Home / Resource Centre / Case Studies

Requirements Analysis for Central European Partners

The Challenge

The ability to communicate and interoperate with appropriate levels of security is an increasingly important requirement of NATO nations. Currently, NATO communications up to and including secret are implemented by NATO through provision of CRONOS workstations into key facilities. In 2004, one of the central European countries embarked on a new initiative to secure the necessary technical infrastructure to support a national military messaging handling system (MMHS) and the required interfaces to the new NATO Messaging System (NMS). A local Systems Integrator (SI) was keen to be in a position to bid for supplying the solution. Both parties needed to prepare for the project ahead but lacked the necessary understanding of MMHS and the standards and techniques for creating a multi-level, secure environment.

As a subject matter expert and supplier into the NMS solution, Nexor was approached to help the SI and the MoD understand MMHS and enable them to define and document their requirements for a national system and external interfaces.

The Nexor Solution

Nexor designed and delivered two five-day workshops to expose both organisations to the standards, policies and techniques required to implement a national MMHS and the necessary accreditation steps that would be needed to gain acceptance from NATO to implement cross-organisational barriers.

The workshops comprised a standard two-day course followed by a three-day interactive workshop to define the requirements of a future infrastructure. The two-day course covered the theory of MMHS including the history of the message transfer service; its components in relationship to NATO and CCEB standards, such as that of STANAG 4406; and the security services required to protect integrity, availability and confidentiality.

The three-day workshop was structured to cover the practical requirements of the MoD with regard to the following topics:

  • Infrastructure assessment including physical, logistics and dispersement
  • Security requirements driven around the Confidentiality, Integrity and Availability model
  • NATO standards requirement for email connectivity
  • Policy definition and practices
  • Information assurance
  • Business domain interconnection requirements across multi-level secure domains.

The Result

The workshops enabled Nexor consultants to help both organisations to gain a fundamental understanding of the subject matter and assisted them to take a structured approach to working through the different topic areas. As a result, the MoD was able to develop a clear requirements specification, and the SI was able to begin working more knowledgeably with Nexor and its other partners to develop a potential solution.

NEX1845COR01
Information in this document is provided as is without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose and freedom from infringement.