Notes from Information Warfare Principles and Operations

Notes from the book Information Warfare Principles and Operations by Edward Waltz

***

This ubiquitous and preeminent demand for information has shaped the current recognition that war fighters must be information warriors—capable of understanding the value of information in all of its roles: as knowledge, as target, as weapon.

Data—Individual observations, measurements, and primitive messages form the lowest level. Human communication, text messages, electronic queries, or scientific instruments that sense phenomena are the major sources of data.

Information—Organized sets of data are referred to as information. The organizational process may include sorting, classifying, or indexing and linking data to place data elements in relational context for subsequent searching and analysis.

Knowledge—Information, once analyzed and understood, is knowledge. Understanding of information provides a degree of comprehension of both the static and dynamic relationships of the objects of data and the ability to model structure and past (and future) behavior of those objects. Knowledge includes both static content and dynamic processes. In the military context, this level of understanding is referred to as intelligence.

Information is critical for the processes of surveillance, situation assessment, strategy development, and assessment of alternatives and risks for decision making.

Information in the form of intelligence and the ability to forecast possible future outcomes distinguishes the best warriors.

The control of some information communicated to opponents, by deception (seduction and surprise) and denial (stealth), is a contribution that may provide transitory misperception to an adversary.

The supreme form of warfare uses information to influence the adversary’s perception to subdue the will rather than using physical force.

The objective of A is to influence and coerce B to act in a manner favorable to A’s objective. This is the ultimate objective of any warring party—to cause the opponent to act in a desired manner: to surrender, to err or fail, to withdraw forces, to cease from hostilities, and so forth. The attacker may use force or other available influences to achieve this objective. The defender may make a decision known to be in favor of A (e.g., to acknowledge defeat and surrender) or may fall victim to seduction or deception and unwittingly make decisions in favor of A.

Three major factors influence B’s decisions and resulting actions (or reactions) to A’s attack.

The capacity of B to act

The will of B to act

The perception of B

Information warfare operations concepts are new because of the increasing potential (or threat) to affect capacity and perception in the information and perception domains as well as the physical domain. These information operations are also new because these domains are vulnerable to attacks that do not require physical force alone. Information technology has not changed the human element of war. It has, however, become the preeminent means by which military and political decision makers perceive the world, develop beliefs about the conflict, and command their forces.

Information targets and weapons can include the entire civil and commercial infrastructure of a nation. The military has traditionally attacked military targets with military weapons, but IW introduces the notion that all national information sources and processes are potential weapons and targets.

Col. Richard Szafranski has articulated such a view, in which the epistemology (knowledge and belief systems) of an adversary is the central strategic target and physical force is secondary to perceptual force [6].

Economic and psychological wars waged over global networks may indeed be successfully conducted by information operations alone.

Information superiority is the end (objective) of information operations (in the same sense that air superiority is an objective), while the operations are the means of conduct (in the sense that tactical air power is but one tool of conflict).

Since the Second World War, the steady increase in the electronic means of collecting, processing, and communicating information has accelerated the importance of information in warfare in at least three ways.

First, intelligence surveillance and reconnaissance (ISR) technologies have extended the breadth of scope and range at which adversaries can be observed and targeted, extending the range at which forces engage. Second, computation and communication technologies supporting the command and control function have increased the rate at which information reaches commanders and the tempo at which engagements can be conducted. The third area of accelerated change is the integration of information technology into weapons, increasing the precision of their delivery and their effective lethality.

The shift is significant because the transition moves the object of warfare from the tangible realm to the abstract realm, from material objects to nonmaterial information objects. The shift also moves the realm of warfare from overt physical acts against military targets in “wartime” to covert information operations conducted throughout “peacetime” against even nonmilitary targets. This transition toward the dominant use of information (information-based warfare) and even the targeting of information itself (information warfare, proper) [8] has been chronicled by numerous writers.

According to the Tofflers, the information age shift is bringing about analogous changes in the conduct of business and warfare in ten areas.

Production—The key core competency in both business and warfare is information production.

In business, the process knowledge and automation of control, manufacturing, and distribution is critical to remain competitive in a global market; in warfare, the production of intelligence and dissemination of information is critical to maneuvering, supplying, and precision targeting.

Intangible values—The central resource for business and warfare has shifted from material values (property resources) to intangible information. The ability to apply this information discriminates between success and failure.
Demassification—As information is efficiently applied to both business and warfare, production processes are shifting from mass production (and mass destruction) to precision and custom manufacturing (and intelligence collection, processing, and targeting).
Worker specialization—The workforce of workers and warriors that performs the tangible activities of business and war is becoming increasingly specialized, requiring increased training and commitment to specialized skills.
Continuous change—Continuous learning and innovation characterize the business and workforces of information-based organizations because the information pool on which the enterprise is based provides broad opportunity for understanding and improvement. Peter Senge has described the imperative for these learning organizations in the new information-intensive world [12].
Scale of operations—As organizations move from mass to custom production, the teams of workers who accomplish tangible activities within organizations will become smaller, more complex teams with integrated capabilities. Business units will apply integrated process teams, and military forces will move toward integrated force units.
Organization—Organizations with information networks will transition from hierarchical structure (information flows up and down) toward networks where information flows throughout the organization. Military units will gain flexibility and field autonomy.

8.Management—Integrated, interdisciplinary units and management teams will replace “stovepiped” leadership structures of hierarchical management organizations.

Infrastructure—Physical infrastructures (geographic locations of units, physical placement of materials, physical allocation of resources) will give way to infrastructures that are based upon the utility of information rather than physical location, capability, or vulnerability.
Acceleration of processes—The process loops will become tighter and tighter as information is applied to deliver products and weapons with increasing speed. Operational concurrence, “just-in-time” delivery, and near-real-time control will characterize business and military processes.

an information-based age in which:

Information is the central resource for wealth production and power.
Wealth production will be based on ownership of information—the creation of knowledge and delivery of custom products based on that knowledge.
Conflicts will be based on geoinformation competitions over ideologies and economies.
The world is trisected into nations still with premodern agricultural capabilities (first wave), others with modern industrial age capabilities (second wave), and a few with postmodern information age capabilities (third wave).

The ultimate consequences, for not only wealth and warfare, will be the result of technology’s impact on infrastructure, which influences the social and political structure of nations, and finally, that impact on the global collection of nations and individuals.

Table 1.2 illustrates one cause-and-effect cascade that is envisioned. The table provides the representative sequence of influences, according to some futurists, that has the potential even to modify our current structure of nation states, which are defined by physical boundaries to protect real property.

“Cyberwar is Coming!” by RAND authors John Arquilla and David Ronfeldt distinguished four basic categories of information warfare based on the expanded global development of information infrastructures (Table 1.3) [16].

Net warfare (or netwar)—This form is information-related conflict waged against nation states or societies at the highest level, with the objective of disrupting, damaging, or modifying what the target population knows about itself or the world around it.

The weapons of netwar include diplomacy, propaganda and psychological campaigns, political and cultural subversion, deception or interference with the local media, infiltration of computer databases, and efforts to promote dissident or opposition movements across computer networks [17].

Political warfare—Political power, exerted by institution of national policy, diplomacy, and threats to move to more intense war forms, is the basis of political warfare between national governments.

Economic warfare—Conflict that targets economic performance through actions to influence economic factors (trade, technology, trust) of a nation intensifies political warfare from the political level to a more tangible level

Command and control warfare (C2W)—The most intense level is conflict by military operations that target opponent’s military command and control.

Many describe netwar as an ongoing process of offensive, exploitation, and defensive information operations, with degrees of intensity moving from daily unstructured attacks to focused net warfare of increasing intensity until militaries engage in C2W.

Martin Libicki, has proposed seven categories of information warfare that identify specific type of operations [21].

Command and control warfare—Attacks on command and control systems to separate command from forces;
Intelligence-based warfare—The collection, exploitation, and protection of information by systems to support attacks in other warfare forms;
Electronic warfare—Communications combat in the realms of the physical transfer of information (radioelectronic) and the abstract formats of information (cryptographic);
Psychological warfare—Combat against the human mind;
Hacker warfare—Combat at all levels over the global information infrastructure;
Economic information warfare—Control of economics via control of information by blockade or imperialistic controls;
Cyber warfare—Futuristic abstract forms of terrorism, fully simulated combat, and reality control are combined in this warfare category and are considered by Libicki to be relevant to national security only in the far term.

Author Robert Steele has used two dimensions to distinguish four types of warfare.

Steele’s taxonomy is organized by dividing the means of conducting warfare into two dimensions.

The means of applying technology to conduct the conflict is the first dimension. High-technology means includes the use of electronic information-based networks, computers, and data communications, while low-technology means includes telephone voice, newsprint, and paper-based information.
The type of conflict is the second dimension, either abstract conflict (influencing knowledge and perception) or physical combat.

the principles of information operations apply to criminal activities at the corporate and personal levels (Table 1.5). Notice that these are simply domains of reference, not mutually exclusive domains of conflict; an individual (domain 3), for example, may attack a nation (domain 1) or a corporation (domain 2).

Numerous taxonomies of information warfare and its components may be formed, although no single taxonomy has been widely adopted.

1.5.1 A Functional Taxonomy of Information Warfare

A taxonomy may be constructed on the basis of information warfare objectives, functions (countermeasure tactics), and effects on targeted information infrastructures [29]. The structure of such a taxonomy (Figure 1.3) has three main branches formed by the three essential security properties of an information infrastructure and the objectives of the countermeasures for each.

Availability of information services (processes) or information (content) may be attacked to achieve disruption or denial objectives.

Integrity of information services or content may be attacked to achieve corruption objectives (e.g., deception, manipulation of data, enhancement of selective data over others).

Confidentiality (or privacy) of services or information may be attacked to achieve exploitation objectives.

Detection—The countermeasure may be (1) undetected by the target, (2) detected on occurrence, or (3) detected at some time after the after occurrence.
Response—The targeted system, upon detection, may respond to the countermeasure in several degrees: (1) no response (unprepared), (2) initiate audit activities, (3) mitigate further damage, (4) initiate protective actions, or (5) recover and reconstitute.

One type of attack, even undetected, may have minor consequences, for example, while another attack may bring immediate and cascading consequences, even if it is detected with response. For any given attack or defense plan, this taxonomy may be used to develop and categorize the countermeasures, their respective counter-countermeasures, and the effects to target systems.

the air force defines information warfare as any action to deny, exploit, corrupt, or destroy the enemy’s information and its functions; protecting ourselves against those actions; and exploiting our own military information functions.

1.6 Expanse of the Information Warfare Battlespace

As indicated in the definitions, the IW battlespace extends beyond the information realm, dealing with information content and processes in all three realms introduced earlier in our basic functional model of warfare.

The physical realm—Physical items may be attacked (e.g., destruction or theft of computers; destruction of facilities, communication nodes or lines, or databases) as a means to influence information. These are often referred to as “hard” attacks.
The information infrastructure realm—Information content or processes may be attacked electronically (through electromagnetic transmission or over accessible networks, by breaching information security protections) to directly influence the information process or content without a physical impact on the target. These approaches have been distinguished as indirect or “soft” attacks.
The perceptual realm—Finally, attacks may be directly targeted on the human mind through electronic, printed, or oral transmission paths. Propaganda, brainwashing, and misinformation techniques are examples of attacks in this realm.

Viewed from an operational perspective, information warfare may be applied across all phases of operations (competition, conflict, to warfare) as illustrated in Figure 1.5.

(Some lament the nomenclature “information warfare” because its operations are performed throughout all of the phases of traditional “peace.” Indeed, net warfare is not at all peaceful, but it does not have the traditional outward characteristics of war.)

Because information attacks are occurring in times of peace, the public and private sectors must develop a new relationship to perform the functions of indication and warning (I&W), security, and response.

1.7 The U.S. Transition to Information Warfare

The U.S. Joint Chiefs of Staff “Joint Vision 2010,” published in 1996, established “information superiority” as the critical enabling element that integrates and amplifies four essential operational components of twenty-first century warfare.

Dominant maneuver to apply speed, precision, and mobility to engage targets from widely dispersed units;
Precision engagement of targets by high-fidelity acquisition, prioritization of targets, and joint force command and control;
Focused logistics to achieve efficient support of forces by integrating information about needs, available transportation, and resources;
Full-dimension protection of systems processes and forces through awareness and assessment of threats in all dimensions (physical, information, perception).

Nuclear and information war are both technology-based concepts of warfare, but they are quite different. Consider first several similarities. Both war forms are conceptually feasible and amenable to simulation with limited scope testing, yet both are complex to implement, and it is difficult to accurately predict outcomes. They both need effective indications and warnings, targeting, attack tasking, and battle damage assessment. Nevertheless, the contrasts in the war forms are significant. Information warfare faces at least four new challenges beyond those faced by nuclear warfare.

The first contrast in nuclear and information war is the obvious difference in the physical effects and outward results of attacks. A nuclear attack on a city and an information warfare attack on the city’s economy and infrastructure may have a similar functionaleffect on its ability to resist an occupying force, but the physical effects are vastly different.

Second, the attacker may be difficult to identify, making the threat of retaliatory targeting challenging. Retaliation in kind and in proportion may be difficult to implement because the attacker’s information dependence may be entirely different than the defender’s.

The third challenge is that the targets of information retaliation may include private sector information infrastructures that may incur complex (difficult to predict) collateral damages.

Finally, the differences between conventional and nuclear attacks are distinct. This is not so with information operations that may begin as competition, escalate to conflict, and finally erupt in to large-scale attacks that may have the same functional effects as some nuclear attacks.

In the future, the IW continuum may be able to smoothly and precisely escalate in the dimensions of targeting breadth, functional coverage, and impact intensity. (This does not imply that accurate effects models exist today and that the cascading effects of information warfare are as well understood as nuclear effects, which have been thoroughly tested for over three decades.)

1.8 Information Warfare and the Military Disciplines

Organized information conflict encompasses many traditional military disciplines, requiring a new structure to orchestrate offensive and defensive operations at the physical, information, and perceptual levels of conflict.

1.9 Information and Peace

Information technology not only provides new avenues for conflict and warfare, but it also provides new opportunities for defense, deterrence, deescalation, and peace.

In War and Anti-War, the Tofflers argue that while the third-wave war form is information warfare, the third-wave peace form is also driven by the widespread availability of information to minimize misunderstanding of intentions, actions, and goals of competing parties. Even as information is exploited for intelligence purposes, the increasing availability of this information has the potential to reduce uncertainty in nation states’ understanding of each other. Notice, however, that information technology is a two-edged sword, offering the potential for cooperation and peace, or its use as an instrument of conflict and war. As with nuclear technology, humankind must choose the application of the technology.

information resources provide powerful tools to engage nations in security dialogue and to foster emerging democracies by the power to communicate directly to those living under hostile, undemocratic regimes. The authors recommended four peace-form activities that may be tasked to information peacemakers.

Engage undemocratic states and aid democratic traditions—Information tools, telecommunications, and broadcast and computer networks provide a means to supply accurate news and unbiased editorials to the public in foreign countries, even where information is suppressed by the leadership.
Protect new democracies—Ideological training in areas such as democratic civil/military relationships can support the transfer from military rule to democratic societies.
Prevent and resolve regional conflicts—Telecommunication and network information campaigns provide a means of suppressing ethnonationalist propaganda while offering an avenue to provide accurate, unbiased reports that will abate rather than incite violence and escalation.
Deter crime, terrorism, and proliferation, and protect the environment—Information resources that supply intelligence, indications and warnings, and cooperation between nations can be used to counter transnational threats in each of these areas.

1.10 The Current State of Information Warfare

At the writing of this book, it has been well over a decade since the concept of information warfare was introduced as a critical component of the current revolution in military affairs (RMA).

1.10.1 State of the Military Art

The U.S. National Defense University has established a School of Information Warfare and Strategy curriculum for senior officers to study IW strategy and policy and to conduct directed research at the strategic level.

The United States is investigating transitional and future legal bases for the conduct of information warfare because the character of some information attacks (anonymity, lack of geospatial focus, ability to execute without a “regulated force” of conventional “combatants,” and use of unconventional information weapons) are not consistent with current accepted second-wave definitions in the laws of armed conflict.

1.10.2 State of Operational Implementation

The doctrine of information dominance (providing dominant battlespace awareness and battlespace visualization) has been established as the basis for structuring all command and control architectures and operations. The services are committed to a doctrine of joint operations, using interoperable communication links and exchange of intelligence, surveillance, and reconnaissance (ISR) in a global command and control system (GCCS) with a common software operating environment (COE).

1.10.3 State of Relevant Information Warfare Technology

The technology of information warfare, unlike previous war forms, is driven by commercial development rather than classified military research and development.

Key technology areas now in development include the following:

Intelligence, surveillance, and reconnaissance (ISR) and command and control (C2) technologies provide rapid, accurate fusion of all-source data and mining of critical knowledge to present high-level intelligence to information warfare planners. These technologies are applied to understand geographic space (terrain, road networks, physical features) as well cyberspace (computer networks, nodes, and link features).
Information security technologies include survivable networks, multilevel security, network and communication security, and digital signature and advanced authentication technologies.
Information technologies, being developed in the commercial sector and applicable to information-based warfare, include all areas of network computing, intelligent mobile agents to autonomously operate across networks, multimedia data warehousing and mining, and push-pull information dissemination.
Electromagnetic weapon technologies, capable of nonlethal attack of information systems for insertion of information or denial of service.
Information creation technologies, capable of creating synthetic and deceptive virtual information (e.g., morphed video, synthetic imagery, duplicated virtual realities).

1.11 Summary

Information warfare is real. Information operations are being conducted by both military and non-state-sponsored organizations today. While the world has not yet witnessed nor fully comprehended the implications of a global information war, it is now enduring an ongoing information competition with sporadic conflicts in the information domain.

Szafranski, R., (Col. USAF), “A Theory of Information Warfare: Preparing for 2020,” Airpower Journal, Vol. 9, No. 1, Spring 1995.

Part I
Information-Based Warfare

Information, as a resource, is not like the land or material resources that were central to the first and second waves.

Consider several characteristics of the information resource that make it unique, and difficult to quantify.

Information is abstract—It is an intangible asset; it can take the form of an entity (a noun—e.g., a location, description, or measurement) or a process (a verb—e.g., a lock combination, an encryption process, a patented chemical process, or a relationship).
Information has multiple, even simultaneous uses—The same unit of information (e.g., the precise location and frequency of a radio transmitter) can be used to exploit the transmissions, to selectively disrupt communications, or to precisely target and destroy the transmitter. Information about the weather can be used simultaneously by opposing forces, to the benefit of both sides.
Information is inexhaustible, but its value may perish with time—Information is limitless; it can be discovered, created, transformed, and repeated, but its value is temporal: recent information has actionable value, old information may have only historical value.
Information’s relationship to utility is complex and nonlinear—The utility or value of information is not a function simply of its volume or magnitude. Like iron ore, the utility is a function of content, or purity; it is a function of the potential of data, the content of information, and the impact of knowledge in the real world. This functional relationship from data to the impact of knowledge is complex and unique to each application of information technology.

2.1 The Meaning of Information

The observation process acquires data about some physical process (e.g., combatants on the battlefield, a criminal organization, a chemical plant, an industry market) by the measurement and quantification of observed variables. The observations are generally formatted into reports that contain items such as time of observation, location, collector (or sensor or source) and measurements, and the statistics describing the level of confidence in those measurements. An organization process converts the data to information by indexing the data and organizing it in context (e.g., by spatial, temporal, source, content, or other organizing dimensions) in an information base for subsequent retrieval and analysis. The understanding process creates knowledge by detecting or discovering relationships in the information that allow the data to be explained, modeled, and even used to predict future behavior of the process being observed. At the highest (and uniquely human) level, wisdom is the ability to effectively apply knowledge to implement a plan or action to achieve a desired goal or end state.

We also use the terminology creation or discovery to refer to the effect of transforming data into useful knowledge. Several examples of discovering previously unknown knowledge by the processes of analyzing raw data include the detection or location of a battlefield target, the identification of a purchasing pattern in the marketplace, distinguishing a subtle and threatening economic action, the cataloging of the relationships between terrorist cells, or the classification of a new virus on a computer network.

The authors of the Measurement of Meaning have summed up the issue:

[Meaning] certainly refers to some implicit process or state which must be inferred from observables, and therefore it is a sort of variable that contemporary psychologists would avoid dealing with as long as possible. And there is also, undoubtedly, the matter of complexity—there is an implication in the philosophical tradition that meanings are uniquely and infinitely variable, and phenomena of this kind do not submit readily to measurement [2].

In the business classic on the use of information, The Virtual Corporation, Davidow and Malone [3] distinguish four categories of information (Table 2.2).

Content information—This describes the state of physical or abstract items. Inventories and accounts maintain this kind of information; the military electronic order of battle (EOB) is content information.
Form information—This describes the characteristics of the physical or abstract items; the description of a specific weapon system in the EOB is a form.
Behavior information—In the form of process models this describes the behavior of objects or systems (of objects); the logistics process supporting a division on the battlefield, for example, may be modeled as behavior information describing supply rate, capacity, and volume.
Action information—This is the most complex form, which describes reasoning processes that convert information to knowledge, upon which actions can be taken. The processes within command and control decision support tools are examples of Davidow’s action information category.

In a classic text on strategic management of information for business, Managing Information Strategically, the authors emphasized the importance of understanding its role in a particular business to develop business strategy first, then to develop information architectures.

Information leverage—In this strategy, IT enables process innovation, amplifying competitive dimensions. An IBW example of this strategy is the application of data links to deliver real-time targeting to weapons (sensor-to-shooter applications) to significantly enhance precision and effectiveness.

Information product—This strategy captures data in existing processes to deliver information or knowledge (a by-product) that has a benefit (market value) in addition to the original process. Intelligence processes in IBW that collect vast amounts of data may apply this strategy to utilize the inherent information by-products more effectively. These by-products may support civil and environmental applications (markets) or support national economic competitive processes [6].

Information business—The third strategy “sells” excess IT capacity, or information products and services. The ability to share networked computing across military services or applications will allow this strategy to be applied to IBW applications, within common security boundaries.

2.2 Information Science

We find useful approaches to quantifying data, information, and knowledge in at least six areas: the epistemology and logic branches of philosophy, the engineering disciplines of information theory and decision theory, the semiotic theory, and knowledge management. Each discipline deals with concepts of information and knowledge from a different perspective, and each contributes to our understanding of these abstract resources. In the following sections, we summarize the approach to define and study information or knowledge in each area.

2.2.1 Philosophy (Epistemology)

The study of philosophy, concerned with the issues of meaning and significance of human experience, presumes the existence of knowledge and focuses on the interpretation and application of knowledge. Because of this, we briefly consider the contribution of epistemology, the branch of philosophy dealing with the scope and extent of human knowledge, to information science.

Representative of current approaches in epistemology, philosopher Immanuel Kant [7] distinguished knowledge about things in space and time (phenomena) and knowledge related to faith about things that transcend space and time (noumena). Kant defined the processes of sensation, judgment, and reasoning that are applied to derive knowledge about the phenomena. He defined three categories of knowledge derived by judgment:

(1) analytic a priori knowledge is analytic, exact, and certain (such as purely theoretical, imaginary constructs like infinite straight lines), but often uninformative about the world in which we live;

(2) synthetic a priori knowledge is purely intuitive knowledge derived by abstract synthesis (such as purely mathematical statements and systems like geometry, calculus, and logic), which is exact and certain; and

(3) synthetic a posteriori knowledge about the world, which is subject to human sense and perception errors.

2.2.2 Philosophy (Logic)

Philosophy has also contributed the body of logic that has developed the formal methods to describe reasoning. Logic uses inductive and deductive processes that move from premises to conclusions through the application of logical arguments.

The general characteristics of these forms of reasoning can be summarized.

Inductive arguments can be characterized by a “degree of strength” or “likelihood of validity,” while deductive arguments are either valid (the premises are true and the conclusion must always be true) or invalid (as with the non sequitur, in which the conclusion does not follow from the premises). There is no measure of degree or uncertainty in deductive arguments; they are valid or invalid—they provide information or nothing at all.
The conclusions of inductive arguments are probably, but not necessarily, true if all of the premises are true because all possible cases can never be observed. The conclusions of a deductive argument must be true if all of the premises are true (and the argument logic is correct).
Inductive conclusions contain information (knowledge) that was not implicitly contained in the premises. Deductive conclusions contain information that was implicitly contained in the premises. The deductive conclusion makes that information (knowledge) explicit.

To the logician, deduction cannot provide “new knowledge” in the sense that the conclusion is implicit in the premises.

2.2.3 Information Theory

The engineering science of information theory provides a statistical method for quantifying information for the purpose of analyzing the transmission, formatting, storage, and processing of information.

2.2.4 Decision Theory

Decision theory provides analytical means to make decisions in the presence of uncertainty and risk by choosing among alternatives. The basis of this choice is determined by quantifying the relative consequences of each alternative and choosing the best alternative to optimize some objective function.

Decision theory distinguishes two categories of utility functions that provide decision preferences on the basis of value or risk [12].

Value—These utility functions determine a preferred decision on the basis of value metrics where no uncertainty is present.
Risk—These functions provide a preferred decision in the presence of uncertainty (and therefore a risk that the decision may not deliver the highest utility).

While not offering a direct means of measuring information per se, utility functions provide a means of measuring the effect of information on the application in which it is used. The functions provide an intuitive means of measuring effectiveness of information systems.

2.2.5 Semiotic Theory

S. Peirce (1839–1914) introduced philosophical notions, including a “semiotic” logic system that attempts to provide a “critical thinking” method for conceptual understanding of observations (data) using methods of exploratory data analysis [13]. This system introduced the notion of abduction as a means of analyzing and providing a “best explanation” for a set of data. Expanding on the inductive and deductive processes of classical logic, Peirce viewed four stages of scientific inquiry [14].

Abduction explores a specific set of data and creates plausible hypotheses to explain the data.
Deduction is then applied to refine the hypothesis and develops a testable means of verifying the hypothesis using other premises and sets of data.
Induction then develops the general explanation that is believed to apply to all sets of data viewed together in common. This means the explanation should apply to future sets of data.
Deduction is finally applied, using the induced template to detect the presence of validated explanations to future data sets.

2.2.6 Knowledge Management

The management of information, in all of its forms, is a recognized imperative in third-wave business as well as warfare. The discipline of “knowledge management” developed in the business domain emphasizes both information exploitation (identified in Table 2.5) and information security as critical for businesses to compete in the third-wave marketplace.

Information Value (I v ) = [Assets − Liabilities] − Total Cost of Ownership

Where, assets include
At = The assets derived from the information at time of arrival

An = The assets if the information did not arrive;
Lt = The liabilities derived from the information at time of arrival;

Ln = The liabilities if the information did not arrive;
In = Total cost associated with the information;
I1 = The cost to generate the information;
I2 = The cost to format the information;
I3 = The cost to reformat the information;
I4 = The cost to duplicate the information;
I5 = The cost to transmit or transport the information (distribute);

I6 = The cost to store the information;
I7 = The cost to use the information, including retrieval.

The objective of knowledge management is ultimately to understand the monetary value of information. These measures of the utility of information in the discipline of business knowledge management are based on capital values.

2.4 Measuring the Utility of Information in Warfare

The relative value of information can be described in terms of the information performance within the information system, or in terms of the effectiveness (which relates the utility), or the ultimate impact of information on the user.

Utility is a function of both the accuracy and timeliness of information delivered to the user. The utility of estimates of the state of objects, complex situations, or processes is dependent upon accuracies of locations of objects, behavioral states, identities, relationships, and many other factors. Utility is also a function of the timeliness of information, which is often perishable and valueless after a given period. The relationships between utility and many accuracy and timeliness variables are often nonlinear and always highly dependent upon both the data collection means and user application.

The means by which the utility of information and derived knowledge is enhanced in practical systems usually includes one (or all) of four categories of actions.

Acquire the right data—The type, quality, accuracy, timeliness, and rate of data collected have a significant impact on knowledge delivered.
Optimize the extraction of knowledge—The processes of transforming data to knowledge may be enhanced or refined to improve efficiency, throughput, end-to-end speed, or knowledge yield.
Distribute and apply the knowledge—The products of information processes must be delivered to users on time, in understandable formats, and in sufficient quantity to provide useful comprehension to permit actions to be taken.
Ensure the protection of information—In the competitive and conflict environments, information and the collection, processing, and distribution channels must be protected from all forms of attack. Information utility is a function of both reliability for and availability to the user.

Metrics in a typical military command and control system that may be used to measure information performance, effectiveness, and military utility, respectively.

Sensor detection performance at the data level influences the correlation performance that links sensor data, and therefore the inference process that detects an opponent’s hostile action (event).
Event detection performance (timeliness and accuracy) influences the effectiveness of reasoning processes to assess the implications of the event.
Effectiveness of the assessment of the impact on military objectives influences the decisions made by commanders and, in turn, the outcome of those responses. This is a measure of the utility of the entire information process. It is at this last step that knowledge is coupled to military decisions and ultimately to military utility.

2.5 Translating Science to Technology

information, as process and content, is neither static nor inorganic. To view information as the static organized numbers in a “database” is a limited view of this resource. Information can be dynamic process models, capable of describing complex future behavior based on current measurements. Information also resides in humans as experience, “intuitive” knowledge, and other perceptive traits that will always make the human the valuable organic element of information architectures.

The Role of Technology in Information-Based Warfare

We now apply the information science principles developed in the last chapter to describe the core informationprocessing methods of information-based warfare: acquisition of data and creation of “actionable” knowledge.

The knowledge-creating process is often called exploitation—the extraction of military intelligence (knowledge) from collected data. These are the processes at the heart of intelligence, surveillance, and reconnaissance (ISR) systems and are components of most command and control (C2) systems. These processes must be understood because they are, in effect, the weapon factories of information-based warfare and the most lucrative targets of information warfare [1].

3.1 Knowledge-Creation Processes

Knowledge, as described in the last chapter, is the result of transforming raw data to organized information, and then to explanations that model the process from which the data was observed. The basic reasoning processes that were introduced to transform data into understandable knowledge apply the fundamental functions of logical inference.

In each reasoning case, collected data is used to make more general or more specific inferences about patterns in the data to detect the presence of entities, events, or relationships that can be used to direct the actions of the user to achieve some objective.

In the military or information warfare domain, these methods are used in two ways. First, both abduction (dealing with specific cases) and induction (extending to general application) are used to learn templates that describe discernible patterns of behavior or structure (of an opponent). Because both are often used, we will call this stage abduction-induction [2].

Second, deductive processes are used in the exploitation or intelligence analysis to detect and understand situations and threats based on the previously learned patterns. This second phase often occurs in a hierarchy of knowledge elements.

3.2 Knowledge Detection and Discovery

Two primary categories of knowledge-creation processes can be distinguished, based on their approach to inference. Each is essential to information-based warfare exploitation processes that seek to create knowledge from volumes of data described.

The abductive-inductive process, data mining, discovers previously unrecognized patterns in data (new knowledge about characteristics of an unknown pattern class) by searching for patterns (relationships in data) that are in some sense “interesting.” The discovered candidates are usually presented to human users for analysis and validation before being adopted as general cases.

The deductive exploitation process, data fusion, detects the presence of previously known patterns in many sources of data (new knowledge about the existence of a known pattern in the data) by searching for specific templates in sensor data streams to understand a local environment.

datasets used by these processes for knowledge creation are incomplete and dynamic and contain data contaminated by noise. These factors make the following process characteristics apply:

Pattern descriptions—Data mining seeks to induce general pattern descriptions (reference patterns, templates, or matched filters) to characterize data understood, while data fusion applies those descriptions to detect the presence of patterns in new data.
Uncertainty in inferred knowledge—The data and reference patterns are uncertain, leading to uncertain beliefs or knowledge.
Dynamic state of inferred knowledge—The process is sequential and inferred knowledge is dynamic, being refined as new data arrives.
Use of domain knowledge—Knowledge about the domain (e.g., constraints or context) may be used in addition to observed data.

3.3 Knowledge Creation in the OODA Loop

The observe-orient-decide-act (OODA) model of command and control introduced earlier in Chapter 1 may now be expanded to show the role of the knowledge-creation processes in the OOD stages of the loop. Figure 3.3 details these information functions in the context of the loop.

Observe functions include technical and human collection of data. Sensing of signals, pixels, and words (signals, imagery, and human intelligence) forms the core of information-based warfare observation.

Orient functions include data mining to discover or learn previously unknown characteristics in the data that can be used as templates for detection and future prediction in data fusion processes.

Decide functions include both automated and human processes. Simple, rapid responses can be automated upon the detection of preset conditions, while the judgment of human commanders is required for more complex, critical decisions that allow time for human intervention.

3.4 Deductive Data Fusion

Data fusion is an adaptive knowledge-creation process in which diverse elements of similar or dissimilar observations (data) are aligned, correlated, and combined into organized and indexed sets (information), which are further assessed to model, understand, and explain (knowledge) the makeup and behavior of a domain under observation

The process is performed cognitively by humans in daily life (e.g., combining sight, sound, and smells to detect a threat) and has long been applied for manual investigations in the military, intelligence, and law enforcement. In recent decades, the automation of this process has been the subject of intense research and development within the military, particularly to support intelligence and command and control

Deduction is performed at the data, information, and knowledge levels.

The U.S. DoD Joint Directors of Laboratories (JDL) have established a reference process model of data fusion that decomposes the process into four basic levels of information-refining processes (based upon the concept of levels of information abstraction).

Level 1: object refinement—Correlation of all data to refine individual objects within the domain of observation. (The JDL model uses the term object to refer to real-world entities; however, the subject of interest may be a transient event in time as well.)
Level 2: situation refinement—Correlation of all objects (information) within the domain to assess the current situation.
Level 3: meaning refinement—Correlation of the current situation with environmental and other constraints to project the meaning of the situation (knowledge). (The meaning of the situation refers to its implications to the user, such as threat, opportunity, or change. The JDL adopted the terminology threat refinement for this level; however, we adopt meaning refinement as a more general term encompassing broader applications than military threats.)
Level 4: process refinement—Continual adaptation of the fusion process to optimize the delivery of knowledge against a defined knowledge objective.

The technology development in data fusion has integrated disciplines such as the computer sciences, signal processing, pattern recognition, statistical analysis, and artificial intelligence to develop R&D and operational systems.

3.5 Abductive-Inductive Data Mining

Data mining is a knowledge-creation process in which large sets of data (in data warehouses) are cleansed and transformed into organized and indexed sets (information), which are then analyzed to discover hidden and implicit but previously undefined patterns that reveal new understanding of general structure and relationships (knowledge) in the data of a domain under observation.

The object of discovery is a “pattern,” which is defined as a statement in some language, L, that describes relationships in subset Fs of a set of data F such that:

The statement holds with some certainty, c;
The statement is simpler (in some sense) than the enumeration of all facts in Fs [11].

Mined knowledge, then, is formally defined as a pattern that is (1) interesting, according to some user-defined criterion, and (2) certain to a userdefined measure of degree.

Data mining (also called knowledge discovery) is distinguished from data fusion by two key characteristics.

Inference method—Data fusion employs known patterns and deductive reasoning, while data mining searches for hidden patterns using abductive-inductive reasoning.
Temporal perspective—The focus of data fusion is retrospective (determining current state based on past data), while data mining is both retrospective and prospective, focused on locating hidden patterns that may reveal predictive knowledge.

While there is no standard reference model for fusion, the general stages of the process as shown in Figure 3.5 illustrate a similarity to the data fusion process [14–16]. Beginning with sensors and sources, the data warehouse is populated with data, and successive functions move the data toward learned knowledge at the top. The sources, queries, and mining processes may be refined, similar to data fusion. The functional stages in the figure are described in the sections that follow.

Data Warehouse

Data from many sources are collected and indexed in the warehouse, initially in the native format of the source. One of the chief issues facing many mining operations is the reconciliation of diverse databases that have different formats (e.g., field and record sizes or parameter scales), incompatible data definitions, and other differences. The warehouse collection process (flow-in) may mediate between these input sources to transform the data before storing in common form [17].

Data Cleansing

The warehoused data must be inspected and cleansed to identify and correct or remove conflicts, incomplete sets, and incompatibilities common to combined databases. Cleansing may include several categories of checks.

Uniformity checks verify the ranges of data, determine if sets exceed limits, and verify that formats versions are compatible.
Completeness checks evaluate the internal consistency of datasets to make sure , for example, that aggregate values are consistent with individual data components (e.g., “verify that total sales is equal to sum of all regional sales, and that data for all sales regions is present”).
Conformity checks exhaustively verify that each index and reference exists.
Genealogy checks generate and check audit trails to primitive data to permit analysts to “drill down” from high-level information.

Data Selection and Transformation

The types of data that will be used for mining are selected on the basis of relevance. For large operations, initial mining may be performed on a small set, then extended to larger sets to check for the validity of abducted patterns. The selected data may then be transformed to organize all data into common dimensions and to add derived dimensions as necessary for analysis.

Data Mining Operations

Mining operations may be performed in a supervised manner in which the analyst presents the operator with a selected set of “training” data in which the analyst has manually determined the existence of pattern classes.

Discovery Modeling

Prediction or classification models are synthesized to fit the data patterns detected. This is the proscriptive aspect of mining: modeling the historical data in the database (the past) to provide a model to predict the future.

Visualization

The human analyst uses visualization tools that allow discovery of interesting patterns in the data. The automated mining operations “cue” the operator to

discovered patterns of interest (candidates), and the analyst then visualizes the pattern and verifies if, indeed, it contains new and useful knowledge.

On-line analytic processing (OLAP) refers to the manual visualization process in which a data manipulation engine allows the analyst to create data views from the human perspective, and to perform the following categories of functions:

Multidimensional analysis of the data across dimensions, through relationships (e.g., hierarchies), and in perspectives natural to the analyst (rather than inherent in the data);
Transformation of the viewing dimensions or slicing of the multidimensional array to view a subset of interest;
Drill down into the data from high levels of aggregation, downward into successively deeper levels of information;
Reach through from information levels to the underlying raw data, including reaching beyond the information base back to raw data by the audit trail generated in genealogy checking;
Modeling of hypothetical explanations of the data, in terms of trend analysis and extrapolations.

Refinement Feedback

The analyst may refine the process by adjusting the parameters that control the lower level processes, as well as requesting more or different data on which to focus the mining operations.

3.6 Integrating Information Technologies

Multidimensional analysis of the data across dimensions, through relationships (e.g., hierarchies), and in perspectives natural to the analyst (rather than inherent in the data);
Transformation of the viewing dimensions or slicing of the multidimensional array to view a subset of interest;
Drill down into the data from high levels of aggregation, downward into successively deeper levels of information;
Reach through from information levels to the underlying raw data, including reaching beyond the information base back to raw data by the audit trail generated in genealogy checking;
Modeling of hypothetical explanations of the data, in terms of trend analysis and extrapolations.

3.6 Integrating Information Technologies

It is natural that a full reasoning process would integrate the discovery processes of data mining with the detection processes of data fusion to coordinate learning and application activities.

(Nonliteral target signatures refer to those signatures that extend across many diverse observation domains and are not intuitive or apparent to analysts, but may be discovered only by deeper analysis of multidimensional data.)

3.7 Summary

The automation of the reasoning processes of abduction, induction, and deduction provides the ability to create actionable knowledge (military intelligence) from large volumes of data collected in IBW. As the value of information increases in all forms of information warfare, even more so is the importance of developing these reasoning technologies. While the scope of the global information infrastructure (and global sensing) increases, these technologies are required to extract meaning (and commercial value) from the boundless volumes of data available.

Data fusion and mining processes are yet on the initial slope of the technology development curve, and development is fueled by significant commercial R&D investments. Integrated reasoning tools will ultimately provide robust discovery and detection of knowledge for both business competition and information warfare.

Achieving Information Superiority Through Dominant Battlespace Awareness and Knowledge

The objective of information-based warfare is ultimately to achieve military goals with the most efficient application of information resources. Fullspectrum dominance is the term used to describe this effective application of military power by information-based planning and execution of military opera-tions. The central objective is the achievement of information superiority or dominance. Information superiority is the capability to collect, process, and disseminate an uninterrupted flow of information while exploiting or denying an adversary’s ability to do the same. It is that degree of dominance in the information domain that permits the conduct of operations without effective opposition

Dominant battlespace awareness (DBA)—The understanding of the current situation based, primarily, on sensor observations and human sources;

Dominant battlespace knowledge (DBK)—The understanding of the meaning of the current situation, gained from analysis (e.g., data fusion or simulation).

DBK is dependent upon DBA, and DBA is dependent on the sources of data that observe the battlespace. Both are necessary for information superiority.

4.1 Principles of Information Superiority

Information superiority is a component of an overall strategy for application of military power and must be understood in that context.

Massed effects are achieved by four operating concepts that provide a high degree of synergy from widely dispersed forces that perform precision targeting of high-lethality weapons at longer ranges.

Dominant maneuver—Information superiority will allow agile organizations with high-mobility weapon systems to attack rapidly at an aggressor’s centers of gravity across the full depth of the battlefield. Synchronized and sustained attacks will be achieved by dispersed forces, integrated by an information grid.
Precision engagement—Near-real-time information on targets will permit responsive command and control, and the ability to engage and reengage targets with spatial and temporal precision (“at the right place, just at the right time”).
Focused logistics—Information superiority will also enable efficient delivery of sustainment packages throughout the battlefield, optimizing the logistic process.
Full-dimension protection—Protection of forces during deployment, maneuver, and engagement will provide freedom of offensive actions and can be achieved only if superior information provides continuous threat vigilance.

Information superiority must create an operational advantage to benefit the applied military power and can be viewed as a precondition for these military operations in the same sense that air superiority is viewed as a precondition to certain strategic targeting operations.

DBA provides a synoptic view, in time and space, of the conflict and supplies the commander with a clear perception of the situation and the consequences of potential actions. It dispels the “fog of war” described by Clausewitz.

To be effective, DBA/DBK also must provide a consistent view of the battlespace, distributed to all forces—although each force may choose its own perspective of the view. At the tactical level, a continuous dynamic struggle occurs between sides, and the information state of a side may continuously change from dominance, to parity, to disadvantage.

The information advantage delivered by DBA/DBK has the potential to deliver four categories of operational benefits:

Battlespace preparation—Intelligence preparation of the battlespace (IPB) includes all activities to acquire an understanding of the physical, political, electronic, cyber, and other dimensions of the battlespace. Dimensions such as terrain, government, infrastructure, electronic warfare, and telecommunication/computer networks are mapped to define the structure and constraints of the battlespace [10]. IPB includes both passive analysis and active probing of specific targets to detail their characteristics. Orders of battle and decision-making processes are modeled, vulnerabilities and constraints on adversaries’ operations are identified, and potential offensive responses are predicted. The product of this function is comprehension of the battlespace environment.

Battlespace surveillance and analysis—Continuous observation of the battlespace and analysis of the collective observations provide a detailed understanding of the dynamic states of individual components, events, and behaviors from which courses of action and intents can be inferred. The product is comprehensive state information.

Battlespace visualization—This is the process by which the commander (1) develops a clear understanding of the current state with relation to the enemy and environment, (2) envisions a desired end state that represents mission accomplishment, and then (3) subsequently visualizes the sequence of activities that moves the commander’s force from its current state to the end state. The product of this visualization is human comprehension and a comprehensive plan.

Battlespace awareness dissemination—Finally, the components of awareness and knowledge are distributed to appropriate participants at appropriate times and in formats compatible with their own mission. The product here is available and “actionable” knowledge.

4.1.1 Intelligence, Surveillance, and Reconnaissance (ISR)

Intelligence, the information and knowledge about an adversary obtained through observation, investigation, analysis, or understanding, is the product that provides battlespace awareness.

The process that delivers strategic and operational intelligence products is generally depicted in cyclic form (Figure 4.3), with six distinct phases :

Collection planning—Government and military decision makers define, at a high level of information abstraction, the knowledge that is required to make policy, strategy, or operational decisions. The requests are parsed into information required to deduce the required answers. This list of information is further parsed into the individual elements of data that must be collected to form that required information base. The required data is used to establish a plan of collection, which details the elements of data needed and the targets (people, places, and things) from which the data may be obtained.
Collection—Following the plan, human and technical sources of data are tasked to perform the collection. Table 4.4 summarizes the major collection sources, which include both open and closed access sources and human and technical means of acquisition.
Processing—The collected data is indexed and organized in an information base, and progress on meeting the requirements of the collection plan is monitored. As a result of collection, this organized data may adjust the plan on the basis of received data.
Analysis—The organized information base is processed using deductive inference techniques (described earlier in Chapter 3) that fuse all source data in an attempt to answer the requester’s questions.
Production—Intelligence may be produced in the format of dynamic visualizations on a war fighter’s weapon system or in formal reports to policymakers. Three categories of formal strategic and tactical intelligence reports are distinguished by their past, present, and future focus: (1) current intelligence reports are news-like reports that describe recent events or indications and warnings; (2) basic intelligence reports provide complete descriptions of a specific situation (order of battle or political situation, for example); and (3) intelligence estimates attempt to predict feasible future outcomes as a result of current situations, constraints, and possible influences [16].
Application—The intelligence product is disseminated to the user, providing answers to queries and estimates of accuracy of the product delivered. Products range from strategic intelligence estimates in the form of large hardcopy or softcopy documents for policy makers, to real-time displays that visualize battlespace conditions for a war fighter.

4.1.1.1 Sources of Intelligence Data

A taxonomy of intelligence data sources (Table 4.4) includes sources that are openly accessible or closed

two HUMINT sources are required to guide the technical intelligence sources. HUMINT source A provides insight into trucking routes to be used, allowing video surveillance to be focused on most likely traffic points. HUMINT source B, closely related to crop workers, monitors the movements of harvesting crews, providing valuable cueing for airborne sensors to locate crops and processing facilities. The technical sources also complement the HUMINT sources by providing verification of uncertain cues and hypotheses for the HUMINT sources to focus attention.

4.1.1.3 Automated Intelligence Processing

The intelligence process must deal with large volumes of source data, converting a wide range of text, imagery, video, and other media types into processed products. Information technology is providing increased automation of the information indexing, discovery, and retrieval (IIDR) functions for intelligence, especially the exponentially increasing volumes of global OSINT

The information flow in an automated or semiautomated facility (depicted in Figure 4.5) requires digital archiving and analysis to ingest continuous streams of data and manage large volumes of analyzed data. The flow can be broken into three phases: capture and compile, preanalysis, and exploitation (analysis).

The preanalysis phase indexes each data item (e.g., article, message, news segment, image, or book chapter) by (1) assigning a reference for storage; (2) generating an abstract that summarizes the content of the item and metadata describing the source, time, reliability-confidence, and relation to other items (“abstracting”); and (3) extracting critical descriptors that characterize the contents (e.g., keywords) or meaning (“deep indexing”) of the item for subsequent analysis. Spatial data (e.g., maps, static imagery, video imagery) must be indexed by spatial context (spatial location) and content (imagery content). The indexing process applies standard subjects and relationships, maintained in a lexicon and thesaurus that is extracted from the analysis information base. Following indexing, data items are clustered and linked before entry into the analysis base. As new items are entered, statistical analyses are performed to monitor trends or events against predefined templates that may alert analysts or cue their focus of attention in the next phase of processing. For example, if analysts are interested in relationships between nations A and B, all reports may be scored for a “tension factor” between those nations, and alerts may be generated on the basis of frequency, score intensity, and sources of incoming data items.

The third, exploitation, phase of processing presents data to the human intelligence analyst for examination using visualization tools to bring to focus the most meaningful and relevant data items and their interrelationships.

The categories of automated tools that are applied to the analysis information base include the following [25]:

Interactive search and retrieval tools permit analysts to search by topic, content, or related topics using the lexicon and thesaurus subjects.
Structured judgment analysis tools provide visual methods to link data, synthesize deductive logic structures, and visualize complex relationships between datasets. These tools enable the analyst to hypothesize, explore, and discover subtle patterns and relationships in large data volumes—knowledge that can be discerned only when all sources are viewed in a common context.
Modeling and simulation tools model hypothetical activities, allowing modeled (expected) behavior to be compared to evidence for validation or projection of operations under scrutiny.
Collaborative analysis tools permit multiple analysts in related subject areas, for example, to collaborate on the analysis of a common subject.
Data visualization tools present synthetic views of data and information to the analyst to permit patterns to be examined and discovered. Table 4.6 illustrates several examples of visualization methods applied to the analysis of large-volume multimedia data.

4.2 Battlespace Information Architecture

We have shown that dominant battlespace awareness is achieved by the effective integration of the sensing, processing, and response functions to provide a comprehensive understanding of the battlespace, and possible futures and consequences.

At the lowest tier is the information grid, an infrastructure that allows the flow of information from precision sensors, through processing, to precision forces.

This tier is the forward path observe function of the OODA loop, and the feedback path distribution channel to control the act function of the loop and collaborative exchange paths. The grid provides for secure, robust transfer of four categories of information (Table 4.8) across the battlespace: (1) information access, (2) messaging, (3) interpersonal communications, and (4) publishing or broadcasting.

Precision information direction tailors the flow of information on the grid, responding dynamically to the environment to allocate resources (e.g., bandwidth and content) to meet mission objectives. The tier includes the data fusion and mining processes that perform the intelligence-processing functions described in previous sections. These processes operate over the information grid, performing collaborative assessment of the situation and negotiation of resource allocations across distributed physical locations

The highest tier is effective force management, which interacts with human judgment to provide the following:

Predictive planning and preemption—Commanders are provided predictions and assessments of likely enemy and planned friendly COAs with expected outcomes and uncertainties. Projections are based upon the information regarding state of forces and environmental constraints (e.g., terrain and weather). This function also provides continuous monitoring of the effectiveness of actions and degree of mission accomplishment. The objective of this capability is to provide immediate response and preemption rather than delayed reaction.

Integrated force management—Because of the information grid and comprehensive understanding of the battlespace, force operations can be dynamically synchronized across echelons, missions, components, and coalitions. Both defense and offense can be coordinated, as well as the supporting functions of deployment, refueling, airlift, and logistics.

Execution of time-critical missions—Time-critical targets can be prosecuted by automatic mission-to-target and weapon-to-target pairings, due to the availability (via the information grid) of immediate sensorderived targeting information. Detection and cueing of these targets permit rapid targeting and attack by passing targeting data (e.g., coordinates, target data, imagery) to appropriate shooters.

Force management is performed throughout the network, with long-term, high-volume joint force management occurring on one scale, and time-critical, low-volume, precision sensor-toshooter management on another. Figure 4.7 illustrates the distinction between the OODA loop processes of the time-critical sensor-to-shooter mission and the longer term theater battle management mission.

4.3 Summary

Dominant battlespace awareness and knowledge is dependent upon the ability to both acquire and analyze the appropriate data to comprehend the meaning of the current situation, the ability to project possible future courses of action, and the wisdom to know when sufficient awareness is achieved to act.

Part II
Information Operations for Information Warfare

Information Warfare Policy, Strategy, and Operations

Preparation for information warfare and the conducting of all phases of information operations at a national level requires an overarching policy, an implementing strategy developed by responsible organizations, and the operational doctrine and personnel to carry out the policy.

Information warfare is conducted by technical means, but the set of those means does not define the military science of C2W or netwar. Like any form of competition, conflict, or warfare, there is a policy that forms the basis for strategy, and an implementing strategy that governs the tactical application of the technical methods. While this is a technical book describing the methods, the system implementations of information warfare must be understood in the context of their guiding implementation.

Because of the uncertainty of consequences and the potential impact of information operations on civilian populations, policy and strategy must be carefully developed to govern the use of information operations technologies—technologies that may even provide capabilities before consequences are understood and policies for their use are fully developed.

5.1 Information Warfare Policy and Strategy

The technical methods of information warfare are the means at the bottom of a classical hierarchy that leads from the ends (objectives) of national security policy. The hierarchy proceeds from the policy to an implementing strategy, then to operational doctrine (procedures) and a structure (organization) that applies at the final tactical level the technical operations of IW. The hierarchy “flows down” the security policy, with each successive layer in the hierarchy implementing the security objectives of the policy.

Security Policy

Policy is the authoritative articulation of the position of a nation, defining its interests (the objects being secured), the security objectives for those interests, and its intent and willingness to apply resources to protect those interests. The interests to be secured and the means of security are defined by policy. The policy may be publicly declared or held private, and the written format must be concise and clear to permit the implementing strategy to be traceable to the policy.

Any security policy addressing the potential of information warfare must consider the following premises:

National interest—The national information infrastructure (NII), the object of the information security policy, is a complex structure comprised of public (military and nonmilitary) and private elements. This infrastructure includes the information, processes, and structure, all of which may be attacked. The structure, contents, owners, and security responsibilities must be defined to clearly identify the object being

protected. The NII includes abstract and physical property; it does not include human life, although human suffering may be brought on by collateral effects.

New vulnerabilities—Past security due to geographic and political positions of a nation no longer applies to information threats, in which geography and political advantages are eliminated. New vulnerabilities and threats must be assessed because traditional defenses may not be applicable.
Security objective—The desired levels of information security must be defined in terms of integrity, authenticity, confidentiality, nonrepudiation, and availability.
Intent and willingness—The nation must define its intent to use information operations and its willingness to apply those weapons. Questions that must be answered include the following:

- What actions against the nation will constitute sufficient justification to launch information strikes?
- What levels of information operations are within the Just War Doctrine? What levels fall outside?
- What scales of operations are allowable, and what levels of direct and collateral damage resulting from information strikes are permissible?
- How do information operations reinforce conventional operations?
- What are the objectives of information strikes?
- What are the stages of offensive information escalation, and how

are information operations to be used to de-escalate crises?

Authority—The security of highly networked infrastructures like the NII requires shared authorities and responsibilities for comprehensive protection; security cannot be assured by the military alone. The authority and roles of public and private sectors must be defined. The national command authority and executing military agencies for offensive, covert, and deceptive information operations must be defined. As in nuclear warfare, the controls for this warfare must provide assurance that only proper authorities can launch offensive actions.
Limitations of means—The ranges and limitations of methods to carry out the policy may be defined. The lethality of information operations, collateral damage, and moral/ethical considerations of conducting information operations as a component of a just war must be defined.
Information weapons conventions and treaties—As international treaties and conventions on the use (first use or unilateral use) of information operations are established, the national commitments to such treaties must be made in harmony with strategy, operations, and weapons development.

essential elements of security policy… that may now be applied to information warfare by analogy include the following:

Defense or protection—This element includes all defensive means to protect the NII from attack: intelligence to assess threats, indications and warning to alert of impending attacks, protection measures to mitigate the effects of attack, and provisions for recovery and restoration. Defense is essentially passive—the only response to attack is internal.

Deterrence—This element is the threat that the nation has the will and capability to conduct an active external response to attack (or a preemptive response to an impending threat), with the intent that that the threat alone will deter an attack. A credible deterrence requires (1) the ability to identify the attacker, (2) the will and capability to respond, and (3) a valued interest that may be attacked [5]. Deterrence includes an offensive component and a dominance (intelligence) component to provide intelligence for targeting and battle damage assessment (BDA) support.

Security Strategy

National strategy is the art and science of developing and using the political, economic, and psychological powers of a nation, together with its armed forces, during peace and war, to secure national objectives.

The strategic process (Figure 5.2) includes both strategy developing activities and a complementary assessment process that continuously monitors the effectiveness of the strategy.

The components of a strategic plan will include, as a minimum, the following components:

Definition of the missions of information operations (public and private, military and nonmilitary);
Identification of all applicable national security policies, conventions, and treaties;
Statement of objectives and implementation goals;
Organizations, responsibilities, and roles;
Strategic plan elements:
1. Threats, capabilities, and threat projections;
2. NII structure, owners, and vulnerabilities;
3. Functional (operational) requirements of IW capabilities (time phased);
4. Projected gaps in ability to meet national security objectives, and plan to close gaps and mitigate risks;
5. Organizational plan;
6. Operational plan (concepts of operations);
7. Strategic technology plan;
8. Risk management plan;

Performance and effectiveness assessment plan.

5.2 An Operational Model of Information Warfare

Information operations are performed in the context of a strategy that has a desired objective (or end state) that may be achieved by influencing a target (the object of influence).

Information operations are defined by the U.S. Army as

Continuous military operations within the Military Information Environment (MIE) that enable, enhance and protect the friendly force’s ability to collect, process, and act on information to achieve an advantage across the full range of military operations; information operations include interacting with the Global Information Environment (GIE) and exploiting or denying an adversary’s information and decision capabilities

The model recognizes that targets exist in (1) physical space, (2) cyberspace, and (3) the minds of humans. The highest level target of information operations is the human perception of decision makers, policymakers, military commanders, even entire populations. The ultimate targets and the operational objective are to influence their perception to affect their decisions and resulting activities.

for example, the objective perception for targeted leaders may be “overwhelming loss of control, disarray, and loss of support from the populace.”

These perception objectives may be achieved by a variety of physical or abstract (information) means, but the ultimate target and objective is at the purely abstract perceptual level, and the effects influence operational behavior. The influences can cause indecision, delay a decision, or have the effect of biasing a specific decision. The abstract components of this layer include objectives, plans, perceptions, beliefs, and decisions.

Attacks on this intermediate layer can have specific or cascading effects in both the perceptual and physical layers.

5.3 Defensive Operations

The U.S. Defense Science Board performed a study of the defensive operations necessary to implement IW-defense at the national level, and in this section we adapt some of those findings to describe conceptual defensive capabilities at the operational level.

Offensive information warfare is attractive to many [potential adversaries] because it is cheap in relation to the cost of developing, maintaining, and using advanced military capabilities. It may cost little to suborn an insider, create false information, manipulate information, or launch malicious logic-based weapons against an information system connected to the globally shared telecommunication infrastructure. In addition, the attacker may be attracted to information warfare by the potential for large nonlinear outputs from modest inputs

Threat Intelligence, I&W

Essential to defense is the understanding of both the external threats and the internal vulnerabilities that may encounter attack. This understanding is provided by an active intelligence operation that performs external assessments of potential threats [16] and internal assessments of vulnerabilities.

The vulnerability assessment can be performed by analysis, simulation, or testing. Engineering analysis and simulation methods exhaustively search for access paths during normal operations or during unique conditions (e.g., during periods where hardware faults or special states occur). Testing methods employ “red teams” of independent evaluators armed with attack tools to exhaustively scan for access means to a system (e.g., communication link, computer, database, or display) and to apply a variety of measures (e.g., exploitation, disruption, denial of service, or destruction).

Protection Measures (IW-Defense)

Based on assessments of threats and vulnerabilities, operational capabilities are developed to implement protection measures (countermeasures or passive defenses) to deny, deter, limit, or contain attacks against the information infrastructure. All of these means may be adopted as a comprehensive approach, each component providing an independent contribution to overall protection of the infrastructure.

The prevention operations deploy measures at three levels.

Strategic-level activities seek to deter attacks by legal means that ban attacks, impose penalties or punishment on offenders, or threaten reprisals.

Operational security (OPSEC) activities provide security for physical elements of the infrastructure, personnel, and information regarding the infrastructure (e.g., classified technical data).

Technical security (INFOSEC) activities protect hardware, software, and intangible information (e.g., cryptographic keys, messages, raw data, information, knowledge) at the hardware and software levels.

The functions of tactical response include the following:

Surveillance—Monitor overall infrastructure status and analyze, detect, and predict effects of potential attacks. Generate alert status reports and warn components of the infrastructure of threat activity and expected events.
Mode control—Issue controls to components to modify protection levels to defend against incipient threat activities, and to oversee restoration of service in the postattack period.
Auditing and forensic analysis—Audit attack activity to determine attack patterns, behavior, and damage for future investigation, effectiveness analysis, offensive targeting, or litigation.
Reporting—Issue reports to command authorities.

5.4 Offensive Operations

Offensive operational capabilities require the capability to identify and specify the targets of attack (targeting) and then to attack those targets. These two capabilities must be able to be performed at all three levels of the operational model, as presented earlier in Section 5.2. In addition to these two, a third offensive capability is required at the highest (perceptual) level of the operational model: the ability to manage the perceptions of all parties in the conflict to achieve the desired end.

Public and civil affairs operations are open, public presentations of the truth (not misinformation or propaganda) in a context and format that achieves perception objectives defined in a perception plan. PSYOPS also convey only truthful messages (although selected “themes” and emphases are chosen to meet objectives) to hostile forces to influence both the emotions and reasoning of decision makers. PSYOPS require careful tailoring of the message (to be culturally appropriate) and selection of the media (to ensure that the message is received by the target population). The message of PSYOPS may be conveyed by propaganda or by actions.

military deception operations are performed in secrecy (controlled by operational security). These operations are designed to induce hostile military leaders to take operational or tactical actions that are favorable to, and exploitable by, friendly combat operations

They have the objective of conveying untruthful information to deceive for one of several specific purposes.

Deceit—Fabricating, establishing, and reinforcing incorrect or preconceived beliefs, or creating erroneous illusions (e.g., strength or weakness, presence or nonexistence);
Denial—Masking operations for protection or to achieve surprise in an attack operation;
Disruption—Creating confusion and overload in the decision-making process;
Distraction—Moving the focus of attention toward deceptive actions or away from authentic actions;
Development—Creating a standard pattern of behavior to develop preconceived expectations by the observer for subsequent exploitation.

All of these perception management operations applied in military combat may be applied to netwar, although the media for communication (the global information infrastructure) and means of deceptive activities are not implemented on the physical battlefield. They are implemented through the global information infrastructure to influence a broader target audience.

Intelligence for Targeting and Battle Damage Assessment

The intelligence operations developed for defense also provide support to offensive attack operations, as intelligence is required for four functions.

Target nomination—Selecting candidate targets for attack, estimating the impact if the target is attacked;
Weaponeering—Selecting appropriate weapons and tactics to achieve the desired impact effects (destruction, temporary disruption or denial of service, reduction in confidence in selected function); the process targets vulnerability, weapon effect, delivery accuracy, damage criteria, probability of kill, and weapon reliability;
Attack plan—Planning all aspects of the attack, including coordinated actions, deceptions, routes (physical, information infrastructure, or perception), mitigation of collateral damage, and contingencies;
Battle damage assessment (BDA)—Measuring the achieved impact of the attack to determine effectiveness and plan reattack, if necessary.

Attack (IW-Offense) Operations

Operational attack requires planning, weapons, and execution (delivery) capabilities. The weapons include perceptual, information, and physical instruments employed to achieve the three levels of effect in the operational model.

Offensive operations are often distinguished as direct and indirect means.

Indirect attacks focus on influencing perception by providing information to the target without engaging the information infrastructure of the target. This may include actions to be observed by the target’s sensors, deception messages, electronic warfare actions, or physical attacks. External information is provided to influence perception, but the target’s structure is not affected.

Direct attacks specifically engage the target’s internal information, seeking to manipulate, control, and even destroy the information or the infrastructure of the target.

Offensive information warfare operations integrate both indirect and direct operations to achieve the desired effects on the target. The effectiveness of attacks is determined by security (or stealth), accuracy, and direct and collateral effects.

5.5 Implementing Information Warfare Policy and Strategy

This chapter has emphasized the flow-down of policy to strategy, and strategy to operations, as a logical, traceable process. In theory, this is the way complex operational capabilities must be developed. In the real world, factors such as the pace of technology, a threatening global landscape, and dynamic national objectives force planners to work these areas concurrently—often having a fully developed capability (or threat) without the supporting policy, strategy, or doctrine to enable its employment (or protection from the threat).

6
The Elements of Information Operations

Information operations are the “continuous military operations within the military information environment that enable, enhance, and protect the friendly force’s ability to collect, process, and act on information to achieve an advantage across the full range of military operations; information operations include interacting with the global information environment and exploiting or denying an adversary’s information and decision capabilities”

Some information operations are inherently “fragile” because they are based on subtle or infrequent system vulnerabilities, or because they rely on transient deceptive practices that if revealed, render them useless. Certain elements of IO have therefore been allocated to the operational military, while others (the more fragile ones) have been protected by OPSEC within the intelligence communities to reduce the potential of their disclosure.

6.1 The Targets of Information Operations

The widely used term information infrastructure refers to the complex of sensing, communicating, storing, and computing elements that comprise a defined information network conveying analog and digital voice, data, imagery, and multimedia data. The “complex” includes the physical facilities (computers, links, relays, and node devices), network standards and protocols, applications and software, the personnel who maintain the infrastructure, and the information itself. The infrastructure is the object of both attack and defense; it provides the delivery vehicle for the information weapons of the attacker while forming the warning net and barrier of defense for the defender. Studies of the physical and abstract structure of the infrastructure are therefore essential for both the defender and the targeter alike.

Three infrastructure categories are most commonly identified.

The global information infrastructure (GII) includes the international complex of broadcast communications, telecommunications, and computers that provide global communications, commerce, media, navigation, and network services between NIIs. (Note that some documents refer to the GII as the inclusion of all NIIs; for our purposes, we describe the GII as the interconnection layer between NIIs.)

The national information infrastructure (NII) includes the subset of the GII within the nation, and internal telecommunications, computers, intranets, and other information services not connected to the GII. The NII is directly dependent upon national electrical power to operate, and the electrical power grid is controlled by components of the NII.

The defense information infrastructure (DII) includes the infrastructure owned and maintained by the military (and intelligence) organizations of the nation for purposes of national security. The DII includes command, control, communications, and computation components as well as dedicated administration elements. These elements are increasingly integrated to the NII and GII to use commercial services for global reach but employ INFOSEC methods to provide appropriate levels of security.

The critical infrastructures identified by the U.S. President’s Commission on Critical Infrastructure Protection (PCCIP) include five sectors

Information and communications (the NII)
Banking and finance
Energy
Physical distribution
Vital human services

Attackers may seek to achieve numerous policy objectives by attacking these infrastructures. In order to achieve these policies, numerous intermediate attack goals may be established that can then be achieved by information infrastructure attacks. Examples of intermediate goals might include the following:

Reduce security by reducing the ability of a nation to respond in its own national interest;
Weaken public welfare by attacking emergency services to erode public confidence in the sustainment of critical services and in the government;
Reduce economic strength to reduce national economic competitiveness.

Two capabilities are required for the NII:

Infrastructure protection requires defenses to prevent and mitigate the effects of physical or electronic attack.
Infrastructure assurance requires actions to ensure readiness, reliability, and continuity—restricting damage and providing for reconstitution in the event of an attack.

The conceptual model provides for the following basic roles and responsibilities:

Protected information environment—The private sector maintains protective measures (INFOSEC, OPSEC) for the NII supported by the deterrent measures contributed by the government. Deterrence is aimed at influencing the perception of potential attackers, with the range of responses listed in the figure. The private sector also holds responsibility for restoration after attack, perhaps supported by the government in legally declared emergencies.
Attack detection—The government provides the intelligence resources and integrated detection capability to provide indications and warnings (strategic) and alerts (tactical) to structured attacks.
Attack response—The government must also ascertain the character of the attack, assess motives and actors, and then implement the appropriate response (civil, criminal, diplomatic, economic, military, or informational).
Legal protection—In the United States, the government also holds responsibility (under the Bill of Rights, 1791, and derivative statues cited below) for the protection of individual privacy of information, including oral and wire communications [26]; computers, e-mail, and digitized voice, data, and video [27]; electronic financial records and the transfer of electronic funds [28,29]; and cellular and cordless phones and data communications [30]. This is the basis for civil and criminal deterrence to domestic and international criminal information attacks on the NII.

While the government has defined the NII, the private sector protects only private property, and there is no coordinated protection activity. Individual companies, for example, provide independent protection at levels consistent with their own view of risk, based on market forces and loss prevention.

IO attacks, integrated across all elements of critical infrastructure and targeted at all three levels of the NII, will attempt to destabilize the balance and security of these operations. The objective and methodology is to:

Achieve perception objectives at the perceptual level, causing leadership to behave in a desired manner.
This perception objective is achieved by influencing the components of the critical infrastructure at the application level.
This influence on the critical infrastructure is accomplished through attacks on the information infrastructure, which can be engaged at the physical, information, and perceptual layers.

6.1.3 Defense Information Infrastructure (DII)

The DII implements the functional “information grid”. In the United States, the structure is maintained by the Defense Information Systems Agency (DISA), which established the following definition:

The DII is the web of communications networks, computers, software, databases, applications, weapon system interfaces, data, security services, and other services that meet the information-processing and transport needs of DoD users across the range of military operations. It encompasses the following:

Sustaining base, tactical, and DoD-wide information systems, and command, control, communications, computers, and intelligence (C4I) interfaces to weapons systems.
The physical facilities used to collect, distribute, store, process, and display voice, data, and imagery.
The applications and data engineering tools, methods, and processes to build and maintain the software that allow command and control (C2), intelligence, surveillance, reconnaissance, and mission support users to access and manipulate, organize, and digest proliferating quantities of information.
The standards and protocols that facilitate interconnection and interoperation among networks.
The people and assets that provide the integrating design, management, and operation of the DII, develop the applications and services, construct the facilities, and train others in DII capabilities and use.

Three distinct elements of the U.S. DII are representative of the capabilities required by a third-wave nation to conduct information-based warfare.

6.2 Information Infrastructure War Forms

As the GII and connected NIIs form the fundamental interconnection between societies, it is apparent that this will become a principal vehicle for the conduct of competition, conflict, and warfare. The concept of network warfare was introduced and most widely publicized by RAND authors John Arquilla and David Ronfeldt in their classic think piece, “Cyberwar is Coming!”

The relationships between these forms of conflict may be viewed as sequential and overlapping when mapped on the conventional conflict time line that escalates from peace to war before de-escalation to return to peace (Figure 6.7). Many describe netwar as an ongoing process, with degrees of intensity moving from daily unstructured attacks to focused net warfare of increasing intensity until militaries engage in C2W. Netwar activities are effectively the ongoing, “peacetime”-up-to-conflict components of IO.

6.3 Information Operations for Network Warfare

Ronfeldt and Arquilla define netwar as a societal-level ideational conflict at a grand level, waged in part through Internetted modes of communications. It is conducted at the perceptual level, exploiting the insecurities of a society via the broad access afforded by the GII and NIIs. Netwar is characterized by the following qualities that distinguish it from all other forms:

Target—Society at large or influential subsets are targeted to manage perception and influence the resulting opinion. Political, economic, and even military segments of society may be targeted in an orchestrated fashion. The effort may be designed to create and foster dissident or opposition groups that may gain connectivity through the available networks.
Media—All forms of networked and broadcast information and communications within the NII of a targeted nation state may be used to carry out information operations. The GII may be the means for open access or illicit penetration of the NII.
Means—Networks are used to conduct operations, including (1) public influence (open propaganda campaigns, diplomatic measures, and psychological operations); (2) deception (cultural deception and subversion, misinformation); (3) disruption and denial (interference with media or information services); and (4) exploitation (use of networks for subversive activities, interception of information to support targeting).
Players—The adversaries in netwar need not be nation states. Nation states and nonstate organizations in any combination may enter into conflict. As networks increasingly empower individuals with information influence, smaller organizations (with critical information resources) may wage effective netwar attacks.

In subsequent studies, Arquilla and Ronfeldt have further developed the potential emergence of netwar as dominant form of societal conflict in the twenty-first century and have prescribed the necessary preparations for such conflicts. A 1994 U.S. Defense Science Board study concluded that “A large structured attack with strategic intent against the U.S. could be prepared and exercised under the guise of unstructured activities”

6.3.1 A Representative Netwar Scenario

The U.S. defense community, futurists, and security analysts have hypothesized numerous netwar scenarios that integrate the wide range of pure information weapons, tactics, and media that may be applied by future information aggressors.

6.4 Information Operations for Command and Control Warfare (C2W)

Information operations, escalated to physical engagement against military command and control systems, enter the realm of C2W. C2W is “the integrated use of operations security (OPSEC), military deception, psychological operations (PSYOPS), electronic warfare (EW), and physical destruction, mutually supported by intelligence to deny information to, influence, degrade, or destroy adversary command and control capabilities, while protecting friendly command and control capabilities against such actions”.

C2W is distinguished from netwar in the following dimensions:

Target—Military command and control is the target of C2W. Supporting critical military physical and information infrastructures are the physical targets of C2W.

Media—While the GII is one means of access for attack, C2W is characterized by more direct penetration of an opponent’s airspace, land, and littoral regions for access to defense command and control infrastructure. Weapons are delivered by air, space, naval, and land delivery systems, making the C2W overt, intrusive, and violent. This makes it infeasible to conduct C2W to the degree of anonymity that is possible for netwar.

Means—C2W applies physical and information attack means to degrade (or destroy) the OODA loop function of command and control systems, degrading military leaders’ perceptual control effectiveness and command response. PSYOPS, deception, electronic warfare, and physically destructive means are used offensively, and OPSEC provides protection of the attack planning.

Players—The adversaries of C2W are military organizations of nation states, authorized by their governments.

Ronfeldt and Arquilla emphasize that future C2W will be characterized by a revision in structure, as well as operations, to transform the current view of command and control of military operations:

Waging [C2W] may require major innovations in organizational design, in particular a shift from hierarchies to networks. The traditional reliance on hierarchical designs may have to be adapted to network-oriented models to allow greater flexibility, lateral connectivity, and teamwork across institutional boundaries. The traditional emphasis on command and control, a key strength of hierarchy, may have to give way to emphasis on consultation and coordination, the crucial building blocks of network designs

6.5.1 Psychological Operations (PSYOPS)

PSYOPS are planned operations to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately the behaviors of foreign governments, organizations, groups, and individuals. The objective of PSYOPS is to manage the perception of the targeted population, contributing to the achievement of larger operational objectives. Typical military objectives include the creation of uncertainty and ambiguity (confusion) to reduce force effectiveness, the countering of enemy propaganda, the encouragement of disaffection among dissidents, and the focusing of attention on specific subjects that will degrade operational capability. PSYOPS are not synonymous with deception; in fact, some organizations, by policy, present only truthful messages in PSYOPS to ensure that they will be accepted by target audiences.

PSYOPS are based on two dimensions: the communication of a message via an appropriate media to a target population (e.g., enemy military personnel or foreign national populations).

PSYOP activities begin with creation of the perception objective and development of the message theme(s) that will create the desired perception in the target population (Figure 6.11). Themes are based upon analysis of the psychological implications and an understanding of the target audience’s culture, preconceptions, biases, means of perception, weaknesses, and strengths. Theme development activities require approval and coordination across all elements of government to assure consistency in diplomatic, military, and economic messages. The messages may take the form of verbal, textual messages (left brain oriented) or “symbols” in graphic or visual form (right brain oriented).

6.5.2 Operational Deception

Military deception includes all actions taken to deliberately mislead adversary military decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of a friendly mission [60]. Deception operations in netwar expand the targets to include society at large, and have the objective of inducing the target to behave in manner (e.g., trust) that contributes to the operational mission.

Deception contributes to the achievement of a perception objective; it is generally not an end objective in itself.

Two categories of misconception are recognized: (1) ambiguity deception aims to create uncertainty about the truth, and (2) misdirection deception aims to create certainty about a falsehood. Deception uses methods of distortion, concealment, falsification of indicators, and development of misinformation to mislead the target to achieve surprise or stealth. Feint, ruse, and diversion activities are common military deceptive actions.

Because deception operations are fragile (their operational benefit is denied if detected), operational security must be maintained and the sequencing of deceptive and real (overt) activities must be timed to protect the deception until surprise is achieved. As in PSYOPS, intelligence must provide feedback on the deception effects to monitor the degree to which the deception story is believed.

Deception operations are based on exploitation of bias, sensitivity, and capacity vulnerabilities of human inference and perception (Table 6.9) [61]. These vulnerabilities may be reduced when humans are aided by objective decision support systems, as noted in the table.

Electronic attack can be further subdivided into four fundamental attack categories: exploitation, deception, disruption or denial, or destruction

6.5.5 Intelligence

Intelligence operations contribute assessments of threats (organizations or individuals with inimical intent, capability, and plans); preattack warnings; and postattack investigation of events.

Intelligence can be viewed as a defensive operation at the perception level because it provides information and awareness of offensive PSYOPS and deception operations.

Intelligence on information threats must be obtained in several categories:

Organization threat intelligence—Government intelligence activities maintain watches for attacks and focus on potential threat organizations, conducting counterintelligence operations (see next section) to determine intent, organizational structure, capability, and plans.
Technical threat intelligence—Technical intelligence on computer threats and technical capabilities are supplied by the government, academia, or commercial services to users as services.

6.5.6 Counterintelligence

Structured attacks require intelligence gathering on the infrastructure targets, and it is the role of counterintelligence to prevent and obstruct those efforts. Network counterintelligence gathers intelligence on adversarial individuals or organizations (threats) deemed to be motivated and potentially capable of launching a network attack.

6.5.7 Information Security (INFOSEC)

We employ the term INFOSEC to encompass the full range of disciplines to provide security protection and survivability of information systems from attacks, including the most common disciplines,

INFOSEC—Measures and controls that protect the information infrastructure against denial of service and unauthorized (accidental or intentional) disclosure, modification, or destruction of information infrastructure components (including data). INFOSEC includes consideration of all hardware and/or software functions, characteristics and/or features; operational procedures, accountability procedures, and access controls at the central computer facility, remote computer, and terminal facilities; management constraints; physical structures and devices; and personnel and communication controls needed to provide an acceptable level of risk for the infrastructure and for the data and information contained in the infrastructure. It includes the totality of security safeguards needed to provide an acceptable protection level for an infrastructure and for data handled by an infrastructure.
COMSEC—Measures taken to deny unauthorized persons information derived from telecommunications and to ensure the authenticity of such telecommunications. Communications security includes cryptosecurity, transmission security, emission security, and physical security of communications security material and information.
TEMPEST—The study and control of spurious electronic signals emitted by electrical equipment.
COMPUSEC—Computer security is preventing attackers from achieving objectives through unauthorized access or unauthorized use of computers and networks.
System survivability—The capacity of a system to complete its mission in a timely manner, even if significant portions of the system are incapacitated by attack or accident.

6.5.8 Operational Security (OPSEC)

Operations security denies adversaries information regarding intentions, capabilities, and plans by providing functional and physical protection of people, facilities, and physical infrastructure components. OPSEC seeks to identify potential vulnerabilities and sources of leakage of critical indicators [80] to adversaries, and to develop measures to reduce those vulnerabilities. While INFOSEC protects the information infrastructure, OPSEC protects information operations (offensive and defensive).

An Operational Concept (CONOPS) for Information Operations

Units or cells of information warriors will conduct the information operations that require coordination of technical disciplines to achieve operational objectives. These cells require the support of planning and control tools to integrate and synchronize both the defensive and offensive disciplines introduced in the last chapter.

This chapter provides a baseline concept of operations (CONOPS) for implementing an offensive and defensive joint service IO unit with a conceptual support tool to conduct sustained and structured C2W. We illustrate the operational-level structure and processes necessary to implement information operations—in support of overall military operations—on a broad scale in a military environment.

The 16 essential capabilities identified in the U.S. Joint Warfighter Science and Technology Plan (1997) as necessary to achieve an operational information warfare capability [1].

Information consistency includes the integrity, protection, and authentication of information systems.
Access controls/security services ensures information security and integrity by limiting access to information systems to authorized personnel only. It includes trusted electronic release, multilevel information security, and policies.

3.Service availability ensures that information systems are available when needed, often relying upon communications support for distributed computing.

Network management and control ensures the use of reconfigurable robust protocols and control algorithms, self-healing applications, and systems capable of managing distributed computing over heterogeneous platforms and networks.
Damage assessment determines the effectiveness of attacks in both a defensive capacity (e.g., where and how bad) and an offensive capacity (e.g., measure of effectiveness).
Reaction (isolate, correct, act) responds to a threat, intruder, or network or system disturbance. Intrusions must be characterized and decision makers must have the capability to isolate, contain, correct, monitor surreptitiously, and so forth. The ability to correct includes recovery, resource reallocation, and reconstitution.
Vulnerability assessment and planning is an all-encompassing functional capability that includes the ability to realistically assess the joint war fighter’s information system(s) and information processes and those of an adversary. The assessment of war-fighter systems facilitates the use of critical protection functions such as risk management and vulnerability analysis. The assessment of an adversary’s information system provides the basis for joint war-fighter attack planning and operational execution.
Preemptive indication provides system and subsystem precursors or indications of impending attack.
Intrusion detection/threat warning enables detection of attempted and successful intrusions (malicious and nonmalicious) by both insiders and outsiders.

10.Corruption of adversary information/systems can take many diverse forms, ranging from destruction to undetected change or infection of information. There are two subsets of this function: (1) actions taken on information prior to its entry into an information system, and (2) actions taken on information already contained within an information system.

Defeat of adversary protection includes the defeat of information systems, software and physical information system protection schemes, and hardware.
Penetration of adversary information system provides the ability to intrude or inject desired information into an adversary’s information system, network, or repository. The function includes the ability to disguise the penetration—either the fact that the penetration has occurred or the exact nature of the penetration.

13.Physical destruction of adversary’s information system physically denies an adversary the means to access or use its information systems. Actions include traditional hard kills as well as actions of a less destructive nature that cause a physical denial of service.

Defeat of adversary information transport defeats any means involved in the movement of information either to or within a given information system. It transcends the classical definition of electronic warfare by encompassing all means of information conveyance rather than just the traditional electrical means.
Insertion of false station/operator into an adversary’s information system provides the ability to inject a false situation or operator into an adversary’s information system.
Disguise of sources of attack encompasses all actions designed to deny an adversary any knowledge of the source of an information attack or the source of information itself. Disguised sources, which deny the adversary true information sources, often limit the availability of responses, thereby delaying correction or retaliation.

Concept of Operations (CONOPS) for Information Operations Support System (IOSS)

Section 1 General 1.1 Purpose

This CONOPS describes an information operations support system (IOSS) comprised of integrated and automated tools to plan and conduct offensive and defensive information operations.

This CONOPS is a guidance document, does not specify policy, and is intended for audiences who need a quick overview or orientation to information operations (IO).

1.2 Background

Information operations provide the full-spectrum means to achieve information dominance by: (1) monitoring and controlling the defenses of a force’s information infrastructure, (2) planning activities to manage an adversary’s perception, and (3) coordinating PSYOPS, deception, and intrusive physical and electronic attacks on the adversary’s information infrastructure.

CONOPS provides an overview of the methodology to implement an IO cell supported by the semiautomated and integrated IOSS tools to achieve information dominance objectives. The following operational benefits are accrued:

Synchronization—An approach to synchronize all aspects of military operations (intelligence, OPSEC, INFOSEC, PSYOPS, deception, information, and conventional attack) and to deconflict adverse actions between disciplines;

Information sharing—The system permits rapid, adaptive collaboration among all members of the IO team;
Decision aiding—An automated process to manage all IO data, provide multiple views of the data, provide multiple levels of security, and aid human operators in decision making.

3.3 Operational Process

Defensive planning is performed by the OPSEC and INFOSEC officers, who maintain a complete model of friendly networks and status reports on network performance. Performance and intrusion detection information is used to initiate defensive actions (e.g., alerts, rerouting, service modification, initiation of protection or recovery modes). The defensive process is continuous and dynamic, and adapts security levels and access controls to maintain and manage the level of accepted risk established at the operational level.

The flow of offensive planning activities performed by the IOSS is organized by the three levels of planning.

Perceptual level—The operational plan defines the intent of policy and operational objectives. The operational and perception plans, and desired behaviors of the perception targets (audiences), are defined at this level.

Information infrastructure level—The functional measures for achieving perception goals, in the perception target’s information infrastructure, are developed at this level.

Physical level—The specific disciplines that apply techniques (e.g., physical attack, network attack, electronic support) are tasked at this level.

The IOSS performs the decide function of the OODA loop for information operations, and the functional flow is organized to partition both the observe/orient function that provides inputs and the operational orders (OPORDS) that initiate the attack actions. The sequence of planning activities proceeds from the perceptual to the physical level, performing the flow-down operations defined in the following subsections.

3.3.1 Perception Operations The operational objectives and current situation are used to develop the desired perception objectives, which are balanced with all other operational objectives.

3.3.2 Information Infrastructure Operations At this level, the targeted information infrastructure (II) (at all ISO levels) is analyzed and tactics are developed to achieve the attack objectives by selecting the elements of the II to be attacked (targeted). The product is a prioritized high-value target (HVT) list. Using nodal analysis, targets are nominated for attack by the desired functional effect to achieve flowed-down objectives: denial, disruption, deceit, exploitation, or destruction.

Once the analysis develops an optimized functional model of an attack approach that achieves the objectives, weapons (techniques) are selected to accomplish the functional effects. This weaponeering process pairs the techniques (weapons) to targets (e.g., links, nodes, processing, individual decision makers). It also considers the associated risks due to attack detection and collateral damage and assigns intelligence collection actions necessary to perform BDA to verify the effectiveness of the attack.

3.3.3 Physical Level At the physical level, the attacking disciplines plan and execute the physical-level attacks.

Section 4 Command Relationships

4.3 Intelligence Support

IOSS requires intelligence support to detect, locate, characterize, and map the threat-critical infrastructure at three levels.

Section 5 Security 5.1 General

IO staff operations will be implemented and operated at multiple levels of security (MLS). Security safeguards consist of administrative, procedural, physical, operational, and/or environmental, personnel, and communications security; emanation security; and computer security (i.e., hardware, firmware, network, and software), as required.

Section 6 Training

6.1 General

Training is the key to successful integration of IO into joint military operations. Training of IO battle staff personnel is required at the force and unit levels, and is a complex task requiring mastery of the related disciplines of intelligence, OPSEC, PSYOPS, deception, electronic warfare, and destruction.

6.2 Formal Training

The fielding and operation of an IO cell or battle staff may require formal courses or unit training for the diverse personnel required. Training audiences include instructors, IO operators, IO battle staff cadre, system support, a broad spectrum of instructors in related disciplines, and senior officers.

7.2 Select Bibliography

Command and Control Warfare Policy

CJCSI 3210.01, Joint Information Warfare Policy, Jan. 2, 1996. DOD Directive S-3600.1, Information Warfare.

CJCSI 3210.03, Joint Command and Control Warfare Policy (U), Mar. 31, 1996.
JCS Pub 3-13.1, Joint Command and Control Warfare (C2W) Operations, Feb. 7, 1996.

Information Operations

“Information Operations,” Air Force Basic Doctrine (DRAFT), Aug. 15, 1995. FM-100-6, Information Operations, Aug. 27, 1997.
TRADOC Pam 525-69, Concept for Information Operations, Aug. 1, 1995.

Intelligence

Joint Pub 2-0, Doctrine for Intelligence Support to Joint Operations, May 5, 1995. AFDD 50, Intelligence, May 1996.
FM 34-130, Intelligence Preparation of the Battlefield, July 8, 1994.

PSYOPS, Civil and Public Affairs

JCS Pub 3-53, “Doctrine for Joint Psychological Operations,” AFDD 2.5-5, Psychological Operations, Feb. 1997.

FM 33-1, Psychological Operations, Feb. 18, 1993. FM 41-10, Civil Affairs Operations, Jan. 11, 1993. FM 46-1, Public Affairs Operations, July 23, 1992.

Operational Deception

CJCSI 3211.01, Joint Military Deception, June 1, 1993.
JCS Pub 3-58, Joint Doctrine for Operational Deception, June 6, 1994.
AR 525-21, Battlefield Deception Policy, Oct. 30, 1989.
FM 90-2, Battlefield Deception [Tactical Cover and Deception], Oct. 3, 1988. FM 90-2A (C), Electronic Deception, June 12, 1989.

Information Attack

FM 34-1, Intelligence and Electronic Warfare Operations, Sept. 27, 1994.

FM 34-37, Echelon Above Corps Intelligence and Electronic Warfare Operations, Jan. 15, 1991.

FM 34-36, Special Intelligence Forces Intelligence and Electronic Warfare Operations, Sept. 30, 1991.

Operational Security (OPSEC)

DOD Directive 5205.2, Operations Security Program, July 7, 1983. Joint Pub No. 3-54 Joint Doctrine for Operations Security.

AFI 10-1101, (Air Force), Operational Security Instruction.

AR 530-1, (Army) Operations Security, Mar. 3, 1995.

Information Security (INFOSEC)

DoD 5200.1-R, Information Security Program Regulation. AFPD 31-4, (Air Force) Information Security, Aug. 1997.
AR 380-19, (Army) Information System Security, Aug. 1, 1990.

8
Offensive Information Operations

This chapter introduces the functions, tactics, and techniques of malevolence against information systems. Offensive information operations target human perception, information that influences perception, and the physical world that is perceived. The avenues of these operations are via perceptual, information, and physical means.

Offensive information operations are malevolent acts conducted to meet the strategic, operational, or tactical objectives of authorized government bodies; legal, criminal, or terrorist organizations; corporations; or individuals. The operations may be legal or illegal, ethical or unethical, and may be conducted by authorized or unauthorized individuals. The operations may be performed covertly, without notice by the target, or they may be intrusive, disruptive, and even destructive. The effects on information may bring physical results that are lethal to humans.

Offensive operations are uninvited, unwelcome, unauthorized, and detrimental to the target; therefore, we use the term attack to refer to all of these operations.

security design must be preceded by an understanding of the attacks it must face.

Offensive information attacks have two basic functions: to capture or to affect information. (Recall that information may refer to processes or to data/information/knowledge content.) These functions are performed together to achieve the higher level operational and perceptual objectives. In this chapter, we introduce the functions, measures, tactics, and techniques of offensive operations.

Functions—The fundamental functions (capture and affect) are used to effectively gain a desired degree of control of the target’s information resources. Capturing information is an act of theft of a resource if captured illegally, or technical exploitation if the means is not illicit. The object of capture may be, for example, a competitor’s data, an adversary’s processed information, another’s electronic cash (a knowledgelevel resource with general liquidity), or conversations that provide insight into a target’s perception. Affecting information is an act of intrusion with intent to cause unauthorized effects, usually harmful to the information owner. The functional processes that capture and affect information are called offensive measures, designed to penetrate operational and defensive security measures of the targeted information system.
Tactics—The operational processes employed to plan, sequence, and control the countermeasures of an attack are the attack tactics. These tactics consider tactical factors, such as attack objectives; desired effects (e.g., covertness; denial or disruption of service; destruction, modification, or theft of information); degree of effects; and target vulnerabilities.
Techniques—The technical means of capturing and affecting information of humans—their computers, communications, and supporting infrastructures—are described as techniques. In addition to these dimensions, other aspects, depending upon their application, may characterize the information attacks.

Motive—The attacker’s motive may be varied (e.g., ideological, revenge, greed, hatred, malice, challenge, theft). Though not a technical characteristic, motive is an essential dimension to consider in forensic analysis of attacks.
Invasiveness—Attacks may be passive or active. Active attacks invade and penetrate the information target, while passive attacks are noninvasive, often observing behaviors, information flows, timing, or other characteristics. Most cryptographic attacks may be considered passive relative to the sender and receiver processes, but active and invasive to the information message itself.

Effects—The effects of attacks may vary from harassment to theft, from narrow, surgical modification of information to large-scale cascading of destructive information that brings down critical societal infrastructure.
Ethics and legality—The means and the effects may be legal or illegal, depending upon current laws. The emerging opportunities opened by information technology have outpaced international and U.S. federal laws to define and characterize legal attacks. Current U.S. laws, for example, limit DoD activities in peacetime. Traditional intelligence activities are allowed in peacetime (capture information), but information attacks (affect information) form a new activity (not necessarily lethal, but quite intrusive) not covered by law. Offensive information operations that affect information enable a new range of nonlethal attacks that must be described by new laws and means of authorization, even as blockades, embargoes, and special operations are treated today. These laws must define and regulate the authority for transitional conflict operations between peace and war and must cover the degree to which “affect” operations may access nonmilitary infrastructure (e.g., commercial, civilian information). The laws must also regulate the scope of approved actions, the objective, and the degree to which those actions may escalate to achieve objectives. The ethics of these attacks must also be considered, understanding how the concepts of privacy and ownership of real property may be applied to the information resource. Unlike real property, information is a property that may be shared, abused, or stolen without evidence or the knowledge of the legitimate owner.

8.1 Fundamental Elements of Information Attack

Before introducing tactics and weapons, we begin the study of offense with a complete taxonomy of the most basic information-malevolent acts at the functional level. This taxonomy of attack countermeasures may be readily viewed in an attack matrix formed by the two dimensions:

Target level of the IW model: perceptual, information, or physical;
Attack category: capture or affect.

The attack matrix (Figure 8.1) is further divided into the two avenues of approach available to the attacker:

Direct, or internal, penetration attacks—Where the attacker penetrates [1] a communication link, computer, or database to capture and exploit internal information, or to modify information (add, insert, delete) or install a malicious process;

Indirect, or external, sensor attacks—Where the attacker presents open phenomena to the system’s sensors or information to sources (e.g., media, Internet, third parties) to achieve counterinformation objectives. These attacks include insertion of information into sensors or observation of the behavior of sensors or links interconnecting fusion nodes.

In C2W, indirect attacks target the observation stage of the OODA loop, while direct attacks target the orient stage of the loop [2]. The attacker may, of course, orchestrate both of these means in a hybrid attack in which both actions are supportive of each other

Two categories of attacks that affect information are defined by the object of attack.

Content attacks—The content of the information in the system may be attacked to disrupt, deny, or deceive the user (a decision maker or process). In C2W information operations, attacks may be centered on changing or degrading the intelligence preparation of the battlefield (IPB) databases, for example, to degrade its use in a future conflict.

Temporal attacks—The information process may be affected in such a way that the timeliness of information is attacked. Either a delay in receipt of data (to delay decision making or desynchronize processes) or deceptive acceleration by insertion of false data characterizes these attacks.

8.2

The Weapons of Information Warfare

8.3.1 Network Attack Vulnerabilities and Categories

Howard has developed a basic taxonomy of computer and network attacks for use in analyzing security incidents on the Internet [5]. The taxonomy structure is based on characterizing the attack process (Figure 8.2) by five basic components that characterize any attack.

Attackers—Six categories of attackers are identified (and motivations are identified separately, under objectives): hackers, spies, terrorists, corporate, professional criminals, and vandals.
Tools—The levels of sophistication of use of tools to conduct the attack are identified.
Access—The access to the system is further categorized by four branches.

Vulnerability exploited—Design, configuration (of the system), and implementation (e.g., software errors or bugs [7]) are all means of access that may be used.

Level of intrusion—The intruder may obtain unauthorized access, but may also proceed to unauthorized use, which has two possible subcategories of use.

Use of processes—The specific process or service used by the unauthorized user is identified as this branch of the taxonomy (e.g., SendMail, TCP/IP).

Use of information—Static files in storage or data in transit may be the targets of unauthorized use.

Results—Four results are considered: denial or theft of service, or corruption or theft (disclosure) of information.
Objectives—Finally, the objective of the attack (often closely correlated to the attacker type) is the last classifying property.

(This taxonomy is limited to network attacks using primarily information layer means, and can be considered a more refined categorization of the attacks listed in the information-layer row of the attack matrix presented earlier in Section 8.1.)

/IP).

8.4 Command and Control Warfare Attack Tactics

In military C2W, the desired attack effects are degradation of the opponent’s OODA loop operations (ineffective or untimely response), disruption of decision-making processes, discovery of vulnerabilities, damage to morale, and, ultimately, devastation of the enemy’s will to fight.

Command and control warfare has often been characterized as a war of OODA loops where the fastest, most accurate loop will issue the most effective actions [20]. The information-based warfare concepts introduced in Chapter 3 (advanced sensors, networks, and fusion systems) speed up the loop, improving information accuracy (content), visualization and dissemination (delivery), and update rates (timeliness).

Offensive information operations exploit the vulnerabilities described here and in Section 8.3.1.

Attacks exploit vulnerabilities in complex C4I systems to counter security and protection measures, as well as common human perceptual, design, or configuration vulnerabilities that include the following:

Presumption of the integrity of observations and networked reports;
Presumption that observation conflicts are attributable only to measurement error;
Presumption that lack of observation is equivalent to nondetection rather than denial;

Absence of measures to attribute conflict or confusion to potential multisource denial and spoofing.

Four fusion-specific threat mechanisms can be defined to focus information on the fusion process:

Exploitation threats seek to utilize the information obtained by fusion systems or the fusion process itself to benefit the adversary. Information that can be captured from the system covertly can be used to attack the system, to monitor success of IW attacks, or to support other intelligence needs.
Deception threats to fusion systems require the orchestration of multiple stimuli and knowledge of fusion processes to create false data and false fusion decisions, with the ultimate goal of causing improper decisions by fusion system users. Deception of a fusion system may be synchronized with other deception plots, including PSYOPS and military deceptions to increase confidence in the perceived plot.
Disruption of sensor fusion systems denies the fusion process the necessary information availability or accuracy to provide useful decisions. Jamming of sensors, broadcast floods to networks, overloads, and soft or temporary disturbance of selected links or fusion nodes are among the techniques employed for such disruption.
Finally, softand hard-kill destruction threats include a wide range of physical weapons, all of which require accurate location and precision targeting of the fusion node.

The matrix provides a tool to consider each individual category of attack against each element of the system.

8.5 IW Targeting and Weaponeering Considerations

Structured information strikes (netwar or C2W) require functional planning before coordinating tactics and weapons for all sorties at the perceptual, information, and physical levels. The desired effects, whether a surgical strike on a specific target or cascading effects on an infrastructure, must be defined and the uncertainty in the outcome must also be determined. Munitions effects, collateral damage, and means of verifying the functional effects achieved must be considered, as in physical military attacks.

8.8 Offensive Operations Analysis, Simulation, and War Gaming

The complexity of structured offensive information operations and the utility of their actions on decision makers is not fully understood or completely modeled. Analytic models, simulations, and war games will provide increasing insight into the effectiveness of these unproven means of attack. Simulations and war games must ultimately evaluate the utility of complex, coordinated, offensive information operations using closed loop models (Figure 8.11) that follow the OODA loop structure presented in earlier chapters to assess the influence of attacks on networks, information systems, and decision makers.

Measures of performance and effectiveness are used to assess the quantitative effectiveness of IW attacks (or the effectiveness of protection measures to defend against them). The measures are categorized into two areas.

Performance metrics quantify specific technical values that measure the degree to which attack mechanisms affect the targeted information source, storage, or channel.

Effectiveness metrics characterize the degree to which IW objectives impact the mission functions of the targeted system.

8.9 Summary

The wide range of offensive operations, tactics, and weapons that threaten information systems demand serious attention to security and defense. The measures described in this chapter are considered serious military weapons. The U.S. director of central intelligence (DCI) has testified that these weapons must be considered with other physical weapons of mass destruction, and that the electron should be considered the ultimate precision guided weapon [65].

9
Defensive Information Operations

This chapter provides an overview of the defensive means to protect the information infrastructure against the attacks enumerated in the last chapter. Defensive IO measures are referred to as information assurance.

Information operations that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and nonrepudiation. This includes providing for the restoration of information systems by incorporating protection, detection, and reaction capabilities.

assurance includes the following component properties and capabilities:

Availability provides assurance that information, services, and resources will be accessible and usable when needed by the user.
Integrity assures that information and processes are secure from unauthorized tampering (e.g., insertion, deletion, destruction, or replay of data) via methods such as encryption, digital signatures, and intrusion detection.
Authentication assures that only authorized users have access to information and services on the basis of controls: (1) authorization (granting and revoking access rights), (2) delegation (extending a portion of one entity’s rights to another), and (3) user authentication (reliable corroboration of a user, and data origin. (This is a mutual property when each of two parties authenticates the other.)
Confidentiality protects the existence of a connection, traffic flow, and information content from disclosure to unauthorized parties.
Nonrepudiation assures that transactions are immune from false denial of sending or receiving information by providing reliable evidence that can be independently verified to establish proof of origin and delivery.
Restoration assures information and systems can survive an attack and that availability can be resumed after the impact of an attack.

While these asymmetric threats (e.g., lone teenager versus large corporation or DoD) have captured significant attention, they do not pose the more significant threat that comes in two areas.

Internal threats (structured or unstructured)—Any insider with access to the targeted system poses a serious threat. Perverse insiders, be they disgruntled employees, suborned workers, or inserted agents, pose an extremely difficult and lethal threat. Those who have received credentials for system access (usually by a process of background and other assessments) are deemed trustworthy. Protection from malicious acts by these insiders requires high-visibility monitoring of activities (a deterrent measure), frequent activity audits, and high-level physical security and internal OPSEC procedures (defensive measures). While continuous or periodic malicious actions may be detected by network behavior monitoring, the insider inserted to perform a single (large) destructive act is extremely difficult to detect before that act. OPSEC activities provide critical protection in these cases, due to the human nature of the threat. This threat is the most difficult, and it’s risk should not be understated because of the greater attention often paid to technical threats.

Structured external threats—Attackers with deep technical knowledge of the target, strong motivation, and the capability to mount combination attacks using multiple complex tactics and techniques also pose a serious threat. These threats may exploit subtle, even transitory, network vulnerabilities (e.g., configuration holes) and apply exhaustive probing and attack paths to achieve their objectives. While most computer vulnerabilities can be readily corrected, the likelihood that all computers in a network will have no vulnerabilities exposed at any given time is not zero. Structured attackers have the potential to locate even transient vulnerabilities, to exploit the momentary opportunity to gain access, and then expand the penetration to achieve the desired malevolent objective of attack.

9.1 Fundamental Elements of Information Assurance

The definition of information assurance includes six properties, of which three are considered to be the fundamental properties from which all others derive [20].

Confidentiality (privacy)—Assuring that information (internals) and the existence of communication traffic (externals) will be kept secret, with access limited to appropriate parties;

Integrity—Assuring that information will not be accidentally or maliciously altered or destroyed, that only authenticated users will have access to services, and that transactions will be certified and unable to be subsequently repudiated (the property of nonrepudiation);
Availability—Assuring that information and communications services will be ready for use when expected (includes reliability, the assurance that systems will perform consistently and at an acceptable level of quality; survivability, the assurance that service will exist at some defined level throughout an attack; and restoration to full service following an attack).

These fundamentals meet the requirements established for the U.S. NII [21] and the international community for the GII.

9.2 Principles of Trusted Computing and Networking

Traditional INFOSEC measures applied to computing provided protection from the internal category of attacks.

For over a decade, the TCSEC standard has defined the criteria for four divisions (or levels) of trust, each successively more stringent than the level preceding it.

D: Minimal protection—Security is based on physical and procedural controls only; no security is defined for the information system.
C: Discretionary protection—Users (subjects), their actions, and data (objects) are controlled and audited. Access to objects is restricted based upon the identify of subjects.
B: Mandatory protection—Subjects and objects are assigned sensitivity labels (that identify security levels) that are used to control access by an independent reference monitor that mediates all actions by subjects.
A: Verified protection—Highest level of trust, which includes formal design specifications and verification against the formal security model.

The TCSEC defines requirements in four areas: security policy, accountability, assurance, and documentation.

Most commercial computer systems achieve C1 or C2 ratings, while A and B ratings are achieved only by dedicated security design and testing with those ratings as a design objective.

Networks pose significant challenges to security.

Heterogeneous systems—The variety of types and configurations of systems (e.g., hardware platforms, operating systems), security labeling, access controls, and protocols make security analysis and certification formidable.
Path security—Lack of control over communication paths through the network may expose data packets to hostile processes.
Complexity—The complexity of the network alone provides many opportunities for design, configuration, and implementation vulnerabilities (e.g., covert channels) while making comprehensive analysis formidable.

Trusted networks require the properties already identified, plus three additional property areas identified in the TNI.

Communications integrity—Network users must be authenticated by secure means that prevent spoofing (imitating a valid user or replaying a previously sent valid message). The integrity of message contents must be protected (confidentiality), and a means must be provided to prove that a message has been sent and received (nonrepudiation).
Protection from service denial—Networks must sustain attacks to deny service by providing a means of network management and monitoring to assure continuity of service.
Compromise protection services—Networks must also have physical and information structure protections to maintain confidentiality of the traffic flow (externals) and message contents (internals). This requirement also imposes selective routing capabilities, which permit control of the physical and topological paths that network traffic traverse.

The concept of “layers” of trust or security is applied to networks, in which the security of each layer is defined and measures are taken to control access between layers and to protect information transferred across the layers.

9.3 Authentication and Access Control

The fundamental security mechanism of single or networked systems is the control of access to authentic users. The process of authentication requires the user to verify identity to establish access, and access controls restrict the processes that may be performed by the authenticated user or users attempting to gain authentication.

9.3.1 Secure Authentication and Access Control Functions

Authentication of a user in a secure manner requires a mechanism that verifies the identity of the requesting user to a stated degree of assurance.

Remote authentication and granting of network access is similar to the functions performed by military identification friend or foe (IFF) systems, which also require very high authentication rates. In network systems, as in IFF, cryptographic means combined with other properties provide high confidence and practical authentication. A variety of methods combining several mechanisms into an integrated system is usually required to achieve required levels of security for secure network applications.

9.5 Incident Detection and Response

Extensive studies of network intrusion detection have documented the technical challenge of achieving comprehensive detection on complex networks. There are several technical approaches to implementing detection mechanisms including the following:

Known pattern templates—Activities that follow specific sequences (e.g., attempts to exploit a known vulnerability, repeated password attacks, virus code signatures, etc.) of identified threats may be used to detect incidents. For example, Courtney, a detection program developed by the Lawrence Livermore National Laboratory, specifically detects the distinctive scan pattern of the SATAN vulnerability scanning tool.
Threatening behavior templates—Activities that follow general patterns that may jeopardize security are modeled and applied as detection criteria. Statistical, neural network, and heuristic detection mechanisms can detect such general patterns, but the challenge is to maintain an acceptably low false alarm rate with such general templates.
Traffic analysis—Network packets are inspected within a network to analyze source and destination as an initial filter for suspicious access activities. If packets are addressed to cross security boundaries, the internal packet contents are inspected for further evidence of intrusive or unauthorized activity (e.g., outgoing packets may be inspected for keywords, data contents; inbound packets for executable content).
State-based detection—Changes in system states (i.e., safe or “trusted” to unsafe transitions as described in Section 9.2) provide a means of detecting vulnerable actions.

Responses to incident detections can range from self-protective measures (terminate offending session and modify security policy) to offensive reactions, if the source of attack can be identified. In order to identify attackers, entrapment measures that are used include the deliberate insertion of an apparent security hole into a system.

In order to identify attackers, entrapment measures that are used include the deliberate insertion of an apparent security hole into a system. The intruder is seduced (through the entrapment hole) into a virtual system (often called the “honey pot”) that appears to be real and allows the intruder to carry out an apparent attack while the target system “observes” the attack. During this period, the intruder’s actions are audited and telecommunication tracing activities can be initiated to identify the source of the attack. Some firewall products include such entrapment mechanisms, presenting common or subtle security holes to attackers’ scanners to focus the intruder’s attention on the virtual system.

In addition to technical detection and response for protection, conventional investigative responses to identify and locate network or electronic attack intruders are required for deterrence (e.g., to respond with criminal prosecution or military reprisal). Insight into the general methodology for investigating ongoing unstructured attacks on networks is provided by a representative response that was performed in 1994 by the Air Force Computer Emergency Response Team (AFCERT) from the U.S. Information Warfare Center [47].

Auditing—Analyze audit records of attack activities and determine extent of compromise. The audit records of computer actions and telecommunication transmissions must be time-synchronized to follow the time sequence of data transactions from the target, through intermediate network systems, to the attacker. (Audit tracking is greatly aided by synchronization of all telecommunication and network logging to common national or international time standards.)
Content monitoring—Covertly monitor the content of ongoing intrusion actions to capture detailed keystrokes or packets sent by the attacker in these attacks.
Context monitoring—Remotely monitor Internet traffic along the connection path to determine probable telecommunication paths from source to target. This monitoring may require court-ordered “trap and trace” techniques applied to conventional telecommunication lines.
End-game search—Using evidence about likely physical or cyber location and characteristics of the attacker, other sources (HUMINT informants, OSINT, other standard investigative methods) are applied to search the reduced set of candidates to locate the attacker.

9.6 Survivable Information Structures

Beyond the capabilities to detect and respond to attacks is the overall desired property of information system survivability to provide the following characteristics:

Fault tolerance—Ability to withstand attacks, gracefully degrade (rather than “crash”), and allocate resources to respond;

Robust, adaptive response—Ability to detect the presence of a wide range of complex and subtle anomalous events (including events never before observed), to allocate critical tasks to surviving components, to isolate the failed nodes, and to develop appropriate responses in near real time;

Distribution and variability—Distributed defenses with no singlepoint vulnerability, and with sufficient diversity in implementations to avoid common design vulnerabilities that allow single attack mechanisms to cascade to all components;

Recovery and restoration—Ability to assess damage, plan recovery, and achieve full restoration of services and information.

Survivable systems are also defined by structure rather than properties (as above), characterizing such a system as one comprised of many individual survivable clusters that “self-extend,” transferring threat and service data to less capable nodes to improve overall health of the system

The U.S. Defense Advanced Research Projects Agency (DARPA) survivability program applies a “public health system” model that applies (1) distributed immune system detection, (2) active probing to diagnose an attack and report to the general network population, (3) reassignment of critical tasks to trusted components, (4) quarantine processes to segregate untrusted components, and (5) immunization of the general network population [52]. The DARPA program is developing the technology to provide automated survivability tools for large-scale systems.

9.7 Defense Tools and Services

System and network administrators require a variety of tools to perform security assessments (evaluation of the security of a system against a policy or standard) and audits (tracing the sequence of actions related to a specific security-relevant event)

9.9 Security Analysis and Simulation for Defensive Operations

Security analysis and simulation processes must be applied to determine the degree of risk to the system, to identify design, configuration, or other faults and vulnerabilities, and to verify compliance with the requirements of the security policy and model. Depending on the system and its application, the analysis can range from an informal evaluation to a comprehensive and exhaustive analysis.

The result of the threat and vulnerability assessment is a threat matrix that categorizes threats (by attack category) and vulnerabilities (by functions). The matrix provides a relative ranking of the likelihood of threats and the potential adverse impact of attacks to each area of vulnerability. These data form the basis for the risk assessment.

The risk management process begins by assessing the risks to the system that are posed by the risk matrix. Risks are quantified in terms of likelihood of occurrence and degree of adverse impact if they occur. On the basis of this ranking of risks, a risk management approach that meets the security requirement of the system is developed. This process may require modeling to determine the effects of various threats, measured in terms of IW MOP or MOEs, and the statistical probability of successful access to influence the system.

Security performance is quantified in terms of risk, including four components: (1) percent of attacks detected; (2) percent detected and contained; (3) percent detected, contained, and recovered; and (4) percent of residual risk.

This phase introduces three risk management alternatives.

Accept risk—If the threat is unlikely and the adverse impact is marginal, the risk may be accepted and no further security requirements imposed.
Mitigate (or manage) risk—If the risk is moderate, measures may be taken to minimize the likelihood of occurrence or the adverse impact, or both. These measures may include a combination of OPSEC, TCSEC, INFOSEC, or internal design requirements, but the combined effect must be analyzed to achieve the desired reduction in risk to meet the top-level system requirements.
Avoid risk—For the most severe risks, characterized by high attack likelihood or severe adverse impact, or both, a risk avoidance approach may be chosen. Here, the highest level of mitigation processes are applied (high level of security measures) to achieve a sufficiently low probability that the risk will occur in operation of the system.

When the threats and vulnerabilities are understood, the risks are quantified and measures are applied to control the balance of risk to utility to meet top-level security requirements, and overall system risk is managed.

10
The Technologies of Information Warfare

The current state of the art in information operations is based on core technologies whose performance is rapidly changing, even as information technologies (sensing, processing, storage, and communication) rapidly advance. As new technologies enable more advanced offenses and defense, emerging technologies farther on the horizon will introduce radically new implications for information warfare.

10.1 A Technology Assessment

Information warfare–related technologies are categorized both by their information operations role and by three distinct levels of technology maturity.

Core technologies are the current state-of-the-art, essential technologies necessary to sustain the present level of information operations.
Enabling technologies form the technology base for the next generation of information warfare capabilities; more than incremental improvements, they will enable the next quantum enhancement in operations.

Emerging technologies on the far horizon have conceptual applications when feasibility is demonstrated; they offer a significant departure from current core technologies and hold the promise of radical improvements in capability, and changes in the approach to information operations.

Developers, strategists, and decision makers who create and conduct information operations must remain abreast of a wide range of technologies to conceive the possibilities, predict performance impacts, and strategically manage development to retain leadership in this technology-paced form of warfare.

U.S. panels commissioned by the federal government and independent organizations have considered global environment as well as information technology impacts in studies of the intelligence organizational aspects of information-based warfare.

Preparing for the 21st Century: An Appraisal of U.S. Intelligence—An appraisal commissioned by the U.S. White House and Congress.
IC21—The Intelligence Community in the 21st Century—A “bottom-up” review of intelligence and future organization options by the U.S. Congress.
Making Intelligence Smarter: The Future of U.S. Intelligence—Report of an independent task force sponsored by the Council on Foreign Relations, February 1996.

10.2 Information Dominance Technologies

Three general areas characterize the information dominance technologies: collection of data, processing of the data to produce knowledge, and dissemination of the knowledge to humans.

Collection—The first area includes the technical methods of sensing physical phenomena and the platforms that carry the sensors to carry out their mission. Both direct and remote sensing categories of sensors are included, along with the means of relaying the sensed data to users.

Processing—The degree and complexity of automation in information systems will continue to benefit from increases in processing power (measured in operations per second), information storage capacity (in bits), and dissemination volumes (bandwidth). Processing “extensibility” technologies will allow heterogeneous nets and homogeneous clusters of hardware along with operating systems to be scaled upwards to ever-increasing levels of power. These paramount technology drivers are, of course, essential. Subtler, however, are the intelligent system technologies that contribute to system autonomy, machine understanding, and comprehension of the information we handle. Software technologies that automate reasoning at ever more complex levels will enable humans to be elevated from data-control roles to informationsupervision roles and, ultimately, to knowledge-management roles over complex systems.

Dissemination—Communication technologies that increase bandwidth and improve the effective use of bandwidth (e.g., data, information and knowledge compression) will enhance the ability to disseminate knowledge. (Enhancements are required in terms of capacity and latency.) Presentation technologies that enhance human understanding of information (“visualization” for the human visual sense, virtual reality for all senses) by delivering knowledge to human minds will enhance the effectiveness of the humans in the dominance loop.

10.2.1 Collection Technologies

Collection technologies include advanced platforms and sensing means to acquire a greater breadth and depth of data. The collection technologies address all three domains of the information warfare model: physical, information, and perceptual variables.

10.2.2 Processing Technologies

Processing technologies address the increased volume of data collected, the increased complexity of information being processed, and the fundamental need for automated reasoning to transform data to reliable knowledge.

Integrated and Intelligent Inductive (Learning) and Deductive Decision Aids

Reasoning aids for humans applying increasingly complex reasoning (integrating symbolic and neural or genetic algorithms) will enhance the effectiveness of humans. These tools will allow individuals to reason and to make decisions on the basis of projected complex outcomes across many disciplines (e.g., social, political, military, and environmental impacts). Advances in semiotic science will contribute to practical representations of knowledge and reasoning processes for learning, deductive reasoning, and self-organization.

Computing Networks (Distributed Operating Systems) With Mediated Heterogeneous Databases

Open system computing, enabled by common object brokering protocols, will perform network computing with autonomous adaptation to allocate resources to meet user demands. Mediation agents will allow distributed heterogeneous databases across networks to provide virtual object-level database functions across multiple types of media.

Precision Geospatial Information Systems

Broad area (areas over 100,000 km2) geospatial information systems with continuous update capability will link precision (~1m) maps, terrain, features, and other spatially linked technical data for analysis and prediction.

Autonomous Information Search Agents

Goal-seeking agent software, with mobile capabilities to move across networks, will perform information search functions for human users. These agents will predict users’ probable needs (e.g., a military commander’s information needs) and will prepare knowledge sets in expectation of user queries.

Multimedia Databases (Text, Audio, Imagery, Video) Index and Retrieval

Information indexing discovery and retrieval (IIDR) functions will expand from text-based to true multimedia capabilities as object linking and portable ontology techniques integrate heterogeneous databases and data descriptions. IIRD functions will permit searches and analysis by high-level conceptual queries.

Digital Organisms

Advanced information agents, capable of adaptation, travel, and reproduction will perform a wide range of intelligent support functions for human users, including search, retrieval, analysis, knowledge creation, and conjecture.

Hypermedia Object Information Bases

Object-oriented databases with hyperlinks across all-media sources will permit rapid manipulation of large collections of media across networks.

10.2.3 Dissemination and Presentation Technologies

Dissemination technologies increase the speed with which created knowledge can be delivered, while expanding the breadth of delivery to all appropriate users. Presentation technologies address the critical problems of communicating high-dimensionality knowledge to human users efficiently and effectively, even while the human is under duress.

10.3 Offensive Technologies

Current offensive technologies (Table 10.4) are essentially manual weapons requiring human planning, targeting, control, and delivery. Enabling technologies will improve the understanding of weapon effects on large-scale networks, enabling the introduction of semiautomated controls to conduct structured attacks on networks. Integrated tools (as discussed in Chapter 7) will simulate, plan, and conduct these semiautomated attacks. Emerging technologies will expand the scope and complexity of attacks to provide large-scale network control with synchronized perception management of large populations.

Computational Sociology (Cyber PSYOPS)

Complex models of the behavior of populations and the influencing factors (e.g., perceptions of economy, environment, security) will permit effective simulation of societal behavior as a function of group perception. This capability will permit precise analysis of the influence of perception management plans and the generation of complex multiple-message PSYOPS campaigns. These tools could support the concepts of “neocortal warfare” in which national objectives are achieved without force [29,30].

10.4 Defensive Technologies

Core defensive technologies (Table 10.5) now being deployed by both the military and commercial domains provide layers of security to bridge the gap between the two approaches.

First generation (and expensive) military “trusted” computers based on formal analysis/testing, and dedicated secure nets with strong cryptography;
Commercial information technologies (computers, UNIX or Windows NT operating systems, and networks) with augmenting components (e.g., firewalls, software wrappers, smart card authentication) to manage risk and achieve a specified degree of security for operation over the nonsecure GII.

Enabling technologies will provide affordable security to complex heterogeneous networks with open system augmentations that provide layers of protection for secure “enclaves” and the networks over which they communicate.

Innovation and Value Chains

Innovation Capacities

Innovation and Value Chains

Abstract

Innovation is frequently obtained through exogenous means by companies inserting themselves within a value chain. Placement within a value chains indicates that businesses are receiving materials to one firm and then handing their products they’ve serviced to another firm. Two examples of this include chip manufacture and metallurgy – the former assemblies parts to be handed to technology firms which insert them into finished hardware components that are then put to market while the later processes raw metals in order to develop products such as steel that is machine lathed into household goods or for use in construction. Firms competitive positionsarepositivelytransformed and capabilities for innovation emerge in these situations as a result of changes in exogenous and endogenous factors. Cooperation and the acquisition of technologyrepresent the former whereas budgetary expenditure on research and developmentis an examples of the latter. Oftentimes government or business sector interests assist in the development of such activities as it provides net benefits to the country and the local capabilities of the industry. This is accomplished through maintaining a balance between these external and internal factors and properly exploiting them.

Keywords: innovation capacities, technological innovation capabilities, organizational congruence, triple helix

Body

Managing Technological Development: Lessons from the Newly Industrializing Countries

When firms decide to invest in a particular technology it represents both a set of engineering norms associated with it, expected costs, benefits and methods as well as capabilities that can be acquired by those gaining experience with that technology. This consideration is important to examine when considering which technologies to upgrade to or abandon. The identification of local needs are important when establishing such a framework, however, to think with an eye to future innovations also requires to think in a less constrained manner. This requires the collection of information on a large number of indicators and openness to looking far outside the domestic borders to determine what is valued by companies within various supply chains.

In this article by Dahlman, Ross-Larson and Westphal, the authors open with a description of how the Brazilian steel company Usiminas first came into being. Prior to its innovation activities, the Brazilian steel industry was not engaged in any of the high-value-added services that firms in more advanced countries did. It was only after agreeing to a period of apprenticeship under those who had already learned the mechanically technical and physically dangerous processes involved in using blast furnaces, basic oxygen converters and rolling mills through experience in Japan and could demonstrate the capability to do it unaided they the keys, to use an American idiomatic expression, were given to them. Due to an unplanned-for economic recession, the company had to readjust its planned operations. Demonstrating how technological development functions in such settings, they managed to improve their operations by stretching their capacities and applying new methods of developing desired goods by setting up an internal research department. This allowed them not only to profit sufficiently as to be able to expand but to spin off its engineering department so as to provide technical assistance to other companies. Usiminas thus showed a capacity to not only exploit its core mission, producing steel according to international industry standards, but to develop a core competence that allowed it to expand and thrive.

Because of the high technical nature of complex industries, it is typical for new industries to be founded in underdeveloped countries with the assistance of foreign companies and domestic governments. To attract foreign companies to already engaged in such activities to, industry associations will pressure governments to adopt technological policies that create incentives for technology transfer and alterations of regulatory environments and penalties for firms that are considered chronic laggards. With this activity, specialized technological agents come into being to either facilitate such activities or to form their own firm related to their specialization. Through their help, more efficient and productive use of the resources occurs and the government can pull back from the role of guaranteeing returns on investments and instead of assisting research institutes. One of the common features of successful technological development policy is a market-positive environment wherein government intervention is limited only to providing assistance during periods of market failure. In such circumstances, the “right” capabilities will emerge on their own as a result of sector-specific needs.

While the Resources to Capabilities to Competencies video is far more simplistic than the examples described in Managing Technological Development: Lessons from the Newly Industrializing Countries, I’ve included the below screenshot from the video as it does show a version of the steps involved in their innovation development activities described therein. Conscientious measurement and strategic planning based on that allows for resources to grow into capabilities and competencies that can create competitive advantages for firms.

Innovative Capability Audits of University Research Centers

Whilst the above provides a number of case studies and theoretical reflections, the findings of this article in the literature on technology audits and other assessment tools which are sourced from a technology management development program for a university research center. It then describes an innovative method developed specifically for that center, communicates that that design’s motivating factors, and analyzes the results acquired from the research process. It is, in short, a granular exemplum of a methodology for how to develop innovation.

Citing David Klein’s 1995 book The Strategic Management of Intellectual Capital, Nystrom shares the general framework within which the subsequent research and development program was structured:

understanding the relevant strategic and operational roles in the organization, what is needed today and tomorrow
creating an infrastructure for cultivating and sharing it
creating the culture that encourages it
monitoring, valuing and reporting it

And then go on to Burgelman and Maidique’s 1988 the Innovative Capabilities Audit Framework which describes five categories of variables that influence innovation strategies for a business unit:

Resources available for innovative activities.
Capacity to understand competitor innovative strategies.
Capacity to understand technological developments.
Structural and cultural context of the organization affecting entrepreneurial behavior.
Management capacity to deal with entrepreneurial activities.

In order to develop their assessment tools which comprised of nine criteria which addressed the center’s resource, strategy, and method of implementation through a series of surveys throughout the 5 phases of the innovation process. Since I’ve already quoted extensively from the article in the above description of the framework and categories of influence I’ll skip over what they developed specifically and turn instead to how they used it.

The questions from the audit framework they developed were directed to the stakeholders involved in order to measure the groups capacity to engage in teamwork, their level of technical knowledge and where they believed growth was most appropriate, enthusiasm for the process and final project, barriers to effective actions, perceived resources, most effective communicational protocols, and organizational structure, etc. This provided learning and team-building opportunities for those involved with the development and administration of the Research Center by forcing stakeholders to assess and reflect on what worked well or what did not. Having the capability to compare personal views with other members and then consider those differences during structured discussion sessions meant that external experts were not needed to provide the assessment.

While the context of this is very different from the Professional Learning Communities that I participated in as a History professor at Broward College – we were not trying to build a new center but to merely unify the direction of lesson planning so that there were clear overlaps in instructional material between Parts I – IV of the required History and Political Science curriculum – there are some overlaps as well. Results from our structured surveys and meetings allowed for rapid availability and easy explanations as to how we could all “get on the same page” to improve the learning capabilities and gains of our students.

Methodology for Evaluating Innovation Capabilities at University Institutions Using a Fuzzy System

I love data science and so found the methods described in this article, to use non-engineering terminology, to be really cool. As knowledge is what allows for the transformation of new technologies for industries the authors look to identify Technological Innovation Capacities through quantification and examination of the Triple Helix. This Triple Helix model generates an quantified infrastructure for the articulation of knowledge within the participating institutional entities (firms, educational institutions, and government) and provides the basis for the formulation of strategies for innovation development via surveys which substitute for quantitative market indicators.

The authors use the Model of Organizational Congruence developed by Nadler and Tushman in 1980 to structured to identify inputs, outputs, and the transformation process in line with four congruent components: “the tasks (the work that has to be done;) the individuals (the members of the organization;) the formal organization (the formal agreements at the interior of the organization, the structure and the processes adopted so the individuals execute the tasks;) and the informal organization (that which has not been directly formalized and is related to the culture that surges spontaneously and naturally between people that hold positions in the formal organization.)”

Because of the difficulty in being able to measure technological innovation capabilities – which are after all not operational unto themselves nor directly identifiable, judgments from all of those who’ve been surveyed are placed into a fuzzy logic framework in order to provide a more appropriate form to all of these subjective impressions.

A fuzzy logic system: “allows easy use of the knowledge of subject experts, as a starting point for automatic optimization when formalizing the occasionally ambiguous knowledge of an expert (or of common sense) in an attainable form. Additionally, thanks to the simplicity of the necessary calculations (sums and comparisons), they can usually be performed in comfortable, fast systems” (Martin and Sanz 2002, p. 248). The scorecards allow for the presentation of ranges on a variety of issues that provides the capacity to determine the weight for each set of questions on a high, medium to low scale.

While not directly related to the methodology described above, it’s perhaps worth mentioning here the Theoretical Framework video provides a more simplified example for mapping the relationships amongst a variety of concepts like the one described above.

According to it by writing the general problem, writing a research question, identifying the key concepts, defining these concepts with literature support, identifying the existing or potential relationships between these concepts, and identifying what indicators will be studied one can construct academically and practical studies. Based on this and the above fuzzy logic model, it becomes possible to determine areas in which Serrano and Robeldo’s work could potentially be combined with other data to find meaningful relationships.

Innovative capability and Export Performance of Chinese firms

A broader example of measuring and forecasting innovation than the above two examples is found in Guan and Ma’s article Innovative Capability and Export Performance of Chinese firms. Based on the data provided them from a sample of 213 Chinese industrial firms the authors examine seven innovation capability dimensions (learning, research and development (R&D), manufacturing, marketing, organizational, resource allocating and strategy planning) and three firm characteristics (domestic market share, size, and productivity growth rate) in evaluating their export performances.

After providing a brief literature review of innovation capabilities the authors, per the Theoretical Framework model, then describe what they developed based on that study which would be used in their own research. They produced a very complex modeling formula which divided innovation capabilities into seven dimensions based on a number of specific indexes of measurement:

(1) learning capability (including nine indexes)

(2) R&D capability (including 13 indexes)

(3) manufacturing capability (including eight indexes)

(4) marketing capability (including nine indexes)

(5) organizational capability (including 12 indexes)

(6) resources exploiting capability (including eight indexes)

(7) strategic capability (including 12 indexes).

One of the limits of the analysis which follows based on this model is the lack of cooperation from the companies under study. Guan and Ma state that they were able only to obtain labor productivity growth rates and not the real labor productivity data. This isn’t to say that their research project becomes valueless, just that some of the findings are intuitive to existent literature – such as how firm’s size and its export ratio shows that the competitive advantage of larger firms in exporting and that smaller firms prefer to focus on filling the needs in the domestic market because of the high cost of operation associated with high entry barriers. Other areas of investigation, where more meaningful research emerges, is in the relationship between specific sectors and how if greater process capabilities were matched they’d be able to achieve market requirements in a more timely fashion. This finding is one repeated from the Dahlman, Ross-Larson and Westphal article. In other words when market indicators can more clearly be described and shared with those involved – capacities for innovation amongst firms increase as they have some degree of assurance that their investments will lead to profits. By testing their data they are able both to verify certain relationships, and to determine which are most significant, which is important for determining how to proceed with policy changes necessary to ensure investment in innovation capacity will leads to beneficial results.

Conclusions

Improving innovative capacity requires measurement of numerous variables and the strategic development of them in relation to indicators that are found in the marketplace. By being able to produce goods and services that are valuable, rare, difficult to imitate, and difficult to substitute they develop competitive advantages. Quantitative, qualitative, and multi-dimensional research tools combined with market research provide the methods by which these niches are found, and internal and external knowledge acquisition lead to their development.

Recommendation

Innovation and invention are not possible without a strong base in the knowledge of the work being done. As the above shows, it’s only through extensive training in fields of knowledge does innovation becomes possible. Exogenous and endogenous cooperation and the acquisition of new technology is the precursor for being able to apply capabilities to develop marketable goods and services. Being able to manipulate symbols or materials, organize in a more effective manner, more rapidly and at a better cost market the fruits of labor, etc. are all part of the preconditions which lead to innovation and invention.

Bibliography

Guan, J. M. (2003). Innovative capability and export performance of Chinese firms. Technovation, 23, 737-747.

Nystrom, H. “Innovative Capability Audits of University Research Centers,” Proceedings – 9th International Conference on Management of Technology, Miami, FL, Feb. 2 2000, CD-ROM.

Serrano G., J., y Robledo V., J. (2013). Methodology for Evaluating Innovation Capabilities at University Institutions Using a Fuzzy System. Journal of Technology Management and Innovation. Vol 8.

Sher, P. J., y Yang, P. Y. (2005). The effects of innovative capabilities and R&D clustering on firm performance: The evidence of Taiwan’s semiconductor industry. Technovation, 25, 33-43.

Wang, C., Lu, I. Y., y Chen, C. B. (2008). Evaluating firm technological innovation capability under uncertainty. Technovation, 1-15.

Yam, R. C., Pun, J. C., Guan, J. C., y Tang, E. P. (2004). An audit of technological innovation capabilities in Chinese firms: Some empirical findings in Beijing, China. Research Policy, 33, 1123-1140.

Innovation: Internal and External Drivers and Markers

Abstract

The ability to exploit internal and external knowledge is a critical component of business capability to innovate. It is not sufficient merely to have identified the areas of knowledge to be exploited and transformed them into routines, it’s also important to determine that which isn’t fully known in order to determine whether or not research and development within that region of activity should be pursued. Because there is an ambiguity of scope in the skills and strategies required to innovative, quantitative processes are required in order to ensure that the proper routines and skills are implemented and developed within the firm.

Key Words: Evolutionary Economics, Absorptive Capacity, Tacit Knowlege, Economic Change, Behavioral Theory

Introduction

Epistemology of human activity and business is a core component of innovation development and optimal functioning of a firm. By better understanding the drivers of interpersonal, cooperative behavior in business settings and how it is that knowledge is developed and operated as embodied knowledge, and how expenditures affect the long-term survivability of firms in competitive conditions it’s possible to develop a behavioral theory to guide evolutionary economic change.

Body

Karl Polyani’s Personal Knowledge: Towards a Post-Critical Philosophy is a beautiful exploration of knowledge and its application. Using Gestalt psychology methods, a form of psychoanalysis that examines the various pieces of a whole in its simplest forms and then constructs a broader picture based on the pattern, Polyani examines the history and practices of scientific knowledge and practical application in a manner that it as times quite poetic. He claims that his work is in the tradition of destructive analysis – in that he seeks to engage in a form of deconstruction of his subjects so that some of the operating presumptions that inform practices related to knowledge can be more clearly seen.

First examined is tradition, whose first formalization with the social sphere occurs via the relationships between master and apprentice. The older practitioner of the art of science, be it of agricultural or mechanical engineering, has internalized the rules of the field to such a degree as a result of their trial and errors such that they are able to embody and transmit a coherent system of conceptions. Polyani says that this diffusion of knowledge is intimately related to human interactions – despite the capacity to capture it in books, journals, and other media – and validates this claim by pointing to the fact that “the regions in Europe in which the scientific method first originated 400 years ago are scientifically still more fruitful today, in spite of their impoverishment than several overseas areas where much more money is available for scientific research.” He relates this fact to the British common law, which is founded on precedents, as it accustomed the people in those regions not to invert ever new cases in but to have a traditional worldview.

Relating this practice to approaching knowledge to connoisseurship, which is a skill that can only be obtained and then transmitted by example rather than rote memorization of precept, Polyani then claims that it becomes possible to understand the level of knowledge and skills related to that a particular person has by placing them on a form of a gradient. To use the example provided by Polyani, wine to provide an illustration of what he means would look as follows – it’s possible that a connoisseur would able to place the region of any French wine and know which goes with what food prepare with one of the five mother sauces, but not able to do the same for Spanish, Californian or Chilean wine and their foods. A different example, more suited to Colombia’s cafeteria, stems from the training I receive on becoming a Shift Supervisor at Starbucks. We spent several hours learning how the soil of coffee beans from each region impacted it’s flavor and were trained to have the proper language in which to explain the differences in taste.

This capacity to articulate is ultimately reflecting the tacit intellectual powers of humans and allows them to strive to explore new fields of knowledge. Our awareness of the lack of understanding in certain areas wherein problems are seen as needing to be solved becomes a form of psychological drive that separates us from the animal world. To see a problem which has not been but can be solved is a discovery, according to Polyani, in its own right. The value that one gets from this is both personal and often if the observation can be applied, market-based. Building on individual psychology model as well as the history of science and technological development since the beginning of the 20^thcentury – the strict utilitarian model of Science policy adopted by the Socialist governments is described as inferior.

Where Polyani closes the reading selection on the relationship between scientific thinking, operational principles of technology, standards and invention Cohen and Levinthal describe this in more depth in an applied context, i.e. the operation of a firm.

The capacity to exploit external knowledge is a critical component of firm innovations and a firm’s capacity to recognize and organize in response to new information and competitive pressures is described as being a synergy that is qualitatively different from the net capacity of each individual. The authors view this learning capacity as so adjacent to problem-solving that there is little reason to differentiate their moves of development. Both represent the new-knowledge creating capacity as well as capability of applying it.

Effective absorptive capacity in this socialized setting thus requires a common language. Failures to convey the importance of a market change or how new technology can be profitably adopted for use within production means that opportunities are lost or evolution is delayed. This does not mean that diversity of knowledge is a barrier to absorptive capacity – in fact just the opposite. The capacity for novel associations and linkages to be made is one of the preconditions for innovative development. Instead what is required is a common set of concepts and patterns of behavior that allows for transmission between divergent thinkers as to how innovations can be developed or technologies transferred to improve the metrics of business operations. Absorptive capacity is not just “the acquisition or assimilation of information by an organization but also to the organization’s ability to exploit it.”

Cyert and March’s Behavioral Theory of the Firm is a major referent within professional and academic literature given its deep and practical insight into business operations. By focusing on a small number of important economic decisions made by the firm, Cyert and March develop a process-oriented model based on empirical observations that has a generality that is scalable beyond specific firms.

Describing how it is that firms and organizations manage the limited set of resources in Chapter 3, Cyert and March builds on observations that she’s made in previous chapters. Because organizations are viewed not viewed primarily as being profit-driven, there is lots of personal and emotional investment made by the various entrepreneurial leaders within it, Cyert and March states that it’s best to perceive of organizations as a coalition with moving boundaries. She states that this is not an innovative model – and that this conception of the organization can be found in the theory of teams, game theory, and the inducements-contributions schema – which all presumes that there is some manner for collectively arriving at the enunciation and action upon the goals the organization develops. While the continuation of the organization’s existence is clearly a primary factor, there are numerous other conspicuous choices that lead to a “continuous bargaining-learning process” that does not necessarily product unswerving goals but something like a business ethic approached by habit. These ambitions often make their way into foundational operations documents and one such example that has received much coverage within the business and technology press is Google’s rule to “Do no evil.” While much outside criticism has been made of this in relation to their choice to engage in contract work for China and the United States Department of Defense, the most important debates occur internally wherein the various coalitions form objectives and bargain.

One of the central processes connected to coalition formation and goal specification is the bargaining practice which delegates side payments. Side payments come in many forms such as “money, personal treatment, authority, organization policy, and so forth”. While in the political rather than the business realm the delegation of such benefits in return for policy commitments is called patronage, the same pejorative standard view is not here appropriate as this has the effect of reducing friction between workers and managers whose resentments and interpersonal conflicts can lead to various ill effects on the company. Taking on a client that is known to be overbearing rather than passing, for example,

The formulation of these are imperfectly rationalized and frequently stated in the form of commitments that are constrained by context and are aspirational and thus not-operational. Worded in a less technical manner, the objectives connected to the commitment to various side payments tend to address the emotional concerns between coalition members rather than the day to day and medium to long term operations. This is not to say that the former doesn’t have an impact on the latter, but that the commitments connected to this are of a qualitatively different nature. While these processes are punctuated by specific meetings – quarterly, yearly, or called as needed given a new business or environmental conditions – it is actually a continuing process. Another major mutual control system for the elaboration of commitments and elaboration of functions are budgets.

Budget, job descriptions, organizational charts, and elaboration of specific objectives impose much tighter constraints and the fact that “organizations have memories in the form of precedents” these are considered to be a great bind on the behavioral patterns of individuals and coalitions with the firm. Renegotiation of these are terms are done in a more formal fashion and, depending on the size and intensity of the internal conflicts within a firm, can require that external people are brought in to assist with the smoothing of the decision-making process. While both this and side payments are considered part of a larger arbitrary process to ensure organizational functioning – this aspect is much more determined by prior history.

One of the ways that organizations are able to continue despite there being conflicting goals is the inherently limited attention focus of those engaged in bargaining and organizational slack.

Attention focus refers to the fact at any normal moment there are simply too many considerations in play to let any one of them be the overarching issue-defining inter-organizational coalitions demands while slack refers to the willingness not to allow minor variations in the expectations created by agreements to define and thus destroy peaceable relationships. Another way of summarizing these two aspects is to say that people are adaptable and barring gross violations of expectations are able to adjust as needed in order to ensure the steadiness of operations. According to Cyert and March, “Slack operates to stabilize the system in two ways: (1) by absorbing excess resources, it retards upward adjustment of aspirations during relatively good times; (2) by providing a pool of emergency resources, it permits aspirations to be maintained (and achieved) during relatively bad times.”

With these considerations in mind, it becomes possible to develop predictive theory and strategy for operations that inform the construction of business goals as well as pricing and output decisions. Cyert and March claim that there are normally five different meta-goals that inform the more granular inventory, market share, profit, and production goals. While it is rational from a position in which strategy is determined to separate each of these into differentiated buckets, the truth is that all of them form a living feedback loop wherein each impacts the other. Demands by management are limited by those of the staff, and vice versa. The demands of the markets are limits by the capacities of managers to organize production in a competitive environment, and vice versa.

Nelson and Winter expand upon the research of the above authors by focus on the skills and routines of the business. Constantly facing competition from other firms that seek to extract market share via imitation or outright replication of the services they provide – the authors adopt a quasi-Marxian mode of capitalist analysis that rejects the profit-maximalization of orthodox theory. Their heterodox approach is a manner of appreciative theorizing, meaning that they are less interested in developing a series of formal theories that describe how things operate based on presuppositions as much as they are interested in examining “how things actually work”.

Because of this, they place a high value on the role of routinization within organizations. This they view as more important than skills as it is often the case that certain tasks can be completed via a variety of actions and as routines form the basis of most day to day activity. Skills are, furthermore, programmatic – that is, based on tacit knowledge – and thus of less concern than the routines – that is, based on explicit knowledge – which determines the application of skills. The capability to turn technological knowledge that problem-solves an issue into a novel routine that is one definition of an innovation that has the outcome of benefitting the company.

When an effort is made to incorporate an existing routine as a component of innovative routines, Nelson and Winter state that it is advantageous if two conditions are satisfied.

The routine has been established as reliable – that is, fully under control and without uncertainty as to the results.
The new application of the existing routine be as free as possible from operational and semantic ambiguities of scope, i.e. too dependent on the idiosyncratic application of individual skills.

In Chapter 12 Nelson and Winter continue their deployment of Schumpeter as a model to analyze the benefit obtained from leadership in technological innovations. The relationship between market structure and innovation is a complex one and there are no general rules which determine whether or not . Instead firms must look to their price-cost ratios, measure the short and long term effect of R&D expenditures, and analysis of a variety of other techniques that can lead to greater competitive capacity. After all, these reduce funds available for investment in other areas which can be beneficial, such as that designated for opening up markets elsewhere. As the authors themselves state: “The function of competition is to get-or help to get-the signals and incentives right. In evolutionary theory, choice sets are not given and the consequences of any choice are unknown. Although some choices may be clearly worse than others, there is no choice that is clearly best ex-ante.”

Conclusions

Economic competition is not always about short term profit maximization but a complex process of navigating a number of different factors. An evolutionary model of economics must recognize the limits inherent in human’s capacities to adapt new languages with which to describe the problems that they face in the market and adopt new technologies and methods. As covered in more depth in the Chapter 5 response, the habits of scientific thinking and practical action connected to it via investigations and firm activities aren’t so transferred and requires extensive application of the scientific method. Technical progress can lead to first-mover benefits, but the returns can also be so marginal and meaningless as not be worth it. In this context, quantitative methods are required to provide a comprehensive assessment as to whether or not the environment is appropriate for such evolutionary activity.

Recommendations

Properly understanding signals internally and externally requires a series of reflective and consultative processes in order to ensure necessary evolutionary steps are taken by firms. Developing a language for this requires conscientiousness development amongst those managers, administrators and the executive staff in order to ensure competitiveness is maintained via the proper incentives and direction of research and development.

Bibliography

Cyert, Richard Michael, and James G. March. A Behavioral Theory of the Firm. Martino Publishing, 2013.

Cohen, Wesley M., and Daniel A. Levinthal. “Absorptive Capacity: A New Perspective on Learning and Innovation.” Administrative Science Quarterly, vol. 35, no. 1, 1990, p. 128., doi:10.2307/2393553.

Polanyi, Michael. Personal Knowledge: Towards a Post-Critical Philosophy. University of Chicago Press, 1992.

Nelson, Richard R., and Sidney G. Winter. An Evolutionary Theory of Economic Change. The Belknap Press of Harvard Univ. Press, 2004.

Notes from Insurgencies are Organizations Too: Organizational Structure and the Effectiveness of Insurgent Strategy

From Peace and Conflict Review · Volume 6 Issue 1 · Year 2011 · Page 22

Written by Ethan Frisch holds an Msc in Violence, Conflict and Development, University of London.

***

In April of 1965, Ernesto ‘Che’ Guevara, hero of the Cuban revolution, traveled with a group of Cuban fighters to eastern Congo to support the rebellion against the American- and Belgian-backed government. He intended to share his experiences from the success of the Cuban revolution with Congolese fighters by deploying experienced Cuban fighters alongside inexperienced Congolese recruits. He hoped the Congolese would learn by example, through a process he called ‘Cubanization’, and take on the Cuban fighters’ technical skills and revolutionary mentality. The Preface to his account of his time there, however, begins, ‘This is the history of a failure.’ Guevara very quickly realized that the context of the Congolese revolution was dramatically different from the one he had known in Cuba. The lessons he had learned in the mountains of the Sierra Madre were not always relevant to the Congolese context, and instead of the ‘Cubanization’ of the Congolese soldiers he had hoped for, he observed a ‘Congolization’ of the Cubans, as they adapted to the new environment and began to emulate their Congolese colleagues (Guevara, 2001).

First, I argue that insurgent organizational structure and subsequent strategic decision-making evolve organically, as a natural result of the organization’s short- and long-term goals, economic and social resources, observations and responses to the enemy’s behaviour, and other contextual factors. Second, I argue that the relationship between structure and organizational effectiveness is a product of context, and that in a post-9/11 global context of weak borders, wide-reaching media, centralized counter-terror networks and easy transportation and communication, a decentralized, international network is the most effective structure for an insurgent organization.

five key dilemmas of insurgent organizing: (1) action versus secrecy; (2) growth versus control; (3) recruitment versus retention; (4) success versus longevity; and (5) resources versus constituencies. Dilemmas are a widely used tool in organizational economics and psychology to understand the complexities of decisions that organizations face. They emphasize that choices are not binary and highlight the organization’s agency in negotiating the various challenges they face.

Insurgent organizations exist along a spectrum, from hierarchical to network structures. I introduce a second spectrum along which networked insurgencies can be classified, from local to international structures.

Definitions

For the most part, the use of the term insurgency implies an organized, armed resistance movement, and so for the purposes of this paper will be defined as:

A non-governmental organization working to affect social and/or political change through violent means against existing power structures and in a way that deliberately challenges the state’s monopoly on the legitimate use of violence.

It is also important to differentiate insurgencies from organized criminal groups, whose orientation is primarily towards profit-making.

Dilemma One: Action versus Secrecy

Simply put, any insurgency has two complementary operational goals: to carry out attacks, and to avoid getting caught. The inherent paradox of implementing those goals, however, is that the more attacks an organization carries out, the less secret the organization will be and thus the higher the likelihood they will be defeated.

Heightened secrecy can also have a detrimental impact on an organization’s ability to carry out attacks, as higher levels of secrecy can weaken internal communication and make it harder to coordinate operations.

as organizations emphasize easier internal communication, they become less secure and open themselves up to infiltration and leaks

Dilemma Two: Growth versus Control

As an organization grows in membership, geographical area and diversity and number of activities, the leadership must decide when and how to relinquish the high degree of control they exercised when the organization was smaller. Insurgent organizations, like business corporations, need more people if they want to engage in more activities.

As organizations grow, their structures also become formalized and fixed.

when centralized or decentralized organizations are attacked, each organizational form tends to become more extreme. In a centralized organization, further centralization can make it more vulnerable as the decision-making capacity become concentrated in fewer individuals. In decentralized organizations, a greater degree of decentralization allows the organization to spread to avoid irreparable organizational damage, continue to operate as smaller sub-groups, and to regroup after the attack has ended (Brafman & Beckstrom, 2006).

Johnston argues that the key determinants of insurgent organizational structure are technology and geography. He describes a causal chain in which their interaction influences the type of organization that develops, which has an impact on the organization’s effectiveness.

The role of charismatic leadership is also important in understanding how insurgent organizations grow and change. Jordan, writing about leadership by analysing the assassination of insurgent leaders, finds that although charismatic leadership is key to the creation of a strong insurgent group, it does not determine the group’s ultimate survival and can actually be a hindrance as the group develops over time

two points relevant to the debate on insurgent organizational structure. First, they find that groups with charismatic leaders may resist bureaucratization and growth, and may even resist, at least implicitly, achieving organizational goals. If the leader feels that victory will force the organization to grow beyond his/her control or will remove the organization’s raison d’être, s/he may actually work to ensure that victory is not achieved. Second, they draw a distinction between groups that resemble armies and those that with semi-autonomous squads. They say that in the army-style groups, a loss of leadership always results in the group either being strengthened or collapsing, the group never stays the same or weakens

Groups are founded when charismatic leaders have a set of goals, and when the benefits of membership outweigh the costs for potential recruits. He also agrees that a major function of a terrorist organization is maintaining its own existence, and illustrates that an organization’s leadership needs to sustain the organization overall in order to sustain its privileged position.

Dilemma Three: Recruitment versus Retention

The recruitment-retention dilemma is a particularly pressing one for insurgent organizations

Recruitment is described as an extremely difficult endeavour, and retention is treated mostly as a form of what organizational economics calls ‘contract enforcement,’ focused on convincing members to fulfil their commitments. Actually, the challenge of recruitment is often more related to a lack of quality rather than quantity of recruits

Recruitment

There are three main, overlapping reasons that an individual chooses to join an insurgency: (a) because family members, friends, or other members of the recruit’s social network are involved; (b) because of personal trauma, including violence against the individual and/or his or her family members; and (c) because of deep religious and/or political conviction that inspires a willingness to fight and for a cause

Kuznar, in a wide-ranging psychological and sociological analysis of the reasons people engage in terrorist activities, highlights the significance of a sense of material inequality and lack of fairness as important motivators. He links those sentiments to deeper psychological feelings of resentment and humiliation, which both fuel the motivation to act violently, and create important social bonds with others who share those feelings.

Kuznar also emphasizes the importance of social networks as an important factor in an individual’s decision to participate in terrorism. He highlights the social isolation from mainstream society often felt by migrants… participation in terrorist activities may stem from a psychological impetus to be a part of a supportive group after migrating to an unfamiliar and alienating environment. His conclusions about the role of social networks in recruitment to commit violence is widely supported across the literature, and provide some insight into the non-economic reasons that people choose to participate in terrorist activities

Retention

The factors that contribute to recruitment, like strong social networks, grievance, and incentives also contribute to retention, and do not diminish with membership.

More importantly, access to recruits is a resource in itself, and one that is finite.

Another particularly difficult aspect of retaining group members is that the highest value recruits are also hardest to retain, both because of opportunities outside the insurgency…

The onus is also on the organization to build loyalty.

Dilemma Four: Success versus Longevity

insurgent organizations are primarily rational actors, and that the use of violence, including against civilians, is an effective political tool.

Abrahms disagrees with this conventional wisdom and criticizes the assumptions that underpin it, particularly that terrorist organizations engage in violence with the primarily political goals. He points out seven ways that terrorist organizations contradict the widely held assumption of strategic rationality. He argues that organizational survival and social connections, rather than the achievement of political goals, are the most important factors in the decision-making of terrorist organizations.

Resources versus Constituencies

Olson, writing about bandits in ancient China, presented one of the key choices facing all armed actors with an interest in resource extraction. He presents the ‘roving bandit’ as an armed group that attacks a village, steals as much as they can, and then leaves to do the same to the next village, and the ‘stationary bandit’, a group that establishes itself in a specific area and extracts a smaller, regular tithe from its residents. The stationary bandit will make less money in the short term, but ensures a steady flow of income over the long-term

Modern insurgent organizations often face a very similar dilemma. Weinstein outlines the link between resources, recruitment and organizational structure and behaviour. He argues that insurgencies are dependent on both social and economic endowments, the nature of which influence the organization’s recruitment, structure, goals, and leadership. The crux of his argument rests on the idea that an organization’s methods of resource extraction influence the individuals who choose to join and the way the organization behaves. An organization that depends on the local population for support will employ a ‘stationary bandit’ approach, and attract high-commitment recruits who believe in the organization’s ideology and will employ violence selectively. An organization with access to natural resources or external funding will attract low-commitment recruits who are primarily interested in profit and who have little regard for the lives or livelihoods of civilians, or in establishing a stable system of long-term tax collection. He also argues that the relationship between endowments and an organization’s leadership is mutually reinforcing: endowments shape the leadership’s behaviour, but the leadership can shape endowments as well (Weinstein, 2006).

Context and the Resolution of Dilemmas

It is clear from the dilemmas discussed above that insurgencies need to be dynamic and malleable organizations. They are influenced by a host of contextual factors, which determine the way they negotiate the five dilemmas discussed here.

The distinction between organic and explicit organizational structure and decision-making is important for two reasons. From a policy and particularly counter-insurgency perspective, the conclusion that context is key to the evolution of insurgencies would imply that lessons learned in one context should only be very carefully applied to another. The challenges represented by the dilemmas can be used to frame how an insurgency deals with its context. It also implies, therefore, that if the context in which an insurgency is forming can be changed, so too can the formation of the insurgency. It may be possible to track, or even predict, how those changes will take place if we know how the organization has resolved these dilemmas over time. As such, they can be a useful framework to guide counter-insurgency strategy towards an understanding of the importance of context and the ways it can influence organizational behaviour.

Section 2: A New Spectrum of Insurgent Network Organization

In a modern, post-September 11th context, the strict hierarchical structure has become a liability rather than an asset to an insurgent organization. A number of factors have contributed to this shift, stemming both from the policies and practices related to the Global War on Terror (GWOT) and broader trends of the globalization of travel and trade.

Finally, the wide reach of the media, both in sourcing stories and in reporting them, has created clear incentives for a strategy based on perpetrating a small number of high-profile incidents. Older, hierarchical models of insurgent organization tend to emphasize a long-term strategy based on guerrilla tactics and attrition, whereas modern, networked insurgencies can capitalize on the international media echo to project power and presence through fewer, very public attacks.

Consequently, to be able to accurately analyze the organizational structure of modern insurgencies, it is important to introduce another measure in addition to the hierarchy-network spectrum. As discussed above, hierarchies are becoming less viable as insurgent organizational structures, so the new measure will focus on those organizations closer to the network pole of the spectrum.

Methodology

As we compare the effectiveness of local and international networks by looking at two fairly ideal cases, it’s important to establish a definition of effectiveness as it pertains to the strategies and tactics of insurgent organizations

Based on the Global Terrorism Database’s parameters, effectiveness will be defined by: (1) the frequency of attacks, (2) the sophistication of weapons used, (3) the number of casualties, including injuries and fatalities, caused by individual attacks, (4) the percentage of successful attacks, which are those where law enforcement officials were unable to prevent the attack as it occurred or immediately prior, (5) the defensive capabilities of the target, as the choice and ability to attack military and police targets implies a higher level of organizational effectiveness than attacking civilian or commercial targets, (6) the average number of attackers per incident, because the ability to coordinate more people implies greater organizational effectiveness (7) achievement of their stated goals, and (8) ultimate survival of the organization today.

Conclusion

None of the dilemmas is binary, and each represents a range of choices an organization can make. However, in a modern context of weak borders and easy international transportation, wide-reaching and hyperactive international media outlets, centralized counter-insurgency operations, and inexpensive, reliable means of communication, it would appear that the most effective insurgencies will resolve the dilemmas by evolving an internationally-networked and decentralized organization built of semi-autonomous units with shared goals, ideologies and tactics.

My recommendations to counter-insurgency strategists in government in the United States and Europe are these: harness the energy of insurgency into non-violent political activism, and support and protect the people who choose that route. Development projects aimed at addressing grievances, and at creating economic and social opportunities for potential recruits, could fundamentally change the nature of an insurgent organization before it grows large enough to pose a threat.

In the framework of the five dilemmas, that would entail: encouraging non-violent action over violent secrecy; supporting the growth of movements working to bring about productive social change; recruiting new members and retaining veterans by strengthening social networks and encouraging the use of new means of communication; prioritizing constituencies over resources. In a non-violent and inclusive organization, success and longevity are not mutually exclusive – one success can be the foundation for the next, to construct an organization that is strong enough to resist defeat and flexible enough to recognize and exploit weaknesses in its enemy.

References

Abrahms, M (2008). What terrorists really want: terrorist motives and counterterrorism strategy. International Security, 32(4), 78-105.

Adams, A (2005) ‘The War on Terror in Historical Perspective’ Survival, 47(2), 101-130.
Akerlof, G. & Kranton, R. (2005). Identity and the economics of organizations. Journal of Economic

Perspectives, 19(1), 9-32.
Al Qaeda, (date unknown). Declaration of Jihad against the country’s tyrants: Military series.

Arreguín-Toft, I. (2001). “How the Weak Win Wars: A Theory of Asymmetric Conflict.” International Security 26(1): 93-128.

Aslan, R. The fire this time: On the long-term effects of 9/11. (2011, September 09). Los Angeles Review of Books, retrieved from http://lareviewofbooks.org/post/9988565795/the-fire-this-time

Bassnet, S (2005) ‘Translating Terror’ Third World Quarterly Vol. 26, No. 3, pp 393-403.
BBC. Palestinian Authority funds go to militants. (2003, November 07). Retrieved from http://news.bbc.co.uk/

http://news.bbc.co.uk/1/hi/world/middle_east/3243071.stm

Beall, J., T. Goodfellow and J. Putzel (2006). ‘Introductory article: on the discourse of terrorism, security and development.’ Journal of International Development 18: 51-67.

Beber, B & Blattman, C(2010). The industrial organization of rebellion: the logic of forced labor and child soldiering. Unpublished working paper.

Benmelech, E, Berrebi, C & Klor, E(2010). Economic conditions and the quality of suicide terrorism. NBER Working Paper, 16320,

Berko, A. & Erez, E. (2008), “Martyrs or murderers? Victims or victimizers? The voices of would-be Palestinian female suicide bombers”. In Ness, C. Female terrorism and militancy: Agency, utility and organization, Routledge, London, pp.146-166

Bhat, C (2007) ‘Frontlines and Interstices in the Global War on Terror’ Development and Change Vol. 38, No. 6, pp. 1073-1093.

Bloom, M (2004). Palestinian suicide bombing: public support, market share and outbidding. Political Science Quarterly, 119(1), 61-88.

Brafman, O., & Beckstrom, R. (2006). The starfish and the spider: The unstoppable power of leaderless organizations. New York: Portfolio.

Broekhuizen, Maj. M. (2010). Controlling the human high ground. Military Review, 19-24.
Browning, C., Feinberg, S. & Dietz, R. (2004). The paradox of social organization: networks, collective efficacy, and violent crime in urban neighborhoods.Social Forces, 83(2), 503- 534. Byman, D. (2011). The five habits of highly effective terrorist organizations. Foreign Policy.

Peace and Conflict Review · Volume 6 Issue 1 · Year 2011 · Page 19

Chai, S. (1993). An organizational economics theory of antigovernment violence. Comparative Politics, 26(1), 99-110.

CNN. Bin laden: goal is to bankrupt us. (2001, November 01). CNN World, Retrieved from http://articles.cnn.com/2004-11-01/world/binladen.tape_1_al-jazeera-qaeda-bin?_s=PM:WORLD

Colvin, J. (2008). Insurgency organization case study: Al-Qaeda in the Maghreb, 2006-present. University of Military Intelligence.

Crenshaw, M. (1987). Theories of terrorism: instrumental and organizational approaches. Journal of Strategic Studies, 10(4), 13-31.

Crenshaw, M. (2010). Mapping terrorist organizations. Unpublished working paper.
Downes, A. (2007). Modern insurgency and counterinsurgency in comparative perspective. Civil Wars, 9(4), 313-323.

Duffield, M. (2005) ‘Getting savages to fight barbarians: development, security and the colonial present’

Conflict, Security and Development Vol. 5, No. 1 pp: 141-159.
Enloe, C. (1988), Does khaki become you? 2nd ed., Pandora, London.

Fearon, J, & Laitin, D. (2003). Ethnicity, insurgency, and civil war. The American Political Science Review. Vol. 97, No. 1, pp. 75-90.

Fearon, J. (2004). Why do some civil wars last so much longer than others. Journal of Peace Research, 41(3), 275-301.

Findley, M. & Young, J. (2007). Fighting fire with fire? How (not) to neutralize an insurgency. Civil Wars, 9(4), 378-401.

Fletcher, H. (2008, April 02). Backgrounder: Al Aqsa Martyrs’ Brigade. Council on Foreign Relations, retrieved from http://www.cfr.org/israel/al-aqsa-martyrs-brigade/p9127

Freeman, M. (2011). The sources of terrorist financing: theory and typology. Studies in Conflict and Terrorism, 34(6), 461-475.

Frisch, E (2008). Against democracy: The tools, targets and tactics of insurgent strategy. Unpublished working paper, The City College of New York, The City University of New York.

Frisch, E. (2010). Women combatants and the challenges of DDR. Unpublished working paper, School of Oriental and African Studies, University of London.

Frisch, E. (2011). Terrorism and development. Unpublished working paper, School of Oriental and African Studies, University of London.

Ganor, B. (2008). Terrrist organization typologies and the probability of a boomerang effect. Studies in Conflict & Terrorism, 31(4), 269-283.

Gates, S. (2002). Recruitment and allegiance: The microfoundations of rebellion. Journal of Conflict Resolution, 46(1), 111-130.

Ghosh, B, Hauslohner, A, Thompson, M & Vivienne, W. (2011, April 04). The rebels. Time, 177(13).

Giap, V. (2001). People’s war, people’s army: The Viet Cong insurrection manual for underdeveloped countries. Honolulu: University Press of the Pacific. National Consortium for the Study of Terrorism and Responses to Terrorism (START) at the University of Maryland, (2011). Global Terrorism Database [Data file]. Accessed from July – September 2011 at http://ww http://www.start.umd.edu/gtd

Gonzalez-Perez, M. (2008), Women and terrorism: Female activity in domestic and international terror groups, Routledge, London.

Goodwin, J. (2006). What do we really know about (suicide) terrorism?. Sociological Forum, vol. 21, no. 2, pp. 315-330.

Goodwin, J, et al. (2008). Explaining the rise and fall of terrorism: The case of the Irish Republican Army. Unpublished working paper, presented at the Columbia University Workshop on Contentious Politics, 21 April 2008.

Greenhill, K & Staniland, P(2008). Ten ways to lose at counterinsurgency. Civil Wars, 9(4), 402-419 Guevara, E (1985). Guerrilla warfare. Boston: University of Nebraska Press.

Guevara, E (2001). The African dream, the diaries of the revolutionary war in the Congo. London: Harvill Press.

Gunaratna, R & Oreg, A(2010). Al Qaeda’s organizational structure and its evolution. Studies in Conflict Resolution, 33(12), 1043-1078.

Harmon, C. (2001). Five strategies of terrorism. Small Wars & Insurgencies, 12(3), 39-66.

Hassan, N (2001). An arsenal of believers: talking to the ‘human bombs’. The New Yorker.

Hoffman, B. (2007). “Terrorism in history.” Journal of Conflict Studies 27(2): 8-28.

Humphreys, M & Weinstein, J. (2008). Who fight? the determinants of participation in civil war. American Journal of Political Science, 52(2), 436-455.

Jackson, B(2006). Groups, networks, or movements: a command-and-control-driven approach to classifying terrorist organizations and its application to Al Qaeda. Studies in Conflict & Terrorism, 29, 241-262.

Jenkins, B (1980).The Study of Terrorism: Definitional Problems. The Rand Corporation.
Johnston, P (2008). The geography of insurgent organization and its consequences for civil wars: evidence

from Liberia and Sierra Leone. Security Studies, 17, 107-137.
Jordan, J (2009). When heads roll: assessing the effectiveness of leadership decapitation. Security Studies, 18, 719-755.

Kreuger, A.B. & Maleckova, J. (2002), Education, poverty and terrorism: Is there a causal connection? Annual World Bank Conference on Development Economics

Kuznar, L. A. (2007) ‘Rationality Wars and the War on Terror: Explaining Terrorism and Social Unrest’ American Anthropologist vol. 109, no 2, pp 318-329.

Kydd, A. & Walter, B. (2006). The strategies of terrorism. International Security, 31(1), 49-80.
Langdon, L, Sarapu, A & Wells, M (2004). Targeting the leadership of terrorist and insurgent movements: historical lessons for contemporary policy makers. Journal of Public and International Affairs, 15, 59-78.

Leedom, D, Noble, D & Eggleston, R(2007). Work-centered approach to insurgency campaign analysis. Air Force Research Laboratory.

Li, Q. & Schaub, D. (2004), “Economic Globalization and Transnational Terrorism”, The Journal of Conflict Resolution, vol. 48, no. 2, pp. 230-258.

Lutz, J & Lutz, B (2009). How successful is terrorism? Forum on Public Policy.

Mann, M (2003) Incoherent Empire London: Verso.

Mao, T (2008). On guerrilla warfare. Miami: BN Publishing.

McCormick, G. (2003). Terrorist decision making. Annual Review of Political Science, 6, 473-507.

McCormick, G., Horton, S. & Harrison, L. (2007). Things fall apart: the endgame dynamics of internal wars. Third World Quarterly, 28(2), 321-367.

McCubbins, M.D., Noll, R.G. & Weingast, B.R. (1987). Administrative procedures as instruments of political control. Journal of Law, Economics & Organization, 3(2), 243-277.

Merari, A (1993). Terrorism as a strategy of insurgency. Terrorism and Political Violence, 5(4), 213-251. Olson, M. (2000), Dictatorship, democracy, and development. Ch.4 in Olson, M. and S. Kähkönen (eds.), A

Not-So-Dismal Science: A Broader View of Economies and Societies, Oxford: Oxford University Press. Oots, K.L. (2008). Organizational perspectives on the formation and disintegration of terrorist groups.

Terrorism, 12(3), 139-152.

Oots, K.L. (2008). Bargaining with terrorists: organizational considerations. Terrorism, 13(2), 145-158.

Pape, R. (2003). The strategic logic of suicide terrorism. American Political Science Review, 97(3), 343-361.

Pape, R. (2005), Dying to Win: The Strategic Logic of Suicide Terrorism, Random House, New York. Pedahzur, A & Perliger, A(2006). The changing nature of suicide attacks: a social network perspective. Social Forces, 84(4), 1987-2008.

Petraeus, Lt. Gen. D. (2006). Learning counterinsurgency: observations from soldiering in Iraq. Military Review, 2-12.

Piazza, J.A. (2009). Is Islamist terrorism more dangerous?: an empirical study of group ideology, organization and goal structure. Terrorism and Political Violence, 21(1), 62-88.
Poole, H. (2004). Tactics of the crescent moon: Militant Muslim combat methods. North Carolina: Posterity

Press.
Post, J.M. (1990), “Terrorist psycho-logic: Terrorist behavior as a product of psychological forces”. In

Reich, W. Origins of Terrorism: Psychologies,
Reed, B (2007). A social network approach to understanding an insurgency. Parameters, 37(2), 19-29.

Rees, M, Ghosh, B, Hamad, J & Klein, A. (2002, May 13). Untangling jenin’s tale. Time, Retrieved from http://www.time.com/time/magazine/article/0,9171, 1002406 -1,00.html

Richardson, L (2006). What terrorists want: Understanding the terrorist threat. London: John Murray Publishers.

Sage, S (2002). Recruitment and allegiance: the microfoundations of rebellion. Journal of Conflict Resolution, 46(1), 111-130.

Sageman, M. (2004), Understanding Terror Networks, University of Pennsylvania Press, Philadelphia. Sanin, F (2008). Telling the difference: guerrillas and paramilitaries in the Colombian war. Politics & Society,36(1), 3-34.

Sanin, F & Giustozzi, A(2010). Networks and armies: Structuring rebellion in Colombia and Afghanistan.

Schmidt, F (2010). From Islamic warriors to drug lords: The evolution of Taliban insurgency. Mediterranean Quarterly, 21(2), 61-77.

Shadid, A. (2011, August 31). Syria’s sons of no one. The New York Times.

Simon, H (1991). Organizations and markets. Journal of Economic Perspectives,5(2), 25-44.

Stinchcombe, A(1997). On the virtues of the old institutionalism. Annual Review of Sociology,23, 1-18.

Taber, R (2002). War of the flea: The classic study of guerrilla warfare. Washington, D.C: Potomac Books.

Tilly, C (1985). War Making and State Making as Organized Crime. Bringing the State Back. Cambridge University Press, New York.

Tilly, C. (2004), Terror, Terrorism, Terrorists. Sociological Theory, vol. 22, no. 1, pp. 5-13.
Waugh, W. (1983). The values in violence: organizational and political objectives of terror groups. Conflict Quarterly, 5-19.

Weinberg, L. (1991), “Turning to Terror: The Conditions Under Which Political Parties Turn to Terrorist

Activities”, Comparative Politics, 23 (4), 423-438.
Weinstein, J(2005). Resources and the information problem in rebel recruitment.The Journal of Conflict

Resolution, 49(4), 598-624.
Weinstein, J. (2006), Inside rebellion: The politics of insurgent violence, Cambridge University Press, New York.

Wolf, J. (1978). Organization and management practices of urban terrorist groups. Terrorism, 1(2), 169-186.

Zubaydi, Z. (2011, August 10). Former commander, Al Aqsa Martyr’s Brigade, Jenin. Interview by E Frisch.

World Social Forum Model of Activist and Cross-border Activation

I was playing around with Insight Maker‘s System Dynamics modelling tools and decided to make this model on the social movements connected to the World Social Forum.

The above is based on their 2005 and 2007 surveys, formating with an eye to netwar operations and digital/in-person protests swarms.

It’s far from a final rendition of the dynamics at play within the movement of movements – but does provide an example of political targeting that not only far pre-dates the Cambridge Analytica model but shows it to be inferior as it’s not relaying on simplistic-to-the-point-of-being-sophistry models of influence like those associated with the OCEAN personality tests.

Notes on “From Skills and Competencies to Outcome-based Collaborative Work: Tracking a Decade’s Development of Personal Knowledge Management (PKM) Models”

From Skills and Competencies to Outcome-based Collaborative Work: Tracking a Decade’s Development of Personal Knowledge Management (PKM) Models

by Ricky K. F. Cheong and Eric Tsui

Abstract

In the area of knowledge management, existing and past research has tended to focus on the enterprise level. The topic of personal knowledge management (PKM) has only seen growth recently although PKM is not new, as our ancestors sought ways to learn better and to improve their knowledge. However, there are very little empirical researches, or significant conceptual development has been done with PKM, and there is lacking paper to evaluate the previous PKM literatures. This paper aims to provide a critical review of the published literature related to PKM and the PKM models. From the previous literatures, it is clear that PKM is playing an important role at indi- vidual, organization, and social level. PKM has evolved from mere individual activities to something that are more outcome/impact oriented; from information handling skills to personal competencies, sense making, and self- reflection; from individual focused to a community and social collaborative focused. A new PKM model is developed based on the recent research done by the authors. There are four core components in this new PKM model, namely personal information management, personal knowledge internalization, personal wisdom creation, and interpersonal knowledge transferring. At the end of this paper, the Web 2.0-based PKM tools was evaluated and important roles were identified to facilitate the practicing of PKM.

The charts showing various forms of knowledge managment practices speak for themselves.

Notes on Collaborative Knowledge Management

Collaborative Knowledge Management

in Journal of Fundamental and Applied Science

by Manal Abdullah, Monirah Almalki, and Hanaa Blahmer

Faculty of Computing and Information Technology, King Abdul-Aziz University, Jeddah, SA

Abstract– Knowledge plays a critical role in organizational resources that enables organizations to gain a competitive advantage. In the today world, the organizations need to investigate new solutions to remain ahead of the competition. Therefore, organizations endeavor to face the challenges by using technologies to enable an efficient management of the e-collaboration and knowledge management. Many models and techniques have been discussed over years for e-collaboration and knowledge management within organizations. Current changes in Information, and Communication Technology (ICT) have prompted organizations to utilize platforms such as corporate portals for collaborative know ledge sharing. This paper introduces an overview of Knowledge Management (KM) and e-collaboration for the enterprise to gain advantage. The paper is appended by a case study of an organization where it applies KM and e-collaboration to cover the business needs and to improve management of enterprise content with collaboration of knowledge. The organizational structures and processes, standards and values are still the main areas that limit the effectiveness of e-collaboration. This requires changing the organizational focus and culture that remains a challenge for many organizations.

Keywords – Collaboration, E-collaboration, Knowledge Management (KM), Collaborative Knowledge Management Models, Information and Communication Technologies (ICTs).

DOI: http://dx.doi.org/10.4314/jfas.v10i4s.93

Collaborative Knowledge Management Images

Collaborative Knowledge Management Notes

The organizational structures and processes, standards and values are still the main areas that limit the effectiveness of e-collaboration. This requires changing the organizational focus and culture that remains a challenge for many organizations.

workers inside the organization in today’s economy, who exercise a lot of decisions working on knowledge intensive tasks are very different from the previous generation of employees in the office. The previous generation of employees typically are being trained to perform a particular piece of the task and in a highly repetitive way; no longer the case in the knowledge era, these workers have to work collaboratively, innovatively and often have to make quality and consistent decisions.

sharing knowledge between different units inside the organization will shorten product development cycle and lower risk.

The role of information technology and communications is to encourage workers create, store, use, and exchange of knowledge through common platforms.

Organizational structures and processes, standards and values are still key areas that limit the effectiveness of electronic collaboration, however, groups of individuals, organizations and individuals include the justification to collaborate with colleagues within and across organizations still need to be addressed.

According to Xiaomi, “Knowledge Mangement is about the identification, creation, distribution, utilization and maintenance of organizational knowledge for fulfilling organizational objectives.” Successfully managing organizational knowledge becomes increasingly important for organizations to gain competitive advantages

KNOWLEDGE MANGEMENT is increasingly gaining recognition as the determinant for improving the performance, competitive advantages and innovation

Organizations can generate competitive advantage if they know how to find, collect and harness common knowledge in business. Moreover, knowledge is often considered to be one of the most important factors of enabling better and quick decision-making. The most value from organization’s intellectual assets knowledge must be shared and served as foundation for collaboration. Moreover, improvement revenues by getting products and services to market faster, enhance employee holding rates

Seven key factors were identified to be knowledge management success. These factors include strong relation to business, perspective, and mandatory architecture, knowledge leadership, the culture of creating and sharing knowledge, continuous learning, and developed technology infrastructure, systematic organizational knowledge process

Knowledge management is a set of processes or stages that organizations execute sequentially.

Group Decision Support System (GDSS). GDSS is defined as a computer- based framework which is used to help the cooperative group work. GDSS is typically used in meeting related of the decision-making DM, so it is not necessary to have the decision makers at the same time and place.

There are four key features of collaborative Knowledge management:

scope knowledge

orientation knowledge

evolution knowledge quality

decentralization knowledge.

First, the scope knowledge explains the focus of an e-collaboration system. Second, the orientation knowledge attribute depends on the exploration vs. exploitation dichotomy. Third, the evolution knowledge quality displays the proper development of an e- collaboration system. Fourth, the decentralization knowledge attribute concerns the way an e-collaboration system gives access to its pool of knowledge resources.

Collaboration requires mechanisms for intra- and inter-organizational communication.

understanding differences in thinking are at least as important as understanding technical factors in communication.

The differences of using language, goals, cognitive views, frames of reference, and organizational pressures all contribute to communication difficulties and lack of trust in collaboration.

Trust forms a vital component in bringing together the orientations of communication, collaborative practice, and community within communities of practice

The ideal enterprise information system should be single point of access to one source of information. Otherwise, employees may be forgetting or ignoring relevant information sources.

strengthens the capacity of XYZ as a knowledge-based institution. Its parts involve: First, enabling Environment by implement policies and institutional arrangements. Second, implementation of KM platform and associated business processes that enable staff, also external partners and stakeholders. Third, package knowledge products and services in appropriate formats and diffuse these through different channels. Fourth, improve the creation, application, and reuse of knowledge through various modalities.

Differentiating CastroChavismo from Cultural Marxism and the Frankfurt School

Cultural Marxism

Cultural Marxism is associated with the Institute of Social Research and is often referred to as the Frankfurt School as it was first housed at the Goethe University in Frankfurt, Germany.

Seminal authors in this field include:

Antonio Gramsci
Eric Fromm
György Lukács
Herbert Marcuse
Jürgen Habermas
Karl Korsch
Max Horkheimer
Theodor Adorno
Walter Benjamin

For a brief primer on the evolution of Marxist discourse from an economic to a cultural focus, I recommend reading: In the Tracks of Historical Materialismand Considerations on Western Marxism by Perry Anderson.

For a brief primer on the transmutation of Marxist discourse into post-structuralist and postmodernist subjects of inquiry, I recommend reading Logics of Disintegration: Poststructuralist Thought and the Claims of Critical Theory by Peter Dews.

Castrochavismo

Castrochavismo is not associated with any particular research institution.

Seminal authors in this field include:

Alain Badiou
Angela Davis
Antonio Negri
Arundhati Roy
Boaventura de Sousa Santos
Brian Dingledine
Chico Whitaker
David Graeber
Eduardo Galeano
Enrique Dussel
Immanuel Wallerstein
João Pedro Stedile
Mark Fisher
Manuel Castells
Michael Alpert
Michael Hardt
Michel Foucault
Naomi Klein
Noam Chomsky
Richard Wolff
Slavoj Žižek
Subcommandante Marcos
Tariq Ali
Vijay Prashad
Walden Bello

For a very brief primer on it’s evolution recommend Constructing the ‘Anti-Globalization’ Movement by Catherine Eschle.

For a longer primer on the evolution of anti-globalization authors and activists, I recommend reading The World Social Forum: Challenging Empires.

Why CastroChavismo is not Antisemitic, But Those who Deny It Are

Chavez and Soros – United in Hate against the Republican Party

CastroChavismo is not “Cultural Marxism”

Use of the term CastroChavismo is descriptive of the Socialist-Affiliated Transnational Advocacy Networks in the U.S. receiving support and funding for theactivitiesfrom socialist governments in Latin America (PSUV, PCC, PT); socialist parties in the EU (Rosa Luxemburg Stiftung); and transnational NGOs (Open Society Initiative).

The term explicitly alludes to descriptions of activities historically engaged in by the Cuban Communist Party categorized as subversion, while simultaneously differentiating it from narratives about “Cultural Marxism” that may or may not have antisemitic overtones.

People who say I’m being Deleuzional by defining it as a repetition that is also different would be correct.

CastroChavismo is a set of activities with goals that can be organized according to principles of Knowledge Management.

Individuals participating in the events and activities associated with CastroChavismo can be classified as antisemitic for two reasons.

(1) Functional support of the goals and organizations connected to the Muslim Brotherhood, Hezbollah, the Iranian Revolutionary Guard Corps, as well as others that have avowed their desire to destroy the state of Israel – the lone Jewish-majority state in the world, which is located in the historic Jewish Homeland – which has been documented by Timothy Pearce, by Tariq Ali, and can be shown at in the alliances of Hugo Chavez and Nicolas Maduro.

The claim that someone’s ethnic Jewish background, George Soros, who does not even practice Judaism and who Israel also seeks to expose, within the analytical framework of CastroChavismo does not make it antisemitic.

In fact, if we were to extend that same logic – given my own ethnic Jewish background – one could just as similarly claim that all those who deny the historical correctness of CastroChavismo are themselves, anti-Semites.

In fact, people who try and disqualify interlocutors because of this are using a long-established anti-semitic trope.

In fact, given the aforementioned political orientation of those involved with CastroChavismo networks and their use of antisemitic tropes – it’s appropriate to say that people who deny CastroChavismo are themselves antisemitic as their attempt to police speech acts supports those that seek the elimination of Israel.

Notes from Inside Collaborative Networks: Ten Lessons for Public Managers

Inside Collaborative Networks: Ten Lessons for Public Managers

by Robert Agranoff

Indina University–Bloomingon

This paper offers practical insights for public managers as they work within interorganizational networks. It
is based on the author’s empirical study of 14 networks involving federal, state, and local government
managers working with nongovernmental organizations. The findings suggest that networks are hardly crowding out the role of public agencies; though they are limited in their decision scope, they can add collaborative public value when approaching nettlesome policy and program problems.

Extended discussions were undertaken in the field on two separate occasions with more than 150 public officials, in addition to field observation and examination of network documentation.

Lesson 1: The network is not the only vehicle of collaborative management.

Lesson 2: Managers continue to do the bulk of their work within the hierarchy.

Lesson 3: Network involvement brings several advantages that keep busy administrators
involved.

Lesson 4: Networks are different from organizations but not completely different.

Lesson 5: Not all networks make the types of policy and program adjustments ascribed to them in the literature.

Lesson 6: Collaborative decisions or agreements are the products of a particular type of mutual learning and adjustment.

Lesson 7: The most distinctive collaborative activity of all of the networks proved to be their work
in public sector knowledge management.

Lesson 8: Despite the cooperative spirit and aura of accommodation in collaborative efforts, networks are not without conflicts and power issues.

Lesson 9: Networks have their collaborative costs, as well as their benefits.

Lesson 10: Networks alter the boundaries of the state only in the most marginal ways; they do not appear to be replacing public bureaucracies in any way.

It is time to go beyond heralding the importance of networks as a form of collaborative public management and look inside their operations.

it is well known (1) that “the age of the network” has arrived (Lipnack and Stamps 1994), (2) that hierarchy and markets are being supplemented by networks (Powell 1990), (3) that public managers are enmeshed in a series of collaborative horizontal and vertical networks (Agranoff and McGuire 2003), and (4) that networks need to be treated seriously in public administration

Public manage- ment networks are, in every sense, collaborative connections like social networks, although they not only comprise representatives of disparate organiza- tions but also go beyond analytical modes. They are real-world public entities.

Agranoff and McGuire define collaborative management processes as “the process of facilitating and operating in multi organizational arrangements to solve problems that cannot be solved, or solved easily, by single organizations”

Although it is certainly true that mutual dependency is leading to an increasing number of horizontal relationships crossing many boundaries, lateral connections seem to overlay the hierarchy rather than act as a replacement for them.

Program specialists frequently (and more naturally) work across agency boundaries. Their work is technical or based on specialized knowledge, and it is geared to solving problems, belonging to epistemic communities, and acting on shared beliefs.

For the line administrator, however, it is largely business as usual most of the time, dealing with internal POSDCORB matters, along with increasing collaborative pressures.

Why do networked accountability bodies persist? Because they deliver different forms of public value to their multiple participants.

Networks can perform a great many public service purposes. They not only bring many parties to the table but also have the potential to expand the resource base. The most important element of the resource base is the potential for knowledge expansion, a function that administrators said was indispensable.

From knowledge comes the possibility of new solutions derived by, owned, and implemented by several parties.

The key to sustained network involvement is performance, and the key to performance is adding public value by working together rather than separately.

The first benefit is the value added to the manager or professional, such as learning new ways to collaborate, intergovernmental skills, and how to network, along with enhanced technical and information and communications technology skills. Second are the benefits accruing to the home agency, such as access to other agencies’ information, programs and resources; access to information and communications technology; cross-training of agency staff; and most important, enhanced external input into the internal knowledge base. Third are the collective process skills that accrue from working together over a sustained period of time—for example, developing interagency planning, piloting an adaptation of a new technology, developing a mutual interagency culture that leads to subsequent problem solving, and experimenting with electronic group decision technology. Fourth are the concrete results accrued, such as an action plan, a capability building conference, new interagency strategies, and multiagency policy and program changes. These types of value-adding performance results sustain administrators’ efforts in collaborative undertakings.

It is an accepted fact that bureaucratic structures have become more flexible and permeable over the past century. Today’s organizations are becoming more conductive—that is, they are continuously generating and renewing capabilities, bearing in mind the alignment between internal forces and external demands, including the importance of creating partnerships through internal–external interaction, building alliances and coalitions, forming and reforming teams across functions and organization boundaries, and collaborating to actively manage interdependencies. In this sense, perhaps bureaucracies and standing networks appear a good deal alike because both need to be concerned with managing complex partnerships, with blurring boundaries. The difference is that one structures and creates rules and strategies under the umbrella of one organization, whereas the other must interorganizationally and collectively create structures, rules, and strategies that fit their multiorganizational needs.

In the 14 public management networks studied, four types of public value were queried, and managers found substantial benefits in each dimension.

The first benefit is the value added to the manager or professional, such as learning new ways to collaborate, intergovernmental skills, and how to network, along with enhanced technical and information and communications technology skills.
Second are the benefits accruing to the home agency, such as access to other agencies’ information, programs and resources; access to information and communications technology; cross-training of agency staff; and most important, enhanced external input into the internal knowledge base.
Third are the collective process skills that accrue from working together over a sustained period of time—for example, developing interagency planning, piloting an adaptation of a new technology, developing a mutual interagency culture that leads to subsequent problem solving, and experimenting with electronic group decision technology.
Fourth are the concrete results accrued, such as an action plan, a capability building conference, new interagency strategies, and multiagency policy and program changes. These types of value-adding performance results sustain administrators’ efforts in collaborative undertakings.

Virtually all of the 14 networks studied operated with some form of council or board, elected by the entire body of agency representatives, very much like the board of directors of a nonprofit organization.

The real work in all of the networks studied was done in either standing committees (e.g., finance, technology transfer, tele-medicine, educational applications, transportation technical review) or focused and usually shorter-term workgroups (e.g., ortho-infrared mapping, bicycle and pedestrian, broadband usage, community visitation, water and wastewater treatment)

Because all networks do not really make decisions, it is prefer- able to refer to many of their deliberative processes as “reaching agreements” rather than “decisions,”

In collaborative bodies, decisions and agreements are necessarily based on consensus, inasmuch as participating administrators and professionals are partners,not superior–subordinates.

they are co-conveners, co-strategists, co–action formulators, co-programmers, and so on. It is also true that public agency administrators possess neither ultimate legal authority (except, of course, within one’s home agency domain) nor control over all technical information. Authority in the network is shared with the many stakeholders at the table: other administrators, program specialists, research scientists, policy researchers, and interest group and advocacy association officials. Among the partners, it is unlikely that any single agency or representative at the table will have the legal authority or financial resources to completely approach a problem.

informational: wherein partners came together almost exclusively to exchange agency policies and programs, technologies, and potential solutions. Any changes or actions were voluntarily taken up by the agencies themselves.

developmental: wherein partner information and technical exchange were combined with education and member services that increased the members’ capacities to implement solutions within their home agencies and organizations.

outreach: wherein the activities of the developmental network were engaged; in addition, however, they also blue-printed strategies for program and policy change that led to an exchange or coordination of resources, although decision making and implementation were ultimately left to the agencies and programs them-selves.

action networks, wherein partners came together to make interagency adjustments, formally adopt collaborative courses of action, and deliver services, along with information exchanges and enhanced technology capability.

Creating a collective power of new possibilities.

The issue is to bring about enough cooperation among disparate community elements to get things done.

In order to open up new possibilities, the networks studied used six distinct predecision or agreement learning strategies.

They prepared for brokered consensus through (1) group discussion or exchange of ideas; (2) political negotiation of sensitive concerns and intensely felt needs; (3) direct applica- tion of technology or preestablished decision rules or formats; (4) application of preestablished, formulaic procedures (e.g., those related to regulations, grants, or loans); (5) data-driven decisions or agreements (e.g., market studies, usage patterns, traffic or accident counts); and (6) predecision simulation or electronic base groupware or other decision techniques.

“Knowledge is a fluid mix of framed experience, values, contextual information, and expert insight that provides a framework for evaluating and incorporating new experiences and information”

Whereas data refer to discrete, objective facts, and information is a message in the form of a document or an audible or visual communication, knowledgeis more action oriented, both in process and in outcome. Knowledge management has two dimensions: explicit knowledge, which can be codified and communicated easily in words, numbers, charts, or drawings, and tacit knowledge, which is embedded in the senses, individual perceptions, physical experiences, intuition, and rules of thumb

In the networks studied, the process of knowledge management in many ways defined the major focus of their standing committees and working groups.

First, essentially all of them began by surveying the universe of data and information that their partners had developed or could access, plus external databases of use to them.

Second, this information then used to develop their “own source” explicit knowledge using resources such as libraries, map inventories, strategic plans, fact sheets and policy guides, focused studies, surveys, conferences and workshops, electronic bulletin boards, process reviews, long-range plans, models and simulations, and market studies.

Third, tacit knowledge was rarely formally codified, but it was regularly approached through stakeholder consultations, best practices booklets, workgroups as “communities of practice,” study project report panels, expert presentations, specialized workshops, SWOT workshops, hands-on technical assistance, community leadership development sessions, forums on “what works,” direct agency outreach, help desks, and public hearings.

Fourth, the networks tried to organize the explicit/ tacit interface not through codification but through informal feedback on the myriad of knowledge management activities in which they engaged, usually through some informal post-project assessment or at its board or steering committee meetings.

Fifth, most of the networks directly served some of the knowledge management needs of their partner agencies by producing formal reports, responding to data requests, supplying modeling and planning data, circulating policy reports, sponsoring in-agency forums and report sessions, providing technical expert linkages between the network and specific agencies, and in some cases, providing agency-requested studies.

In the same way that organizations seek structured predictability, networks try to use their open-ended processes of coordinating purposeful individuals who can apply their unique skills and experiences to the local problem confronting the collaborative undertaking

Beyond the formal structure of the governing body and working committees and groups were four elements of power.

First, virtually every network had a champion (and in two cases, two champions)—a visible, powerful, and prestigious public agency head or nonprofit chief executive officer who organizes or sustains the network. The presence of the champion in the network signaled to others in the field to “stay in” and “cooperate.”

Second, there was a political core, normally comprising the primary participating department heads or federal government state directors and chief executive officers of the non- governmental organizations. These managers tended to be part of the governance structure, they sent a message to other participants that the network was important to be involved with, and they were the people who were most likely to be involved in high- level interagency negotiations and resource accommodations.

Third, there was a technical core, primarily workgroup or committee activists who knew the most about a particular topic (e.g., watershed management, planning, geographic information systems, finance, regulation, information and communications technology, and so on). Because a great deal of the work was bound up investigating problems, creating knowledge, and looking for feasible solutions, their work was at the core of network activity, and the most knowledgeable of these individuals held considerable operating power.

Finally, there were paid staff who held the network together through their support efforts, which in the 14 networks ranged from one or two persons who devoted to the network full time to 18 full- or part-time participants in one action network.

This power structure is deep, and the four dimensions overlap in practice—it is every bit as real as those in the organizations from which representatives are drawn.

If managers give up or add to the job of internal operations to engage in cooperation, they obviously do this at some cost.

Many line managers are said to be protective of agency autonomy for one of four reasons: (1) the agency manager knows best, and therefore should carry out its mission and programs; (2) loss of autonomy is associated with the loss of control and guidance of the agency; (3) people place a greater value on losses than on gains; and (4) autonomy reduces uncertainty

Real costs associated with network participation that the managers and professionals articulated. Six general cost categories were indicated:

(1) time and opportunity costs lost to the home agency as a result of network involvement

(2) time and energy costs resulting from the protracted decision-making process, based on nonhierarchical, multiorganizational, multicultural human relations processes

(3) agreements not reached because of the exertion of organizational power or the withholding of power

(4) network gravitation toward consensus- based, risk-aversive decision agendas

(5) resource “hoarding,” or agencies’ failure or unwillingness to contribute needed resources

(6) public policy barriers embedded in legislation, coupled with legislators’ or other policy makers’ unwillingness to make needed changes, which, in turn, frustrated collaborative decisions.

All of these appear to thwart progress within networks.

To a degree, the deliberations of the network and the in- volvement of nongovernmental organizations clearly influenced the courses of action taken by government, and in some cases, new programs and strategies emanated from network deliberations.

Three Large Caveats

First, when it comes to policy decisions, it is almost always the public institutions that make the ultimate call, and in the case of implementation, it is the agency.

Second, in virtually every public management net- work, it is government administrators at federal, state, and local levels who are the core or among the core actors in the network. They are able to inject legisla- tive, regulatory, and financial considerations right into the network mix, which hardly marginalizes them.

Third, many collaborative efforts outside the network form are more tightly controlled by the government, in the form of grant expectations, contract provisions, or loan conditions, tying the nongovernmental orga- nization to the public agency in a tighter way.

Today’s wicked policy problems, dispersed knowledge and resources, first- and second-order effects, and intergovernmental overlays guarantee that managers must engage other governments and nongovernmental organizations