Operating System Architecture for PEMAs

The Navy’s Portable Electronic Maintenance Aid (PEMA) devices are subject to Department of Defense (DoD) security regulations that impose strict guidance on the security maintenance of DoD systems. DoD security guidance is issued using a number of mechanisms, including Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Management (IAVM) messages, and DoD memorandum.  Failure to comply with these DoD guidelines endangers the program’s ability to retain its authorization to operate, risking failure of mission for the Warfighter. The PEMA Windows 10-based software architecture and the variation across PEMA due to differences in installed Types/Model/Series (T/M/S) specific applications impart significant cost and effort to meet the DoD security requirements.  Our approach to investigate alternative operating systems (OS) and software architectures for PEMA aims to reduce the time and effort required to meet DoD security guidelines while ensuring that PEMA systems remain compliant with overarching DoD guidance. Our approach considers two separate but related solutions:  investigating alternative open source software (OSS) for the PEMA operating systems and exploring the use of software containerization of PEMA applications. Each of these elements can reduce the time and effort required to meet DoD security guidelines and streamline the deployment of patches and configuration changes across PEMA systems. Our research will conduct a feasibility analysis of using an open source software (OSS) architecture for PEMA systems.  We will consider various OSS solutions (e.g. RedHat, CentOS, Ubuntu) for feasibility of meeting PEMA system requirements and ability to meet DoD security requirements.  Our analysis will consider solutions that minimize the OSS footprint on the PEMA systems, thus reducing the cost and time for patching those OSS components.  We also will conduct a feasibility analysis of containerization of PEMA applications. We will consider various containerization technologies for applicability to meet PEMA system requirements, Navy programmatic requirements, cost, and ability to meet DoD security requirements.  We will provide a cost benefit analysis that will quantify the initial costs of installation, continued support of the baseline, technology injections, cybersecurity updates, and a tailored patch application approach for the Navy. Finally, we will select the best approach for migration to an OSS architecture and software containerization for PEMA systems based on analysis outcomes, and we will develop a high-level technical approach and detailed prototype design.  The goal of this research is to reduce the time and effort required to meet DoD security guidelines and reduce the cost to deploy of patches and configuration changes to PEMA systems.