecks for the janitors at the Central Intelligence Agency (CIA), launch support for National Reconnaissance Office (NRO) satellites, and the NSA's entire R&D budget for cybersecurity.) The guidance from National Institute of Standards and Technology (NIST) and their security technical implementation guide (STIG) are somewhat modern, and the common vulnerabilities and exposures (CVE) list most of the cybersecurity world revolves around is maintained by a Federally Funded R&D Center (FFRDC), yet the commercial world attacks software vulnerabilities in a manner only the most cutting-edge software development teams in the US DoD are capable of. The traditional method of coding leads to a lengthy process to attain an authority to operate (ATO). The cyber vulnerabilities remediated in the process are based on a risk management framework (RMF) process elucidated by NIST and expanded upon by the DoD and components. For things (mostly software) requiring an ATO, the RMF process creates a "scorecard" of risk, and commanders (guided by policy) can make choices about employment of those tools. Conventional wisdom when the "ongoing authorization" was deployed as a continuous authority to operate (cATO) was that vastly greater amount of cyber risk was going to be a side-effect of the continuous deployment model. Yet after successful deployment by the first users in the National Geospatial-Intelligence Agency (NGA) and in the USAF's Kessel Run, a large amount of commits back to production were actually to mitigate newly discovered CVEs. After a contentious audit, it was discovered that not only did continuously delivered software have greater user adoption rates and better feature delivery, it was also far more secure.

In spite of this, traditional acquisitions shies away from teams that deliver capability, and even internally squabble over tiny shreds of budget. Rapidly onboarding commercial software development by commercially managed infrastructure done hand-in-hand with internal development teams should be implemented throughout the US DoD in order to take advantage of best-of-breed combinations between innovation from internal to the US DoD and external commercial vendors.

We're Already At War

There's a handful of elections coming up that precipitate conditions that could lead to a hot war in the western Pacific.

Japanese Elections (and some Japanese allies) have dates corresponding to possible vulnerabilities in leadership continuity.

Given the ability for life-serving autocrats to exploit the political rife after changes in administrations, combined with some rather dire internal pressures, likelihood of conflict in 2025 with a near-peer is probably the highest since October of 1962.[30]

Even though the US DoD isn't in an active shooting war with Russia or China as of September, 2023, that doesn't mean there isn't a ton of active actions occurring across various warfare domains and instruments of national power. The US is deeply involved in everything from training Ukrainian pilots to fly the F-16 against their Russian invaders,[31] to continous cyber-espionage by China. In spite of this continual state of conflict outside of combat, the US DoD hasn't adapted its acquisition system to a "war footing." The DoD is sticking to "honorable waste" for the foreseeable future; at least it'll keep the DIB primes wealthy.

Changing Requirements

If we're going to change the acquisitions process, the requirements (and budgeting) process must change, and there's been precious little push to implement changes in these policies. The bureaucracy involved in validating a key system attribute (KSA) or key performance parameter (KPP) or how tactical requirements map to a joint capability area (JCA) are important parts of JCIDS, and drive much of the budget process throughout the FYDP.

In order to effect this change, the US DoD would be well served by changing many policies internally.

  1. Create internal marketplaces for innovation, and use them as a barometer for further budget execution.
  2. Force real agile into everywhere it's possibly applicable.
  3. Tie funding to tangible effects when possible.
  4. Employ an open software strategy.

To be more specific, let's break all of these down. With regards to #1, in the USAF, there are two planks to this already in place; squadron innovation funds (SIF), which are a sum given to lower-echelon units which cannot be reappropriated by higher-level organizations. In other words, a MAJCOM like Air Combat Command (ACC) cannot reappropriate any of the funds for its subordinate units, and instead SIF can only be executed by the end units. This actually gives grass-roots innovation from Spark Cells (the units funded by SIF) a budget to both use and to rely on, year-over-year. The second plank regarding #1 already in place is the ability for a commander at a Spark Cell to re-invest SIF to another Cell. While a higher-level command such as a Numbered Air Force (NAF) or MAJCOM cannot reappropriate funds by direction, a Spark Cell leader can use their own SIF to invest in work being done by another Spark Cell. In effect, there's now a functional market for innovation, albeit entirely funded with the paltry amounts from SIF budgets. The third plank, currently not in existance, but which would tie #1 above together is to tie market activity in the Spark Cells with movement of SIF to force the applicable PEO to report all the way to the acquisition executives (at SAF/AQ) and the leadership of the mission design series (MDS) at the MAJCOM in why they are not supporting their warfighters on the programs they are spending SIF from across multiple units on. If SAF/AQ and the MDS leadership don't unanimously agree to keep the PEO focused on existing efforts, the marketplace driven effort will be a mandatory add "above the cut line" on the following year's program element (PE).

Regarding #2 above, tenets of agile should be extended to not merely all software deployments within the US DoD, but also to any iteratively delivered product, even hardware. Far too many things in the US DoD just suck. The tactical radios carried by a communications specialist, targeting systems in a tank, navigation systems in a fighter jet. None of them are intuitive, all the products of bureaucracy. They would all be better if agile principles were used in their development and feedback from users. More importantly, they would actually make warfighters more effective. There's no reason a government developed interface for a sUAS should be hot garbage while a commercial version is intuitive and easy, yet for anyone whose flown an RQ-11 Raven or RQ-20 Puma and compare that to flying a DJI Mavic 3, it's really no contest. The former requires extensive training, isn't intuitive, and doesn't inspire the user to want to fly it. The latter can be taught to a child in nearly no time and makes use fun. That should be the standard in how things are developed, and often that may need to be tied to better incentives.

For #3 above, it's a more fundamental look at how funding is applied to programs and modify that based on iterative deployments, and can easily link to #2, both in terms of execution, and in terms of incentives. Regarding the latter, PEOs currently are not incentivized to support the warfighter. Employees at a PEO aren't beholden to mission accomplishment; rather their incentives are based on tenets such as "don't let an acquisition get protested" or "make sure spending corresponds to spend plans." A contract that delivers absolute garbage uselessness that gives no value to the warfighter but meets the engineering requirements specified within the contract and is delivered close to on-time while at or near budget is considered so acceptable, it will most likely lead to the PEO team receiving promotions. This is wholly unacceptable, but there's no link between warfighter leadership and acquisitions leadership beneath the Secretary's Office (in USAF). This should fundamentally change, and there are multiple ways to do it. For anything that involves iterative development, either hardware, or definitely with software, this can be accomplished most easily with fiscal pressure tied to performance. User acceptance from the field - not from interim commanders, from staffs at a MAJCOM or NAF, or even from field commanders who sit above the users but aren't users themselves shouldn't be part of the "acceptance chain." This isn't how any commercial entity operates, and with regards to software development, we'd be served a much greater amount by an organization model that learns those valuable lessons. For larger capital acquisitions that aren't based upon iterative deliveries, there's multiple things to consider. For one, many subsystem deliverables would still be served by having iteratively developed features, such as the operational flight program (OFP) in a tactical fighter. Conversely, the engines for a next-generation fighter probably needs to be managed in a traditional JCIDS model, both to maintain oversight and to control costs. Even then, greater scrutiny needs to be placed on the PEO relative to the warfighter. The current levels of insulation, lauded as a function of the chain of command, don't actually benefit the warfighter, the mission or the chain of command other than to simplify the ability for the PEO to deliver poorly performing capabilities.

Seems like a cliche until you realize nothing ever got accomplished in a large meeting. (Original photo: Eric Savage / Getty Images; Graphic: Unknown)

Lastly, with regards to #4, there's a wonderful blueprint for this from Amazon, both about scaling the two pizza rule,[32] and the immense value of platform investment and data exposure.[33] So much of the silo'd development - such as the example about IFDL and MADL being incompatible, would be either impossible or far more difficult if such a policy was enacted, allowing for developers on any platform to collaborate and share data. This would range from commercial transition platforms like AFWERX's Game Warden, or internal development systems like Platform One, or infrastructure as a service (IaaS) platforms like Cloud One, or enterprise service app developers like Business and Enterprise Systems Product Innovation (BESPIN) all being able to leverage their data with one another, currently almost impossible. In fact, the current infrastructure in some of the software platforms within the Air Force (and the other services) either makes this impossible - the Air Force's personnel management system, MilPDS, is incompatible with the Defense Finance and Accounting System (DFAS) in spite of hundreds of millions in earlier investment - or, is sometimes merely incentivized to not be compatible, such as narrowly implemented policy decisions about cross-impact level (IL) data sharing forcing Air Force users to pay for the same byte multiple times and use poorly configured structures to move information even within the same app, much less across exposable application programming interfaces (APIs).

The deployment of myEval was a failure due[34] to ambition being hamstrung by bad policy and the people leading the push not understanding the policies - from the ATO and RMF perspective to the concepts of agile user-oriented design. More importantly, the failure of myEval should be seen as a cautionary tale about how even trying to modernize requires understanding the nuance of DoD acquisition rules and just having a good idea isn't good enough right now.

These four recommended changes above would require more than a few memos by four-star officers and/or senior executive service (SES) and could possibly require some work on the Hill, but could radically change deliverables to favor the warfighter and force modernization. It's worth fighting for in a future NDAA.

Lean More Into The Chaos

The US has found a lot of success since World War II in using adaptive use of doctrine during maneuver warfare as a huge advantage relative to top-down micromanaged enemies. From the massive strategic benefit of little bands of paratroopers (LBPs) during Operation Overlord, to the use of tactically aligned intelligence preparation of the operational environment (IPOE).

The US has however has began consolidating tactical decision making at higher echelons,[35] which is to be expected fallout of a DoD that rewards risk aversion.[36] As an example, in 2005, use of a remote operated enhanced receiver (ROVER) feed from an unmanned aerial vehicle (UAV) would be conducted at the bleeding edge of the fight, allowing the tactical commander nearest the fight - possibly even a Second Lieutenant or a Non-Commissioned Officer (NCO) to make a tactical decision in real-time with added situational awareness (SA). Yet by 2012, the use of that same ROVER feed off the same UAV had moved the decision away from the tactical commander in the field all the way up to brigade or division. The reason wasn't a good one; it wasn't as if all good decision-making in the field ended when the Lieutenant in 2005 was promoted to Captain and took his decisions with him; quite the contrary, the only reason a Lieutenant in 2005 became a good Captain and eventually, Colonel, was the ability to make relevant decisions and operate. By removing that from the field, the consolidation of C2 at higher headquarters decreased the effectiveness of future leaders and decreased the effectiveness of field capabilities. The consolidation removed the US advantage of decentralized exeuction that favors intelligent leaders using adaptable doctrine to take advantage of post-contact changes in plans, and instead reverted US policy to be more akin to conscript-based top-down inefficient military posture. This is also a reflection of a risk-averse leadership model, rewarding timid leadership that lacks courage to challenge systemic problems but doesn't hesitate to belittle subordinates. Taking the "safe way" out of any given situation; maintaining the status quo in both tactics and in acquisitions has kept thousands of leaders out of trouble; it's an easy path to promotion if they can just prevent innovation and avoid conduct unbecoming of an officer.

A perfect example of this type of attitude was in 2016 when the aircraft maintenance community realized their suicide rate was the worst in the USAF and a handful of hard-charging Airmen strove to do something innovative about it. Everything about their operations was bad; inconsistent (and excessive) hours, incredibly poor appreciation and "membership" to the mission, horrible systems for management, etc. Even the lights used in the hangars were associated with higher rates of depression. Yet when asked in user interviews "what's the worst part about your job?" the largest single answer was "I hate that I have to log everything I do separately into three different systems." Boom, easy fix. The Defense Innovation Unit (DIU) reached out to some innovative software design companies in San Francisco and contracted software developers to build an iteratively developed, continuously delivered, user-centric designed tool to satisfy this drastic need. But before DIU could even begin working on the program, much less pursue the difficulties of the ATO or policy, the PEO, specifically the F-16 SPO, shut the program down. The reason? There wasn't a requirement for fixing the three software apps being a source of irritation. Maintenance should just use the three separate (poorly designed) systems and get over their depression, and the Airmen (and DIU) trying to fix the problem should butt out of PEO business.

The SPO probably also told their maintainers to drink some extra whiskey and beat their dog too.
Might as well have.

Between consolidation of C2, excessive risk aversion in military leadership, and a deficient acqusitions system, the US is poised to either lose forthcoming combat engagements, or spend excessive blood and treasure to gain victory.

Operationalize Culture

Operationalizing culture involves translating the multifaceted elements of culture into tangible actions and practices within an organization or society. Culture can be understood as a composite of values, beliefs, rituals, and behaviors. Values represent what is considered important and worthy in a given culture, providing a framework for assessing the significance of various aspects of life. Beliefs, on the other hand, constitute the collective knowledge and convictions of a culture, shaping the way individuals perceive and interpret their world. Rituals, which encompass customs, traditions, and ceremonies, serve as tangible expressions of culture, memorializing significant events or reinforcing shared values. Finally, behaviors encapsulate the actions and conduct of individuals within a culture, reflecting both personal choices and societal expectations. When framing this culture in the context of the US DoD, we unfortuantely find ourselves with differing values and beliefs which are reflections of rituals and behaviors that have grossly different inputs. The culture of acquisitions professionals and the culture of warfighters are grossly different, and that's part of the problem for modernizing the US DoD in whole.

In operationalizing culture for the US DoD, it is crucial to recognize the dynamic nature of cultural elements and their varying degrees of adaptability, then lean into what should be a common ethos. Striking a balance between allowing culture to evolve, especially in response to rapid changes, while preserving core values and moderately adapting beliefs is a complex challenge that requires thoughtful leadership and cultural stewardship. Successful operationalization of culture hinges on the ability to navigate this delicate balance and ensure that cultural evolution aligns with the US DoD's overarching objectives and values. Shifting the acquisitions community to embrace the same cultural values as the rest of the warfighters is going to be vital, but so is getting warfighters themselve to accept that they'll have to pivot. The warfighter's role isn't to protect their job, it's to protect the US people and Constitution and the American way of life. Sometimes, that means moving on from antiquated rituals, or even antiquated concepts, TTPs, or even wholly obsolete structures.

An example of these cultural differences based on shared values is the officer tracks between the most typical combatants in the US Army (USA), 11A, Infantry Officer, and the USAF, 11F, Fighter Pilot, and how the traditional role of a pilot serving in a Tactical Air Control Party (TACP) unit caused a major internal conflict due to incompatible rituals, and how the cultures in both USAF communities will likely need to change soon to accomodate maintain our values. In the case of a typical 11F in the USAF, enlisted personnel within their given units throughout their entire career exist in a support function, and the Fighter Pilot goes alone and unafraid into combat, on the tip of the spear, facing danger. Conversely, in the Army, the 11A exists to provide leadership, stand up for their subordinates, and advocate for their subordinates, as their enlisted subordinates are the actual warfighters who go into harm's way. In the Air Force Special Warfare (AFSPECWAR) community, such as the TACP enterprise, the actual warfighting is done by the enlisted subordinates. For more than 25 years, the officer corps of the TACP career field was exclusively USAF pilots serving short (2-3 year) terms as officers, and their culture from throughout their careers - as the warfighter themselves, with subordinate enlisted serving purely a support role - lead to a massive number of issues both at the tactical and even at the Headquarters, Air Force (HAF) level. Ultimately, USAF realized TACP needed to have their own officers for two reasons: A. The culutral norms and ritualized behavior of pilots fulfilling their roles in the TACP enterprise was bad for the entirety of the USAF, but also, B. The cultural norms and ritualized behavior of pilots within their own community was a good thing, and made the USAF the most powerful Air Force in the world more than anything else. The dedicated TACP officers now share more rituals and traditions with their Army 11A cousins than their USAF 11F brothers, but that's not a bad thing, especially as they all share common values about protection of the American way of life. Unfortunately, the shared values of our warfighting forces isn't often shared with our acquisition community, and this is sad as the commercial sector's blazing fast movement of R&D shares more with the warfighting community than it does with the acquisitions community.

Commercial drone swarm test for the US Army. (Pv2 James Newsome/US Army)

As mentioned before (and with more detail in the next paper), modern warfighting will possibly end the role of the manned fighter-pilot in combat. And that's okay. It will also probably end the role of the JTAC as we currently understand them in 99% of given engagements, only keeping them around to support Special Operations Forces (SOF) units doing foreign internal defense (FID) missions in third-party nations who have their own primative CAS capabilities. What matters is that rapid acquisitions of knowledge into the US DoD - and pivoting to a Third Offset Strategy (3OS) that takes advantage of the US economy's ability to get inside an enemy observe, orient, decide and act (OODA) loop across the entire spectrum of warfare from tactical operations to commercial acquisitions will be the heart of a future pivot. This matches with the transition of the US becoming a knowledge and information economy. Ultimately understanding this is the core of our strength as a nation, and our ability to pivot our rituals and behaviors so we can maintain our values and beliefs will be allow us to overcome risk aversion weakness, temporal failures from centralized C2 a cognizant enemy could capitalize on, and more importantly, an acquisition model that currently favors our primary pacing threat.

Sun Tzu, probably second only to Carl von Clausewitz is heralded as an innovative strategist and deep thinker on the subject of war at the nation-state level. More importantly in the context of this paper, Sun Tzu was Chinese, and that matters in more than one context. Yet a quote of his seems incredibly apt:

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” - Sun Tzu[37]

The reason this quote is terrifyingly apt is that while China probably knows neither themselves nor their enemy, the US DoD finds itself in the one variant not even defined by Sun Tzu; the US DoD arguably knows China's capacity and capability even better than China does, but doesn't know its own economy, its own tactical capabilities when unleashed with its own R&D, or even its own true capabilities across the spectrums of warfare when fully capable of taking advantage of the US economy.


Header image courtesy of SOFWERX / DefenseWERX


References/works cited and assorted footnotes.

1 Inhofe, Jim. 2022. Afghanistan Was a Predictable, Preventable Disaster. August 15.

2 Roper Schell, Christopher. 2021. America’s Afghanistan Fiasco: The Buck Stops With Biden. September 23.

3 Wong, Kristina. 2015. Army Chief: ISIS’ rise could have been prevented in Iraq. July 22.

4 Ambrose, Stephen E. 2005. The Cold War: A Military History - "The Christmas Bombings". Edited by Robert Cowley. September 6.

5 Kirkpatrick, David D. and Eric Schmitt. 2021. ISIS Reaps Gains of U.S. Pullout From Syria. October 22.

6 Scobell, Andrew. 2021. China and the U.S. Exit from Afghanistan: Not a Zero-Sum Outcome. September 22.

7 Layne, Rachel. 2021. Americans could owe $6.5 trillion for wars in Afghanistan and Iraq — and that's just the interest. August 18.

8 National Commission on Terrorist Attacks Upon the United States. 2004. "The 9/11 Report" - Chapter 5: al-Qaeda Aims at the American Homeland. August 21.

9 Greenwalt, Bill. 2021. China Already Outspends US Military? Discuss. May 26.
and
Freedberg, Sydney J., Jr. 2018. US Defense Budget Not That Much Bigger Than China, Russia: Gen. Milley May 22.

10 Mehta, Aaron. 2018. The US may not be able to fight two big wars at once. October 3.

11 Maslow, Abraham H. 1966. The Psychology of Science: A Reconnaissance. January 1.

12 Freedberg, Sydney J. 1998. The myth of the $600 hammer. December 7.

13 General Services Administration, US Department of Defense and National Aeronautics and Space Administration. 2022. Federal Acquisitions Regulation. January 30.

14 Office of the Secretary of Defense. 2023. Defense Federal Acquisition Regulation Supplement. August 17.

15 Office of the Secretary of Defense. 2023. Procedures, Guidance, and Information (PGI). August 17.

16 Smithberger, Mandy. 2018. Brass Parachutes: The Problem of the Pentagon Revolving Door. November 5.

17 Intersol Group. 2019. Organizational Culture and the 5 Monkeys Experiment. May 26.

18 Everstine, Brian W. 2018. The F-22 and the F-35 Are Struggling to Talk to Each Other … And to the Rest of USAF. January 29.

19 People of the United States. 1788. United States Constitution, Article I, Section 8, Clause 12. June 21.

20 Cullum's Register. 2015. Alexander J. Perry. March 24.

21 United States Department of Justice. 2023. The False Claims Act. April 4.

22 Greenbaum, Mark. 2013. The Civil War’s War on Fraud. March 7.

23 Wolters Kluwer. 2020. Government contracting rules you need to know. May 4.

24 Federal Bureau of Investigation. 2016. Operation Illwind. May 19.

25 MITRE. 2019. . .

26 Rotman, David. 2020. We're not prepared for the end of Moore's Law. February 24.

27 Merchant, Brian. 2017. The Secret Origin of the iPhone. June 13.

28 Grand View Research. 2023. Cyber Security Market Size, Share & Trends Analysis Report By Component, By Security Type, By Solution, By Services, By Deployment, By Organization Size, By Application, By Region, And Segment Forecasts, 2023 - 2030.

29 Office of the Director of National Intelligence. 2023. US Intelligence Community Budget.

30 Neuman, Scott. 2022. 60 years after the Cuban missile crisis, Russia's threats reignite Cold War fears. October 16.

31 Chiappa, Claudia. 2023. US sets date to train Ukrainian F-16 pilots as Norway pledges jets. August 25.

32 Hern, Alex. 2018. The two-pizza rule and the secret of Amazon's success. April 24.

33 Yegge, Steve. 2011. Steve Yegge's Google Platforms Rant.

34 Hadley, Greg. 2022. Air Force Announces Pause of Much-Maligned ‘myEval’ Platform. November 28.

35 Duval, Ben. 2023. Drones, Trenches, and C2: A Recipe for Centralization? May 25.

36 Lythgoe, Trent. 2019. Our Risk-Averse Army: How We Got Here, and How to Overcome It. May 9.

37 Sun Tzu. 2022. The Art of War. June 23. Translated by Lionel Giles (1910).