Logo: to the web site of the Swedish Defence University

Extant theory suggests that paths of development, although identified as being unsustainable, might be difficult to depart from. The aim of this study has therefore been to explore and understand how a path change can be facilitated in a setting of complex product systems. A unique single case of product development that managed to curb an unsustainable intergenerational cost escalation for complex defence equipment has been studied. The study shows a relation between a path change and a challenging opportunity, and also indicates how this relation can be moderated by the company management and the customers. The study provides both theoretical and practical implications, supporting understanding and facilitation of path changes.

Cost escalation for fighter aircraft is arguably not sustainable. Pushing frontiers oftechnology by incremental improvements of traditional platforms has led to anexponential increase in cost. This paper addresses the process of concept generationwith the purpose to explore how affordability is managed in that process, in order toidentify possible measures to improve the likelihood of generating affordableconcepts. This is done by studying two cases of concept generation of future combatair systems. The concepts generated in these two cases are however not curbing thecost escalation and are, with only one notable exception, based on incrementalinnovation. Nevertheless, the empirical observations offer leads to potentially fostera more innovative and cost conscious concept generation process, indicatingavenues for future research.

Cost escalation for many complex defence equipment is arguably not sustainable. Customer driven requirements have led to an exponential increase in costs by pushing frontiers of technology to support primarily incremental improvements of traditional equipment concepts. Accordingly, affordability has become a more discussed subject indefence acquisition. This paper addresses the process of generating complex defence equipment concepts. The purpose is to explore how affordability is managed in that process and to identify possible leads to how an unsustainable cost escalation for this type of equipment can be curbed. This is done by studying two cases of concept generation of future combat air equipment systems from a company process perspective. This applied micro perspective on cost escalation showed that none of the concepts generated in these two cases were assessed to curb the cost escalation. Further, the innovation model for the generated concepts, with only one notable exception, was incremental. Nevertheless, the empirical observations from these two cases offer leads on how to potentially foster a more innovative and affordability-oriented concept generation process for future defence equipment, as well as indicating avenues for future research.

Extant theory suggests that paths of development, although identified as beingunsustainable, might be difficult to depart from. Our aim has therefore been toexplore and understand how a path change can be facilitated in a setting of complexproduct systems. We have studied a unique single case that managed a departurefrom an unsustainable cost escalation for complex defence equipment. The studyshows a relation between a path change and an opportunity, and also indicates howthis relation can be moderated by company management and customers. This isfurther clarified in a proposed model. We thereby provide both a theoretical andpractical contribution that support understanding and facilitating of path changes.

Early preliminary concepts are claimed to have a profound impact on the final product. Since these concepts often are based on intuitive judgements, it is important that these judgements are appropriate for the desired outcome. Intuition is derived from what one brings to mind, and consequently, the access to information is important for making relevant judgements. Therefore, when a departure from a present path of development is sought for, access to new information is likely to be required. Results from an experimental study, addressing affordability and concept generation, indicated that individuals were influenced, by the provision of selective information, to make more cost considerations and even to change approach when generating new concepts. It was further recognized that weak abilities to estimate costs in a lifecycle and capability perspective likely hampered low-cost ambitions. The findings from this study are suggested to contribute to theory on product development, and to support affordability when new products are developed.

This study originates in a recognised unsustainable cost escalation for complex defence equipment. In order to understand how such cost escalation for complex product systems (CoPS) can be avoided, this study comparatively explores four different industrial sectors - energy, transportation, healthcare and defence - with and without intergenerational increasing costs, represented by four international companies. The results, collected from studying the development of one of each company’s products, reveal some characteristic differences in market factors between those sectors and companies having problems with intergenerational escalating costs and customer affordability, as compared to other sectors and companies. It is suggested that dependent on market characteristics, it might be necessary to actively manage affordability when CoPS are developed. Efforts made by the companies to make products more affordable were identified, and several factors enabling and disabling the development of less costly products without compromising customer needs were explored. Further, the implications of affordability management in a CoPS setting are elaborated on.

Denna rapport beskriver utvecklingen av totalförsvaret och framväxten av området samhällsskydd och beredskap. Den ska ge en övergripande bild av hur det ser ut idag på lokal, regional och nationell nivå inom krisberedskap och totalförsvar. Det bör nämnas att rapporten främst fokuserar på utvecklingen av och förändringar i den civila delen i totalförsvaret samt på samhällsskydd och beredskap.

Syftet är att ge läsaren en förståelse för dagens krisberedskap och totalförsvar. För att få en uppfattning för varför vi befinner oss där vi är idag, är det av vikt att ha med sig en bild av historiska händelser, förändrade hotbilder och av de beslut (och ickebeslut) som fattats.

Författarna vill betona att rapporten ingalunda ger en komplett bild av krisberedskap eller totalförsvar, utan är tänkt att skapa intresse, kunskap och förståelse på ett övergripande plan.

Rapporten ska främst ses som ett stöd för högskolestudenter, beslutsfattare och handläggare genom att ge en översiktlig beskrivning över de system och funktioner som utgör svensk krisberedskap och totalförsvar. Rapporten kan läsas i sin helhet, men kan också användas som ett slags uppslagsverk för den läsare som är intresserad av en särskild tidsperiod, händelse eller ett beslut.

For many years, we have noticed that different courses of action (COA) developed by Joint Operational Planning Groups (JOPG) for solving the same mission seldom rarely differ more than marginally. This can lead to plans that are predictable for an opponent. If we want to be able to expose an opponent to surprise and complex problems, predictable plans are not good.Planning doctrine only based on the past experience is most often not the best when preparing for missions in future operations, therefore more creative and divergent thinking is needed.In this paper we discuss conditions for COA development that stimulate creative and divergent thinking. We also discuss how planners continually alternate between divergent and convergent thinking before and during execution of operations.

The aim of this report is to present consolidated results from case studies of the development processes of the SEP multipurpose armored vehicle and the Visby class corvette respectively.

The report is intended as an annex to a journal article named “Key requirements in the procurement of future Low Observable combat vehicles: A European perspective” published in the journal of Systems Engineering in 2017.

Results filtered from interviews and document reviews are presented based on the structure of the Friedman-Sage framework (Friedman & Sage, 2004) for case studies on systems engineering. Firstly, data collected from the two case studies are presented and then the lessons identified consistent with both cases. The sources, an overview of the two cases studied and the application of the framework are described in the journal article.

The aim of this study is to propose guidelines for the systems engineering of future stealth combat vehicles using Low Observable Technology (LOT). A case study approach, based on interviews and document reviews, was used to analyze the systems engineering processes of the SEP multirole armored vehicle and the Visby class corvette respectively. The result is a thorough investigation of what worked in the cases studied, butwith lessons extrapolated into recommendations for future development programs. These will have to deal with an increasingly complex sensor threat and a transformed, multilateral, European procurement environment. The main conclusion is that coherence and traceability between military needs on the battlefield and signature requirements is expected to be particularly challenging. A workflow tailored for requirements analysis in LO combat vehicle programs has, therefore, been derived and is presented here. In addition, themost important enablers for future multilateral development programs involving LOT have been identified as: establishing common best practices, demonstrator programs, an integrated product team approach, and, in line with similar work on combat aircraft, establishing stealth as a key architectural  principle.

A plethora of views, definitions and concepts concerning military capability can cause misunderstandings among scholars and professionals in the defence and security sector, as well as they can confuse the public on important issues. This study captures and describes a few in an effort to increase awareness; Combat Power, Fighting Power, Joint functions, Warfighting functions, Elements of combat power, Warfighting Capability, DOTMLPF(I), TEPIDOIL, Fundamental inputs to capability, Defence lines of Development, and Military Power. The study also highlights their systemic character and guides the reader briefly in matching issues with suitable concepts.

Appendix 1 matches Swedish concepts to those listed in the study.

There is an ongoing duel between military sensor development and developments in signature management. The last decade, with warfare characterized by joint expeditionary operations and asymmetry, has favored sensors. However, on account of the worsening security situation in Europe, there is now also an increasing interest in efforts to increase survivability of own military platforms. Spectral design is one of several promising technologies with extensive research potentially suitable for Low Observable platforms. It involves creating desired spectral optical responses from surfaces, in this case reducing contrast to background, by choosing suitable materials and structures. The challenge to a military decision-maker, faced with inherent uncertainties concerning the future and with limited resources, is how to choose among alternative capabilities, technologies or equipment. Correspondingly, on account of the system character of the signature attribute, researchers in technologies for signature management has difficulties communicating relevant basis for these decisions. The scope of this thesis is therefore to find and analyze patterns in decision situations involving technology or technical systems for military use, and the purpose is to propose conceptual and methodological contributions to support future decisionmaking. The technology focus is on spectral design and the application in focus is signature management of Low Observable military platforms. The research objective is addressed from a military system and capability centric perspective using methods from several disciplines in the military sciences domain. The result is synthesized from four separate studies: 1) on spectral design using systematic review of literature, 2) on military utility using a concept formation method, 3) on modeling for how to operationalize a link between spectral design and measures of military utility using methods of military operations research, and, 4) on cases of systems engineering of military Low Observable platform designs. In summary, the result of the work presented in this thesis is a compilation of related work in military sciences, systems engineering and material optics into a framework to support effective decision-making in relevant contexts. The major contribution to theory is a proposed concept called Military Utility, capturing how to communicate the utility of technical systems, or technology, in a military context. It is a compound measure of Military Effectiveness, Military Suitability and Affordability. Other contributions can be expected to support decision-making in practice; - the so-called Ladder-model is a template for how to quantitatively operationalize the military effectiveness dimension of Military Utility regarding the use of spectral design; - an applied Ladder-model is demonstrated, useful for analyzing the military utility of spectral designs in Low Observable attack aircraft; - a probabilistic framework for survivability assessments is adopted into a methodology for doing the analysis, and lastly; - a generic workflow is identified, from relevant development programs, including decision-situations that can benefit from the adopted methodology.

The purpose of this report is to describe the Swedish Defence University (SEDU) Military Utility Assessment Method for Future Technologies (MUAFT). The report describes the actions taken in each step of the process and ends with references and a template for the technology memos used as basis for assessment.

How can we understand intelligence assessments and intelligence work? The intelligence literature offers several plausible causes of failures and the consequences of such failures. However, there is a direct lack of theories or frameworks that connect these variables, that is, there is an incomplete understanding of both how those variables interact and their underlying mechanisms. Failures as such do only give one part of the picture. Why intelligence succeed is equally if not more important to understand. The military intelligence service from an institutional perspective may help to give this understanding.

This study connects these variables with Ostrom’s Institutional Analysis and Development (IAD) framework, which yields a model to understand the mechanisms of institutional on the assessment and lays a foundation for a common terminology. The study uses the Swedish military intelligence institution active in Afghanistan between 2008 and 2012 as a case.

Intelligence is vital for the outcome of battles. As long as humans wage war, there will be a need for decision support to military and civilian leaders regarding adversaries or potential adversaries. However, the production of intelligence is neither easy nor without pitfalls. There is a need to better understand the predicaments of intelligence analysis.

Intelligence is bureaucratically produced as well as socially constructed and created in a distinct cultural context. The ‘institution’ captures these three aspects of influence. Therefore, with a particular focus on military intelligence, this thesis aims to deepen the understanding regarding institutional influence on intelligence assessments. The literature regarding intelligence has grown steadily over the last three decades. However, theories and frameworks aimed to understand the phenomenon are still sparse. This is even more true for literature regarding contemporary military intelligence. This thesis intends to contribute to bridging these research gaps. This is done by studying the Swedish military intelligence institution from several different perspectives: its rules-in-use, shared beliefs, and the incoming stimuli primarily related to conducting threat assessments.

More precisely the thesis investigates the use of quantitative methods, doctrines (i.e. the formal rules), and shared beliefs connected to epistemological assumptions and threat assessments. The main contribution of this thesis is that it establishes and describes a casual link between a military intelligence institution and an assessment, by drawing upon rulesin-use and belief systems and their effect on the mental model and consequently the perception of the situation connected to a cognitive bias, and thereby its effect on a given assessment. The thesis makes an effort to render intelligence studies more generalizable, by way of adopting the Institutional Analysis and Development (IAD) framework. The metatheoretical language of the IAD is a promising avenue for explaining and describing the institutional influence on intelligence assessments.

Quantitative evaluations are valuable in the strive for improvements and asserting quality. However, the field of Command & Control (C2) evaluations are hard to navigate, and it is difficult to find the correct measurement for a specific situation. A comprehensive Scoping Study was made concerning measurements of C2 performance and effectiveness. A lack of an existing appropriate framework for discussing C2 evaluations led to the development of the Crisis Response Management (CRM) Matrix. This is an analysis tool that assigns measurements into categories, and each category display unique strengths, weaknesses and trends. The analysis yielded results proving to be too rich for a single article, thusly, this is the first of two articles covering the results. In this article, the Practitioners Guide focus on results valuable for someone interested in evaluating C2. Each evaluation has specific requirements that, for best result, ought to be reflected in the chosen measurement.

The European Commission’s initiatives in the field of armament should lead to a deeper integration of European DTIBs in the coming years. In parallel, the links between European and American DTIBs take the form of technological and armament cooperation, and of capital links between European or American companies. This report aims at analysing the links between the US DTIB and the EU DTIB, and the consequences these links carry on cooperation between European DTIBs.

These links vary by country. France has strived to preserve its strategic autonomy when developing its DTIB. Its technological and capability-related reliance on the United States has thus remained limited. Nonetheless, cooperation is sought when it is mutually beneficial while French companies seek to invest in the US market, as do other European DTIBs.

The German DTIB was rebuilt belatedly after World War II, partly on the basis of French-German cooperation. German industry is now privatised and the scope of the German DTIB’s partnerships has widened to other European countries and to the US. The German supply chain is now well established in American armament programmes.

The Italian DTIB has consistently pursued a policy of active cooperation, whether with the US or with EU member states. Links with the US have notably been built in the context of NATO and through bilateral agreements. In parallel, Italy has developed partnerships with European countries. Rome’s cooperation policy is thus inclusive, and has considered diverse factors such as political links, capability requirements, the need to develop certain technologies and to preserve industrial capabilities and jobs in Italy.

The British DTIB has historically enjoyed deeper links with US industry, as a result of the cultural closeness between the UK and the US, and of the strategic proximity that dates back to the end of World War II. The links between US and UK DTIBs thus follow a model of strategic partnership. Nevertheless, the UK’s industrial and defence policy is also pursued within a European framework. The missile manufacturer MBDA is nowadays considered as the deepest model of transnational industrial and defence integration in Europe.

While Sweden seeks to preserve its industrial capabilities in two sectors – submarines and military aircraft – it appears to be most technologically reliant on the US among the surveyed countries. It is worth noting also that these links are long-standing, dating back to the cold war and the Soviet threat, despite Sweden not being a NATO member state.

The links with the US are thus very different from one country to another, and carry varying implications. While the costs of acquiring American equipment can be low despite their high technological grade, there are often constraints on their use and restrictions on technologies that will not be transferred, or that will be unusable for other partnerships.

These links are also formalised through bilateral agreements promoting armament cooperation, as is the case for UK-Italian cooperation. For its part, Sweden has signed interstate agreements with the US in the field of technological cooperation.

DEFENCE INDUSTRIAL LINKS BETWEEN EU AND US / September 2017

3

Since the European Council meeting in December 2013 and in its 2016 Global Strategy, the EU has set itself the task of developing "a certain degree of strategic autonomy" supposed to encourage greater competitiveness of European DTIBs.

In order to promote the development of this European defence industrial policy, we must seek to ensure that the links between US and EU DTIB are mutually beneficial. To do this, two conditions must be met:

-That the rules governing relations between US and EU DTIB be based on the principle of reciprocity and on equal rules of regulation of respective DTIBs.

-That the rules governing relations between US and EU DTIB be defined in the context of a dialogue between the European Union and the United States and not bilaterally between each European country and the United States.

Today the multiplication of bilateral agreements between the United States and European Union member states are potential obstacles to the establishment of a level playing field governing the relations between European DTIBs;

There is also a lack of reciprocity and equal regulation of EU and US DTIB. This concerns different areas: access to advanced capabilities, unrestricted use of exported armament, access to cooperated technologies, rules governing investment in US and European companies, rules governing property rights over technologies, rules governing export controls.

Organizing the transatlantic relationship in the field of armaments in order to have a more balanced and profitable relationship, can be achieved in two complementary ways.

At the European level, the European Defence Research Program (EDRP) will have strong implications for the relations between the companies of the US DTIB and the EDTIB. The rules governing access to finance and the ownership of intellectual property rights (IPR), which will be adopted for collaborative R&T projects involving European defence companies, will result in a common framework governing the relationship between these companies and the US EDTIB: the more Europeans will collaborate among themselves in the field of defence research, the more they will be able to set common and mutually beneficial rules in their relationship with the United States.

It may also be considered that some EU States will decide to engage in enhanced cooperation in the industrial defence field which could include the following rules:

-Obligation to achieve a level of 30% R&T in common among the members of the enhanced cooperation, which means 10% more than the target that was defined 10 years ago by the European Defence Agency and that is regularly reminded in the objectives of the European Union;

-Obligation to inform members of enhanced cooperation of agreements on defence R&T cooperation concluded with the United States so as to ensure compatibility of these agreements with existing agreements between members of enhanced cooperation. The objective is to prevent agreements with the United States from subsequently restricting the scope of existing agreements between European countries;

DEFENCE INDUSTRIAL LINKS BETWEEN EU AND US / September 2017

4

-Obligation to systematically consider the acquisition of military equipment manufactured by one of the member countries of enhanced cooperation. This should be accompanied by reinforced security of supply rules;

-The need to bring the export policies of the member states of the enhanced cooperation closer together.

These rules, complementary with, and not contradictory to, those which are being defined at European Union level, would accelerate industrial defence consolidation in Europe and make it possible to consider on a more balanced, mutually equally beneficial, basis relations between the United States and the European Union in the field of armaments. These rules would also be inspired by political principles: to strengthen the strategic autonomy of the European Union when necessary. Far from forbidding cooperation between the US and the EU DTIB, such enhanced cooperation would be facilitated because cooperation between US EDTIB and EU DTIB would not be a brake on European cooperation, as it is currently still too often the case.

The aim of this article is to present how Chinese strategies are manifested into offensive cyberspace operations targeting Sweden. It is commonly known that People’s Republic of China (PRC, and in this definition the meaning of thegovernment and its military), uses five-year plans (FYP) for social and economic steering strategy of their country. This has been going on since 1953 until today. In 2015, the national strategic plan Made in China 2025 (中国制造2025) was launched by Le Keqiang, the Premier of the State Council of PRC. The main goal with this plan is to strengthen the economic development. In addition, Chinese military strategists noted the importance of information warfare and intelligence during military operations. This article is based on open sources: the official English translated version of the 13th Five-year plan (FYP) and other reporting on cyberspace operations linked to the PRC. A number of cases are presented to highlight the link between the PRC FYP and their targets. Next, the current situation in Sweden is presented and how the country is targeted by PRC-linked activities, both in and through cyberspace, but also military infiltration on academia. The results show that Sweden has been, and is continuously the target of offensive cyberspace operations. In parallel, the country is also the target of military infiltration on the academia, and direct investment strategies such as Huawei attempting to compete for the 5G frequency actions arranged by the Swedish Post and Telecom Authority. In conclusion, Sweden will continue to experience cyberespionage from PRC on all levels and on all domains; science, technology, IP and privacy information theft. Previously unveiled cyberspace operations cases in this article have proven to be a convenient strategy for the PRC to reduce its research and development gap in several ways; innovatively, financially and to shortening the time-to-market (TTM).

Exposure to geogenic contaminants (GCs) such as metal(loid)s, radioactive metals and isotopes as well as transuraniums occurring naturally in geogenic sources (rocks, minerals) can negatively impact on environmental and human health. The GCs are released into the environment by natural biogeochemical processes within the near-surface environments and/or by anthropogenic activities such as mining and hydrocarbon exploitation as well as exploitation of geothermal resources. They can contaminate soil, water, air and biota and subsequently enter the food chain with often serious health impacts which are mostly underestimated and poorly recognized. Global population explosion and economic growth and the associated increase in demand for water, energy, food, and mineral resources result in accelerated release of GCs globally. The emerging science of "medical geology" assesses the complex relationships between geo-environmental factors and their impacts on humans and environments and is related to the majority of the 17 Sustainable Development Goals in the 2030 Agenda of the United Nations for Sustainable Development. In this paper, we identify multiple lines of evidence for the role of GCs in the incidence of diseases with as yet unknown etiology (causation). Integrated medical geology promises a more holistic understanding of the occurrence, mobility, bioavailability, bio-accessibility, exposure and transfer mechanisms of GCs to the food-chain and humans, and the related ecotoxicological impacts and health effects. Scientific evidence based on this approach will support adaptive solutions for prevention, preparedness and response regarding human and environmental health impacts originating from exposure to GCs.

The development of ballistic missiles, more effective cruise missiles, and increased sensor capabilities imply both new capabilities and challenges in a future operational environment. One effect this has is that the time from detection of a threat, to being able to respond, and to act on it will be significantly reduced. This article illuminates some current and future threats that are emerging and will be part of an increasingly complex battle space. The purpose of the research is to test and evaluate different C2 solutions for future ISR. The benefit of the proposed research is that it can provide design propositions for future ISR systems and its C2 function. In addition, the research may support design and acquisition of future automated systems and AI. Framing a conceivable development of a future battlefield and its character is important to obtain sufficient realism under the conditions that the proposed experimental series is intended to test. For the experimental series, the microworld C3Fire is currently under consideration as a platform for the trials. This, among other things, for its good configuration possibilities and being able to create reliable experimental conditions.

In a future and data-intensive operating environment, threats can be assumed to vary considerably. One example of such threats is missiles that can achieve speeds of Mach 5 and above. To handle this type of threat alone, it implies at least two things. First, that a suitable operational picture is provided that take account for future long distance threats. Second, it is likely that it will be even more important to be able to collect, filter, process and understand relevant data to make priorities and make proper decisions under short time conditions. Third, when considering threats by cyberwarfare, these threats can be considered as conducted in the speed of light. This, in summary, will probably suppose an efficient and dynamic command and control (C2) of available and different types of sensors, from directly controlled to sensors guided by artificial intelligence (AI), on a future battlefield. In this paper, we propose an experimental study to investigate from which levels of sensor C2 that can be centralised, decentralised, or a combination thereof, and which seems to be sufficient to be able to in time respond to threats in a geographically and by information enlarged operating environment.

The SoDark cipher is used to protect transmitted frames in the second and third generation automatic link establishment (ALE) standards for high frequency (HF) radios. The cipher is primarily meant to prevent unauthorized linking and attacks on the availability of HF radio networks. This paper represents the first known security analysis of the cipher used by the second generation ALE protocol—the de facto world standard—and presents a related-tweak attack on the full eight round version of the algorithm. Under certain conditions, collisions of intermediate states several rounds into the cipher can be detected from the ciphertext with high probability. This enables testing against the intermediate states using only parts of the key. The best attack is a chosen-ciphertext attack which can recover the secret key in about an hour with 100% probability, using 2⁹ chosen ciphertexts.

S-boxes are often the only nonlinear components in modern block ciphers. They are commonly selected to comply with very specific criteria in order to make a cipher secure against, for example, linear and differential attacks. An M x N S-box can be thought of as a lookup table that relates an M-bit input value to an N-bit output value, or as a set of N boolean functions of M variables (Schneier, 1996).

Although cipher specifications generally describe S-boxes using their lookup tables, they can also be described as boolean functions or logic gate circuits. sboxgates, which is presented here, finds equivalent logic gate circuits for S-boxes, given their lookup table specification. Generated circuits are output in a human-readable XML format. The software can convert the output files into C or CUDA (a parallel computing platform for Nvidia GPUs) source code. The generated circuits can also be converted to the DOT graph description language for visualization with Graphviz (Ellson et al., 2002).

This memo specifies Network Time Security (NTS), a mechanism for using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the client-server mode of the Network Time Protocol (NTP).

NTS is structured as a suite of two loosely coupled sub-protocols. The first (NTS Key Establishment (NTS-KE)) handles initial authentication and key establishment over TLS. The second (NTS Extension Fields for NTPv4) handles encryption and authentication during NTP time synchronization via extension fields in the NTP packets, and holds all required state only on the client via opaque cookies.

Enterprise architecture (EA) has been established as a discipline to cope with the complex interactions of business operations and technology. Models, i.e., formal descriptions in terms of diagrams and views, are at the heart of the approach. Though it is widely thought that such architecture models can contribute to improved understanding and decision making, this proposition has not rigorously been tested. This article describes an experiment conducted with a real EA model and corresponding real traditional documents, investigating whether the model or the documents lead to better and faster understanding. Understanding is interesting to study, as it is a prerequisite to other EA uses. The subjects (N = 98) were officer cadets, and the experiment was carried out using a comprehensive description of military Close Air Support capability either (1) in the form of a MODAF model or (2) in the form of traditional documents. Based on the results, the model seems to lead to better, though not faster, understanding.

In November 2020, the Swedish government initiated an enquiry with the task to propose a future materiel supply strategy for Sweden’s military defence. Ba[1]sed on this task, we discuss which actors make up today’s national defense industry, specifically within the naval domain. In order to maintain a high rate of innovation, there should be a continuous inflow of new actors. There are different ways to make it possible and attractive for start-ups and other small firms to operate in this complex market. The author suggests in-depth studies of how other nations have approached this issue, and recommends that innovation ecosystems be initiated, centered on specific product platforms, i.e. naval ship classes. 

Future Command and Control (C2) need to be both agile and resilient to cope with unpredictable operational environments and to make use of the technological advances. The Swedish Armed Forces develops a concept for future C2 of military operations. The objective of this paper is to explore the utilization of mission command in a future C2 concept. Sweden has a solid tradition of mission command, promoted by the Swedish culture of participation and empowerment. However, the future operational environment demands a need for organizational agility, thus changing the prerequisites for mission command. The future C2 concept, which is under development, encompasses centralized and decentralized command in fixed and temporary organizations. Centralized approaches may be preferred when it comes to prioritization of technologically advanced exclusive resources. On the other hand, dynamic situations demand rapid decision making and seizing the opportunity given in the moment. The future operational environment includes hybrid warfare and gray zone issues, demanding thorough analysis in order to foresee the political consequences of decisions. Sensor and communication technologies enable enhanced situation awareness; however, the infrastructure is vulnerable. The current paper analyses the application of mission command in the future operational environment, and further mission command in relation to organizational agility. The conclusion is that mission command is still relevant in the complex future operational environment. However, the increasingly complex operational environment demands continuous development of the C2 function.

The annual cyber defense exercise Locked Shields is the world’s largest unclassified defensive exercise. The exercise participants form “blue teams” that are tasked to defend their critical infrastructure against an attacking “red team.” The blue teams are scored based on how well they keep their essential system functions running and the extent to which they manage to assess and report what they are exposed to. During Locked Shields 2019, 24 blue teams from 30 countries participated in a two-day exercise. The case study presented in this paper focuses on one of the blue teams. The team consisted of around 60 people from governmental institutions as well as private companies. The objective of this paper is to explore the possibilities to collect meaningful data for research on Command and Control, C2, Cyber Situational Awareness, CSA, and Intelligence in conjunction with an inter-organizational cyber defense team during a cyber defense exercise. During preparations preceding the exercise, the research team observed the development of strategy, coordination structures and organization in the temporarily formed team as it prepared to solve the highly challenging exercise tasks. During the exercise, data collection included questionnaires, observations, team communication logs, reporting from the blue to the white team and performance scores. The data collection sought to satisfy needs within three research themes - 1) command and control, C2, 2) cyber situational awareness, and 3) intelligence. A review of the dataset showed that the data is well suited for further analysis. The paper presents initial results as well as an outline of how the different types of data collected contribute to research within the three research themes.

The conditions for military operations have changed due to, e.g., globalization, climate change, and nations' ambitions and actions. This has resulted in new demands on command and control (C2) capability. Further, the rapid evolution of information technology has provided vigorous opportunities to enhance the C2 capability, e.g., through advanced communication, information management, and decision support. However, the need to rely on modern technology also causes increased vulnerabilities. The sociotechnical nature of C2 systems means that the development of C2 systems is complex and challenging. Developing C2 concepts requires collaboration between people from different knowledge disciplines, traditions, and perspectives. Therefore, there is a need for elaborated concept development approaches and structures that promote collaborative efforts. The objective of this paper is a framework for the development of C2 concepts that enhance the collaboration of people from different traditions. The study was carried out as case study performed in two steps: theoretical development and formative evaluation. The case study targets the development of C2 concepts for future military operations of the Swedish Armed Forces. The framework includes terminology models, a development process, and system representations. The case study shows that in diverse teams, it is essential to agree upon terminology, development process, and systems representations used for the development to avoid misunderstandings and unnecessary rework. The framework explored in this paper is only in its first version. However, the development and the application of the framework was found to facilitate and focus the work of the multi-disciplinary team.

Föreliggande bok har ambitionen att sätta samman tre års forskningsresultat (2016-2018) inom ramen för det av Försvarsmakten (FM) finansierade forskningsprojektet Ledarskap och ledning i en förändrad organisatorisk kontext och omsätta kunskaper till ett pedagogiskt och lättillgängligt material som kan användas i såväl Försvarshögskolans ordinarie kurs- och utbildningsprogram, som enskild läsning eller som utgångspunkt för gruppdiskussioner, seminarier och förberedelser inför något av de teman som tas upp i boken. Bokens innehåll speglar forskningsprojektets sammansättning som består av forskare från Ledarskapsavdelningen i Stockholm, Försvarshögskolans Ledarskapscentrum i Karlstad, och Ledningsvetenskap i Stockholm. Att bokens empiri kommer från militär kontext hindrar inte att bokens innehåll även kan vara av stort intresse för civila läsare, särskilt inom ramen för dem med intresse för civil-militär samverkan i såväl nationella som internationella insatser.

For the purpose of Technology Forecast 2021 five reports from the German Fraunhofer Institute were chosen by FMV (and SwAF) and given to Systems Science for Defence and Security Division to analyse and assess within the timeframe up to 2040.

The following research reports were reviewed by the working group at SEDU:

·       Adversarial Machine Learning 

·       High Entropy Ceramics

·       Large Unmanned Underwater Vehicles

·       Living Sensors

·       Machine Learning in Materials Development

The aim of the Technology Forecast seminars and the finished product, this report, is to assess the potential military utility of the reviewed technologies and how they may contribute to the Swedish Armed Forces’ operational capabilities based on the presented concept(s) and scenario(s). 

The military utility is categorised by one of four assessments: Significant, Moderate, Negligible or Uncertain.

The following technologies were assessed to potentially have significant military utility:

·       High Entropy Ceramics

·       Machine Learning in Materials Development

·       Adversarial Machine Learning

The following technology was assessed to potentially have moderate military utility:

·       Large Unmanned Underwater Vehicles 

The following technology was assessed to have uncertain military utility:

·       Living Sensors

Cyber-attacks have increased since the 1988-Morris worm and can target any connected device from any place in the world. In 2010, Stuxnet received a lot of attention as the first cyber-weapon. Its targets were the Iranian nuclear enrichment centrifuges. Nation states are developing cyberspace capabilities to conduct offensive cyberspace operations. Academic researchers have been calling for a more transparent discussion on offensive capabilities and have pointed out the positive impact researchers had during the development of nuclear capabilities. Shrouded in secrecy, the development of offensive capabilities used for operations makes it difficult to conduct research. Therefore, one way to mitigate this is to conduct a systematic review of the current state of research in offensive cyberspace operations. The systematic review method makes it possible to establish certain inclusion and exclusion criteria and systematically go through academic articles to identify the contents, thoughts and research focus of academic researchers. Six scientific databases were queried and 87 articles were read and clustered. The first insight is that, based on the results of the queried databases, research about offensive cyberspace operations is limited. The resulting clusters are a general cluster about cyberspace operations, followed by research in policy, decision-making, governance, capabilities, levels, models, training, deterrence and international affairs. These are then further grouped into: a) general cyberspace operations; b) deterrence; c) international affairs; d) modelling, simulation and training. The article concludes that research into offensive cyberspace operations is maturing as more information is becoming public. Secondly, current research lists some good basic ideas regarding effects which can be achieved through offensive cyberspace operations, how they should be conducted, and related tools, techniques and procedures. However, discrepancies in research efforts exist, with the majority of research coming primarily from the western world. In addition, secrecy and the resulting limited access to information, coupled with research being either too technically focused or too qualitatively focused, show that there still remains room for research in this field. Finally, some directions for future research are examined.

This article reviews the question what is a substantial contribution to a research project in offensive cyberspace operations that merits co-authorship? Frustrations and conflicts may develop during research projects when researchers with different backgrounds, cultures, research fields and expertise decide to conduct research and produce and publish those results. The focus of this paper is a research project in cyberspace operations while taking into account the power-dynamics inherent in the academic system and how these can affect the co-authorship of research products. First, the purpose with doing research is presented. Next, three models of the research process are reviewed, describing their differences and similarities. Then, linguistic analysis is applied on a set of terms in guidelines for co-authorship described in some different universities in Sweden. The results present a model for a research project in offensive cyberspace operations and based on the output of the linguistic analysis, the model is used to quantify and describe what a substantial contribution is in three scenarios that merits co-authorship. 

This article addresses the rise in state-sponsored cyber attacks over the past three decades and proposes a new ambidextrous framework for offensive cyberspace operations. Since 1982, nation states have embarked in a fierce race to develop both clandestine and covert offensive cyber capabilities. Their intended targets range from foreign militaries and terrorist organizations to civilian populations and the critical infrastructures that they rely upon. Advancements in cyber security have, however, contributed to the discovery and attribution of offensive cyber operations, such as state-sponsored ransomware attacks, where state-built cyber capabilities have been used to attack governments, industries, academia and citizens of adversary nations. The financial and psychological costs of these ransomware attacks are today a threat to any state’s national security. This article draws from academic research, the cyber military doctrines of four countries—a total of eight models from the Netherlands, Sweden, the U.S., and the U.K.—and the authors’ operational experience to propose a new ambidextrous framework for offensive cyberspace operations. This ambidextrous framework for offensive cyberspace operations and the associated Cyberspace Operations Canvas are needed today in order to increase the resilience of national critical infrastructures against attacks from state-developed tools. We use the WannaCry-case to illustrate how the implementation of the ambidextrous framework for offensive cyberspace operations would result in increased awareness and understanding of the prospective cyber threats, their intended target(s), the likelihood of cascading effects and the options available by nation states to minimize them.

This article addresses the question ‘what considerations should be taken by cyber commands when designing attack infrastructure for offensive operations?’. Nation-states are investing in equipping units tasked to conduct offensive cyberspace operations. Generating ‘deny, degrade, disrupt, destroy or deceive’ effects on adversary targets requires to move from own (‘green’), through neutral (‘grey’), to adversary (‘red’) cyberspace. The movement is supported by attack infrastructure for offensive cyberspace operations. In this paper, we review the professional and scientific literature identifying the requirements for designing an attack infrastructure. Next, we develop and define the concepts for attack infrastructure. Finally, we explain and describe the considerations for designing attack infrastructure. The research question is answered by proposing a framework for designing attack infrastructure. This framework is vital for military and civilian commands designing attack infrastructure for offensive cyberspace operations. 

Cyber deterrence is a strategy to deter attackers from conducting cyber-attacks in the first place. However, several issues exist when implementing cyber deterrence, which are identified in this paper. The findings show (1) non-existence of the deterrence strategy  (2) no doctrine or decision competence to retaliate to an adversary, (3) the armed forces have no authority to retaliate when Swedish sovereignty in Cyberspace is threatened, (4) no norms or regulations exist concerning retaliation, (5) no clear governance on using offensive cyber capabilities, and finally, (6) no credibility in its cyber deterrence posture regarding how much Sweden is willing to sacrifice to protect its electoral system, which is a Swedish national interest. Therefore, this research investigates how cyber deterrence can practically be implemented in Swedish cyber security policy. So far, researchers generally focused on the human aspect of cyber deterrence. By using the case study research strategy and utilizing the Swedish electoral system as a case, this paper examines possibilities to merge the human dimensions of cyber security with the technological dimensions. Data collection is performed through documents studies and semi-structured interviews with experts in the area to identify cyber deterrence components. Further, a mathematical approach is discussed in the paper to express the relationship between an adversary and a deterrent depicting each of the actor’s risk calculus. A result of the research work performed in this paper, the deterrence components for Swedish cyber deterrence are proposed and risk calculus is performed. Moreover, measures to increase Swedish cyber deterrence posture are proposed the practical implementation of cyber deterrence in Swedish cyber security policy in order to deter attacks on the Swedish electoral system is demonstrated.

Den här rapporten presenterar vilka nationella outtalade normer som kan utläsas hos nio stater som bryter mot internationella överenskommelser i cyberrymden. Det finns olika sorters normer och många definitioner på vad det är, där uttalade normer ofta associeras till skrivna regler, medan outtalade normer associeras till underliggande värderingar som exempelvis styr diplomati. Diplomati är en praktik i hur stater ska interagera med varandra. Den Ryska Federationen använde sig exempelvis av diplomati 1998 under det första utskottet av FN:s generalförsamling då de lyfte frågan om hur informations- och telekommunikationsteknologier kan påverka internationell säkerhet. FN antog då en resolution och 2014/2015 presenterade de elva uttalade normer som ska gälla för ansvarsfullt statligt beteende i cyberrymden. Resultatet i denna rapport visar att alla nio stater har brutit mot FN:s uttalade normer men i olika grad/utsträckning. Resultatet visar därför på att de nationella outtalade normerna som kan utläsas hos de nio staterna under granskning i cyberrymden följer den geopolitiska och geoekonomiska situationen i den internationella miljön.

This article addresses the question under which circumstances zero-day vulnerabilities should be disclosed or used for offensive cyberspace operations. Vulnerabilities exist in hardware and software and can be seen as a consequence of programming errors or design flaws. The most highly sought are so-called zero-day-vulnerabilities. These vulnerabilities exist but are unknown and, when exploited, enable one way of entry into a system that is otherwise not thought possible. Therefore, from an anticipatory ethics perspective, it is important to understand in what cases zero-days should be disclosed or not.

This article presents the ethical issues using offensive cyberspace operations. Previously enshrouded in secrecy, and now becoming the new norm, countries are using them to achieve their strategic interests. Russia has conducted offensive operations targeting Estonia, Georgia and the Ukraine; Hamas was targeting Israeli targets; and Iran has been targeting U.S. targets. The response has varied; Estonia and Georgia struggled with the attacks and were unable to respond while Ukraine tried to respond but it was inefficient. Israel’s response on Hamas offensive operations was an air strike on a building with Hamas Cyber-operatives. Iran shot down a U.S. Drone over the Strait of Hormuz, and the U.S. initially intended to respond with kinetic capabilities in the form of missile strikes. However, in the last minute, the U.S. chose to respond with offensive cyberspace operations targeting the Iranian missile systems. This last-minute change of response choosing between kinetic or cyber capabilities shows a need to further investigate how offensive cyberspace operations can be used against which targets from an ethical perspective. This article applies anticipatory ethical analysis on U.S. offensive operations in the “Global Hawk”-case when Iran shot down a U.S. drone over the Strait of Hormuz. Anticipatory ethical analysis looks at emerging technologies and their potential consequences. Offensive cyberspace operations present a range of possibilities, which include lowering the risk of harm to cyber operatives’ lives belonging to the responding nation. However, a response can also be kinetic. Therefore, the analysis of the “Global Hawk”-case is compared with the Israeli-air strike of the building of Hamas Cyber-operatives. The authors argue that applying anticipatory ethical analysis on offensive operations and kinetic operations assist decision makers in choosing response actions to re-establish deterrence.

This article presents the ethical dilemma related to under what circumstances vulnerabilities should be disclosed. Vulnerabilities exist in hardware and software, and can be as a consequence of programming errors or design flaws. Threat actors can exploit these vulnerabilities to gain otherwise unintended access to information systems, resources and/or stored information. In other words, they can be used to impact the confidentiality, integrity and availability of information in information systems. As a result, various types of vulnerabilities are highly sought after since they enable this type of access. The most highly sought are so-called “zero-day”-vulnerabilities. These are vulnerabilities that exist but are unknown, and when exploited, enable one way of entry into a system that is not thought possible. This is also why zero-day vulnerabilities are very popular among criminal organizations, states and state-sponsored advanced persistent threats. The other side of the coin is when a state identifies a zero-day, and ends up in the ethical dilemma of whether to release the news and inform the vendor to patch it, i.e. close the vulnerability, or to use it for offensive or intelligence purposes. This article employs these distinctions to apply anticipatory ethics in the Stuxnet-case. Stuxnet was a computer software that was allegedly developed by the U.S. together with Israel to disrupt Iran’s development of uranium for their nuclear program. More exactly, it was developed to disable the uranium centrifuges used to enrich uranium. To achieve this, Stuxnet exploited four zero-day vulnerabilities and, according to some experts, managed to delay Iran’s nuclear program by one to two-years, forcing them to the negotiation table. Using vulnerabilities like zero-days presents opportunities but also risks. The results of the application of anticipatory ethics to the Stuxnet case are then compared with the “Osirak”-case and the “al-Kibar”-case. Osirak was the nuclear reactor in Iraq and was bombed in 1981; al-Kibar was the nuclear reactor being built up in Syria, also bombed in 2007.

The Executive Order 13800—Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure—issued by the President of the United States, calls for an evaluation of the “readiness and gaps in the United States’ ability to manage and mitigate consequences of a cyber incident against the electricity subsector.” In May of 2018, the Office of Management and Budget finished evaluating the 96 risk assessments conducted by various agencies and published Federal Cybersecurity Risk Determination Report and Action Plan (Risk Report). While the report embraced a broad defending forward strategy, it made no reference to smart grids or their vulnerable intelligent substations and did not address how federal agencies plan to respond to emerging threats to these systems. While the paper does not discuss how to attack the smart grids in the cyber domain, the contribution to the academic debate lies in validating some of the vulnerabilities of the grid’s substations in order for government, private industry, academia, and civil society to better collaborate in disrupting or halting malicious cyber activities before they disrupt the power supply of the United States and its Transatlantic allies. We also discuss how Artificial Intelligence and related techniques can mitigate security risks to cyber-physical systems. Until this technology becomes available, however, standardization of cyber security efforts must be enforced through regulatory means, such as the enforcement of security-by-design Intelligent Electronic Devices and protocols for the smart grid. 

The purpose of this paper is to propose a set of dimensions for the “Endeavour Space” and provide a set of examples of endeavours that can be utilized for future studies that seek to determine the appropriate of different C2 approaches for different locations (regions) of this Endeavour Space.

The conditions for military operations have changed due to many things and the cyber-related challenges associated with these conditions require more attention. Many cyber activities are conducted under other circumstances than conventional war that is called the grey zone between peace and war. The objective of this paper is to explore the conditions for mission command when conducting cyber operations. The distinction between war and peace has blurred and adversaries, both state and non-state, threaten the stability in many western countries. Mission command can be seen both as a philosophy and as a method. The fundamental principles for mission command as a philosophy are trust, intent focus, initiative and common ground. This paper discusses if the conditions for Mission Command have changed and are applicable while conducting different types of cyberspace operations and that offensive and defensive cyber operations imply different conditions for Mission Command. The conclusion is that Mission Command as a philosophy is still relevant, but it has to be supported by a comprehensive Command and Control (C2)-Method that is flexible and able to vary between Direct Control and Mission type Control. The C2 Method should be complemented with a dynamic and adaptive control policy for different types of cyber actions. The paper also suggests a holistic model for Dynamic Command that considers both the situations need for action and the Mission Systems C2-needs.

Sweden, as a small alliance free state with powerful neighbors, has a military history of what we nowadays call systems of systems thinking. Since the beginning of the Cold War thishas been expressed in an air force on the forefront of exploiting military innovations, not least with regard to sensor networks, datalinks, information sharing and distributed decision making. How can this history and the lessons learned come to use when future systems and technologies are to be developed to meet the uncertain future and changing threats? How does this fit with current trends such as capability-based approach and system of systemsengineering methodology? What could this mean for the development of the next generation fighter aircraft - after the Gripen E and contemporary aircraft? These questions have been studied from both a government and industry perspective, following the trend in the defense sector of a more intertwined relationship between the two, necessitated by adopting acapability view on aircraft development. This paper presents preliminary lessons identified from a case study on the project Flygvapnet 2000 (FV2000), which preceded the Net Centric Warfare era at the turn of the millennium. The analysis was based on characteristics of best practice systems of systems engineering derived from a review of literature presenting the methodology theory on capability-based approaches for analyzing, acquiring, developing, and managing military capabilities. The findings from this project will contribute to the development of systems of systems engineering methods and will spur proposals for future research.

The presence of state-sponsored actors executing offensive cyberspace operations (OCO) has been made evident in recent years. The term offensive cyberspace operations encompass a range of different actions, including cyberespionage, disinformation campaigns, spread of malware and more. Based on an analysis of past events, it is evident that state- sponsored actors are causing harm to the civilian sector using OCO. However, the degree to which civilian organizations understand the threat from state-sponsored actors is currently unknown. This research seeks to provide new a better understanding of OCO and their impact on civilian organizations. To highlight this domain, the case of the threat actor Advanced Persistent Threat 1 (APT1) is presented, and its impact on three civilian organizations discussed. Semi-structured interviews were used to research how the threats from OCO and state-sponsored actors are perceived by civilian organizations. First, a computational literature review was used to get an overview of related work and establish question themes. Next, the question themes were used to develop questions for the interview guide, followed by separate interviews with five security professionals working in civilian organizations. The interviews were analysed using thematic coding and the identified themes summarized as the result of this research. The results show that all respondents are aware of the threat from OCO, but they perceive it in different ways. While all respondents acknowledge state-sponsored actors at a threat agentexecuting OCO, some respondent’s argue that state-sponsored actors are actively seeking footholds in systems for future use while others state that the main goal of state-sponsored actors is to steal information. This suggests that the understanding of the threat imposed by OCO is limited, or at least inconsistent, among civilian security experts. As an interview study, the generalisability of this research is limited. However, it does demonstrate that the civilian society does not share a common view of the threat from state-sponsored actors and OCO. As such, it demonstrates a need for future research in this domain and can serve as a starting point for such projects.