Robotics
Automation tech for defense: A closer look
Prompted by the cybersecurity updates to the MQ-9A UAV used by the U.S. Military, we reached out to Josh Lospinoso, CEO at Shift 5, who joined us via email interview to discuss automation technology in the defense industry in depth.
July 15, 2024 by Daniel Brown — Editor, Networld Media Group
From robots for restaurants to AI-powered customer service, automation has revolutionized our world, both for consumers and businesses.
However, one area of automation and self-service that does not always dominate our headlines is the growing importance of automation in the defense industry.
Cybersecurity threats are growing for governments and businesses globally, with recent examples including France's efforts to counter cyber threats related to its hosting of the Olympics.
This month, the New York Times published an analysis of the growing threats to the global GPS networks, including so-called "spoofing" attacks.
On the hardware side, we recently covered the enhancement of onboard cybersecurity systems on the MQ-9A Reaper unmanned aerial vehicle, executed by partners Shift5 and General Atomics Aeronautical Systems Inc., which integrated Shift 5 onboard cyber anomaly detection and predictive maintenance capabilities into the drone.
Prompted by the MQ-9A story, we reached out to Josh Lospinoso, CEO at Shift 5, who joined us via email interview to discuss automation technology in the defense industry in depth.
Q&A with Josh Lospinoso, CEO at Shift 5
Q: We are new to covering automation in the Defense industry, such as Shift5's technology focused on observability for onboard operational technology (OT). Just how big is the market for automation in the defense sector, and what led you and your team to focus on this specific technology opportunity?
Lospinoso: The DoD is an avid investor in technology initiatives, last year requesting $17.8 billion for related initiatives – its largest ever ask. While the Department is seeking a science and technology budget of $17.2 billion for 2025 – a net-decrease – Undersecretary of Defense for Research and Engineering Heidi Shyu has affirmed that the Department is shifting its priorities from R&D to transitioning technologies into operational use, painting a promising picture of such investments becoming battlefield-ready. Across branches, technology investments aim to supply advanced capabilities to the warfighter and soldiers, enabling them for the future fight. Automation can enable the Department to do more with its resources.
At Shift5, our focus on observability technology stems from the critical need to secure and maintain the vast array of complex systems that constitute modern military capabilities. The DoD is often locked out of the operational technology (OT) data that its weapon systems produce. Such data is so vast in volume that it takes machine power to become useful. Our platform captures, and analyzes real-time serial bus data, applying automation to reveal critical operational and cybersecurity insights. Real-time data access, contextual insights, and actionable analytics are essential for the DoD to maintain operational readiness and decision dominance in the field by improving fleet readiness, lethality, and survivability.
The evolving battlefield, which increasingly includes remotely piloted, autonomous, and unmanned systems, requires such support even more so than weapon systems that benefit from operator intervention in real-time. Ensuring these systems have robust cyber defenses and can operate with maximum efficiency is not just an opportunity to modernize the system—it's a necessity for the modern warfighter. The partnership with GA-ASI to embed our technology into the MQ-9A Reaper drone is a testament to our commitment to this vision and the impact it has on modernizing defense capabilities.
Q: Recently, Shift5 partnered with GA-ASI to embed observability into the MQ-9A Reaper drone. Why is this observability technology so important for systems like the MQ-9A, and can you give us perspective on just how big an impact this will have on modernizing the drone?
Lospinoso:We've watched the implementation of drones on the battlefield, including their heavy deployment in Ukraine. It's clear that the battlefield of the future will feature more remotely piloted, autonomous, and unmanned systems. There are many advantages to using autonomous systems for a variety of missions; however, without a human operator in-vehicle, onboard data becomes significant as an indicator of the integrity of the system. Observability into the data generated by the MQ-9A Reaper can provide critical operational and cybersecurity insights in real-time, which would allow a remote operator to make confident, data-driven decisions. Further, with access to onboard data in real time, AFSOC and SOCOM can democratize that data into government cloud environments, enabling the joint force with greater battlefield awareness. Such efforts map back directly to DoD modernization efforts explicitly stated in its 2023 Data, Analytics, and Artificial Intelligence Adoption Strategy. Deputy Secretary of Defense Kathleen Hicks wrote that accelerating adoption of data, analytics, and AI technologies will enable enduring decision advantage for the US in the upcoming decisive decade, allowing DoD leaders to prioritize investments to strengthen deterrence, link cross-cutting campaign outcomes that counter competitors' coercive measures, and deploy continuous advancements in technological capabilities to creatively address complex national security challenges.
Q: Cybersecurity is a sensitive area, but in the Defense sector it's even more so. What are some of the challenges as an innovator in this field, and how do you approach security when automating software systems in this area?
a. At Shift5, we are dedicated to enhancing the cybersecurity of weapon systems within the defense sector, to support fleet readiness, survivability, and lethality. Our platform, which brings clarity and certainty to risks facing weapon systems through providing observability into operational technology (OT) data, is essential in a domain where the threat landscape is constantly evolving, requiring us to stay ahead of sophisticated cyber threats. Our commitment to regulatory compliance is unwavering, as evidenced by our adherence to the Department of Defense's Authority to Operate (ATO) Certification. Our approach is characterized by the development of adaptable, resilient cybersecurity solutions that are rapidly deployable and meet the highest regulatory standards. Our platform is provides observability, enabling DoD operators with real-time decision intelligence. We balance automation with expert human analysis to provide robust cybersecurity and predictive maintenance outcomes that support the national security objectives of the defense sector. This comprehensive approach ensures that we not only meet the current security demands but also anticipate and prepare for the challenges of tomorrow.
Q: Specific to Shift5, what is special about the onboard cyber anomaly detection and predictive maintenance capabilities that were embedded into the MQ-9A, and do you have any broad predictions for the coming year on the evolution of this technology?
Lospinoso: The integration of the Shift5 Platform into the MQ-9A Reaper enables cyber anomaly detection and predictive maintenance alerting in real-time based on onboard OT data. This is a significant milestone in enabling the drone with situational awareness, enhancing its resilience against cyber threats and improving operational readiness.
With the Shift5 Platform, the MQ-9A Reaper will be enabled with operational cyber resilience. AFSOC and SOCOM operators can uncover critical operational and cybersecurity insights through observability by accessing, collecting, and retaining every frame of operational technology (OT) data the drones produce. Such access will allow threat hunting, alerting, and automation of alerts. The Shift5 Platform is protocol and hardware agnostic, offers full-take data capture, real-time data analysis and alerts, high-density data compression, automated data enrichment and visualization, integrates with existing systems, offers size, weight, and power (SWaP) efficiency, comprehensive data lifecycle support, and data democratization features. In the past year, our technology has processed billions of messages, and we have identified several critical events that enabled operators to take action to ensure the integrity of their platforms.
Q: Shift5 obviously has a considerable presence in the Defense industry, but are there additional applications of your systems in non-Defense transportation and industry? Where do you see the greatest potential for future growth as you develop your solutions?
Lospinoso:Shift5's technology extends beyond the Defense industry, with significant applications in commercial aviation and passenger and freight rail sectors. Our platform brings clarity and certainty to operational technology (OT) data, which is crucial for the reliability and readiness of critical transportation assets. In commercial aviation, we help manage risk and overcome regulatory compliance burdens, while in rail, we ensure the safety, reliability, and operational efficiency of rolling stock.
The greatest potential for future growth lies in expanding our modern OT solutions to secure and optimize the performance of today's fleets and next-gen assets across these industries. By unlocking the complete ecosystem of onboard data, we enable real-time decision intelligence from the asset level to fleet scale. This approach not only improves safety and availability but also enhances resilience and reliability, which are paramount in both defense and commercial transportation sectors.
We also actively work in sectors such as maritime and space operations, where our platform's ability to collect, analyze, and contextualize data can dramatically improve operational outcomes. The recent development of our GPS Integrity Module, which combats GPS spoofing risks, is an example of how we are addressing emerging threats and expanding our reach into new domains. With the increasing reliance on autonomous and remotely piloted systems, our focus on securing and enhancing these technologies positions us at the forefront of the industry's future.
Q: As an expert in cybersecurity and operational security, what do you think comprise the biggest risks, either in Defense systems or in industrial/manufacturing systems, and what can industrial leaders do to make their systems and infrastructure more secure?
The most significant risks to defense and critical transportation infrastructure are those to their longest-lived and most expensive assets: weapon systems, aircraft, trains, and vessels. Traditionally, operators have been locked out of the data produced by their fleets. This data can reveal indications of system compromise – such as an intrusion by a malicious actor, or indications of system wear and tear that would necessitate maintenance.
Weapon systems, and their commercial counterparts in aerospace, rail, and maritime sectors, are computerized, software-dependent, and increasingly networked. Emerging technologies brought innovation to the information technology (IT) layer of these systems over time, improving usability and capabilities; however, cybersecurity solutions capable of defending the entire system have not kept pace. The layer of operational technology (OT) in weapon systems – once believed to be isolated from other internet-facing networks – has become connected, discoverable, and therefore, vulnerable to cyberattack. OT powers the most critical and sensitive functions of aircraft, maritime vessels, ground combat vehicles, and artillery, including digital components like engine and transmission controllers; braking systems, power/electrical controls; command and control displays; and weapon system controls, among others. Yet, OT remains digitally vulnerable.
Most OT was created long before modern cybersecurity standards and best practices and is digitally under-protected today. This is a cybersecurity risk because weapon systems have a long lifecycle, and the length of their change cycles means that any insecurities in the OT layer create a long window of exposure and vulnerability. Without observability into OT, a malicious actor could penetrate a network, manipulate data, prevent components or systems from operating as desired, all without knowledge of the operator. This risk is antithetical to weapon system readiness and mission effectiveness.
For operators to improve the cybersecurity of their fleets, they must gain observability into their weapon systems. This means capturing all data flowing from onboard components — every frame, every protocol, then use that data to detect anomalies. Data collected from vehicles across the fleet is centralized on-prem or in a public, private, or government cloud for analysis. This analysis can support threat hunting, operational efficiency, or incident response use cases and provide crew and maintenance with essential situational awareness. Further, intelligence created through analysis of the aggregated fleet data can be used to update rules, which can be fed back into the vehicles, so anomaly detection is continuously improved.
About Daniel Brown
Daniel Brown is the editor of Digital Signage Today, a contributing editor for Automation & Self-Service, and an accomplished writer and multimedia content producer with extensive experience covering technology and business. His work has appeared in a range of business and technology publications, including interviews with eminent business leaders, inventors and technologists. He has written extensively on AI and the integration of technology and business strategy with empathy and the human touch. Brown is the author of two novels and a podcaster. His previous experience includes IT work at an Ivy League research institution, education and business consulting, and retail sales and management.
