The U.S. Space Force ordered replacement of the computer hardware in the new GPS ground system due to the due to the sale of IBM’s computer product line to a Chinese company, and the consequent cybersecurity risk posed by the IBM hardware in use.
The switch-out became necessary after the Committee on Foreign Investment in the United States approved the sale of IBM’s x86 product line to Beijing-based Lenovo in August 2014. The U.S. government acknowledged at the time that the sale would have a major impact on the GPS Next Generation Operational Control System (OCX) program by creating an unacceptable cyber risk.
The government “waited on implementing a fix until (OCX prime contractor) Raytheon showed promising program performance in delivering OCX,” the Space Force’s Space and Missile Systems Center (SMC) said in a statement released late Friday.
“Over the last two and a half years, since OCX came out of its Nunn McCurdy breach, Raytheon has been executing as planned, giving us confidence in OCX’s ability to transition into operations,” said Lt. Gen. John Thompson, SMC commander. “Software development completed last fall and the program is in the integration and test phase. In less than a year, Raytheon will deliver a qualified software baseline capable of operating the GPS constellation.”
The Government sponsored a hardware trade study in 2017 with US-based vendors to replace IBM’s hardware. As a result of the study, Hewlett Packard Enterprises (HPE) was selected as the vendor. The program then conducted a pilot project replacing the IBM hardware in the seventeen external monitoring stations and four ground antenna sites, resulting in successful HPE replacement
“It is prudent to address the unsupportable IBM cybersecurity risk before system delivery to the government,” said Lt. Col. Thomas Gabriele, SMC’s OCX materiel leader. “This gave us confidence that we had a viable OCX technical solution providing a long term sustainable hardware baseline that meets our stringent cyber security requirements, As Raytheon continues to track to their contractual commitments, addressing the unsupportable IBM cyber security risk is prudent to do pre-system delivery to the government.”
“By executing the fix now we eliminate $150 million in rework and retesting, and (are) ensuring we deliver a system that is capable of transitioning to operations,” said Barbara Baker, SMC Command and Control Division’s senior materiel leader.
What the change will mean to the schedule for the repeatedly delayed program is unclear.
“Although this government-directed change will impact the Raytheon schedule,” said Gabriele, “the government is holding Raytheon accountable to deliver qualified software prior to integrating on the HPE platform and deploying to operational sites.”
SMC did not respond immediately to questions about the schedule.
Photo: Radomes like this one in Colorado are the primary link for systems like GPS OCX and the satellites they operate. Photo courtesy Raytheon.