Tactical Cloudlets: Bringing the Cloud to the Tactical Edge

Created March 2022

Making cloud computing resources available to military personnel and first responders in the field presents accessibility and security challenges. Tactical cloudlets provide secure, reliable, and timely access to cloud resources to help military and emergency personnel carry out their mission at the tactical edge despite unreliable connectivity to the cloud.

The Power—and Challenges—of Tactical Cloud Computing

The Department of Defense (DoD) and emergency response agencies have increasingly leveraged mobile devices and cloud-based software applications to perform tasks that support their missions, including speech and image recognition, language translation, and situational awareness.

These missions often take place in hostile “tactical edge” environments with

limited computing resources

rapidly changing mission requirements

high levels of stress

unstable connectivity

limited battery power

limited technical skills in the field

security vulnerabilities due to limited infrastructure and hostile action (e.g., cyber attacks)

Providing secure, reliable, and flexible computing resources in these environments means that there is a need to “carve out” a piece of the cloud to make it accessible at the tactical edge in a secure, reliable, and timely manner.

How Tactical Cloudlets Support Missions

The SEI has developed “tactical cloudlets,” which are forward-deployed, discoverable computing nodes that can be hosted on vehicles or other platforms to support missions by providing

extended computing power. Computation-intensive applications and large data sets that exceed computation and storage capability on mobile devices can be hosted on nearby cloudlets.
forward data staging. Data sets needed for a mission can be pre-loaded on cloudlets to support disconnected operations (i.e., cloudlets disconnected from the enterprise).
data filtering and formatting. Cloudlets can remove unnecessary data from streams intended for dismounted warfighters to deal with reduced bandwidth and human attention or reformat data to address physical limitations of mobile devices such as reduced screen size.
data staging. Cloudlets can serve as collection points for data collected in the field from sensors and human input. Data is then uploaded to enterprise repositories as connectivity and bandwidth become available.
secure credential generation and exchange. Stable connectivity to a centralized credential validation capability in the cloud is not needed to ensure that only authorized personnel have access to cloudlets deployed in the field.

The following diagram illustrates an example of how tactical cloudlets can be deployed in the field to connect personnel to computing capabilities and data sources.

Illustration of tactical cloudlet deployment process

While connected to the cloud, cloudlets are loaded with the capabilities that are needed for a mission. After deployment in the field, users can securely connect to the cloudlet to access those capabilities without the need to be connected to the cloud. For some capabilities, the cloudlet may need to reach back to the cloud when connectivity becomes available, particularly for data synchronization.

Looking Ahead

Our work to refine tactical cloudlets continues as technologies change.

Because tactical cloudlets are meant to be reusable, they need to have authority to operate (ATO) every time they are reprovisioned. One focus area for future efforts is to automate the cloudlet provisioning process and make cloudlets ready for ATO to reduce operational time and effort.

Our future efforts also involve

including network configuration for the cloudlet in the process so that it is mission ready and ATO ready

exploring solutions to improve establishing trusted identities in disconnected environments

integrating solutions for opportunistic data synchronization with the cloud

We are seeking collaborators to extend this work. We also want to hear about users’ experiences with tactical cloudlets. If interested, please contact us.

Software Engineering Institute