COLORADO SPRINGS: OCX, for the last two years the most troubled space acquisition program and a watchword for the high risks of being the first program to try and meet the Pentagon’s highest cyber security standards, may now open the way for Raytheon to plow its way deep into the rich fields of the cyber security market.
Why? OCX is the first Pentagon system to meet the military’s toughest cyber security standards without having been granted any waivers for specific areas, according to Raytheon. That, company officials say, positions them well to complete for the growing number of classified and unclassified cyber programs, as well as programs for which meeting that standard is critical.
“It is the first program to get this standard. There have been no waivers,” Bill Sullivan, vice president in charge of OCX at Raytheon, told me during the Space Symposium here. “I think it’s enormously important. Just think of it from a competitive advantage position. If were in a competition with another company and it requires the 8500 standard, we’re going to say, ‘done. We’ve done it.’ The other company is going to say we can do it. It’s a huge deal.”
The GPS satellite ground stations known as OCX are key to future warfare because GPS satellites and their signals are increasingly vulnerable to hacking, spoofing and jamming. The $4.2 billion program is really important because GPS 3 satellites’ stronger, more accurate and more jam resistant signal can’t be effectively used until the ground stations are up and running. And the ground stations also allow for improved and more secure signals.
Why did Raytheon have so much trouble meeting the Pentagon’s new cybersecurity standards? It’s a really dense and complex set of protections in depth, as this graphic depicts. Each GPS signal is tested to make sure it really did come from where it says it came from. Each piece of data is tested each time it pings to a new piece of hardware or to a new software module. And then there are the other layers of protection, some physical, some created by policy and, of course, it’s all wrapped up in NSA-standard encryption.
And this won’t be an advantage only for Raytheon in the military or intelligence markets, Sullivan told me. “It’s an advantage in any market,” which may make all the pain Raytheon has suffered during the last two years more bearable. You might say it’s a promising way to amortize the cost of the cost overruns and the political pain.
Financial companies, technology companies, Internet Service Providers, cloud companies: just about any venture that relies on cyber may be interested. Part of the reason for that is that the Pentagon standards are derived from those first designed by the National Institutes of Standards and Technology, NIST.
As Breaking D readers know, Raytheon paid $1.6 billion for a commercial cyber security company, Austin-based Websense. The new subsidiary was expected to do about $500 million in business in 2015 and the cybersecurity achievements of OCX could well help propel that to greater heights.