icon-carat-right menu search cmu-wordmark
Carnegie Mellon University

Tactical Cloudlets: Bringing the Cloud to the Tactical Edge

Created March 2022

Making cloud computing resources available to military personnel and first responders in the field presents accessibility and security challenges. Tactical cloudlets provide secure, reliable, and timely access to cloud resources to help military and emergency personnel carry out their mission at the tactical edge despite unreliable connectivity to the cloud.

Work With Us

The Power—and Challenges—of Tactical Cloud Computing

The Department of Defense (DoD) and emergency response agencies have increasingly leveraged mobile devices and cloud-based software applications to perform tasks that support their missions, including speech and image recognition, language translation, and situational awareness.

These missions often take place in hostile “tactical edge” environments with

  • limited computing resources
  • rapidly changing mission requirements
  • high levels of stress
  • unstable connectivity
  • limited battery power
  • limited technical skills in the field
  • security vulnerabilities due to limited infrastructure and hostile action (e.g., cyber attacks)

Providing secure, reliable, and flexible computing resources in these environments means that there is a need to “carve out” a piece of the cloud to make it accessible at the tactical edge in a secure, reliable, and timely manner.

Tactical Cloudlets: Bringing the Cloud to the Tactical Edge

How Tactical Cloudlets Support Missions

The SEI has developed “tactical cloudlets,” which are forward-deployed, discoverable computing nodes that can be hosted on vehicles or other platforms to support missions by providing

  • extended computing power. Computation-intensive applications and large data sets that exceed computation and storage capability on mobile devices can be hosted on nearby cloudlets.
  • forward data staging. Data sets needed for a mission can be pre-loaded on cloudlets to support disconnected operations (i.e., cloudlets disconnected from the enterprise).
  • data filtering and formatting. Cloudlets can remove unnecessary data from streams intended for dismounted warfighters to deal with reduced bandwidth and human attention or reformat data to address physical limitations of mobile devices such as reduced screen size.
  • data staging. Cloudlets can serve as collection points for data collected in the field from sensors and human input. Data is then uploaded to enterprise repositories as connectivity and bandwidth become available.
  • secure credential generation and exchange. Stable connectivity to a centralized credential validation capability in the cloud is not needed to ensure that only authorized personnel have access to cloudlets deployed in the field.

The following diagram illustrates an example of how tactical cloudlets can be deployed in the field to connect personnel to computing capabilities and data sources.

The following diagram illustrates an example of how tactical cloudlets can be deployed in the field to connect personnel to computing capabilities and data sources.

While connected to the cloud, cloudlets are loaded with the capabilities that are needed for a mission. After deployment in the field, users can securely connect to the cloudlet to access those capabilities without the need to be connected to the cloud. For some capabilities, the cloudlet may need to reach back to the cloud when connectivity becomes available, particularly for data synchronization.

Tactical Cloudlets: Bringing the Cloud to the Tactical Edge

Software and Tools

KD-Cloudlet

Cloudlets are discoverable, generic, stateless servers located in single-hop proximity of mobile devices that can operate in disconnected mode and are virtual-machine based.

Learn More

Looking Ahead

Our work to refine tactical cloudlets continues as technologies change.

Because tactical cloudlets are meant to be reusable, they need to have authority to operate (ATO) every time they are reprovisioned. One focus area for future efforts is to automate the cloudlet provisioning process and make cloudlets ready for ATO to reduce operational time and effort.

Our future efforts also involve

  • including network configuration for the cloudlet in the process so that it is mission ready and ATO ready
  • exploring solutions to improve establishing trusted identities in disconnected environments
  • integrating solutions for opportunistic data synchronization with the cloud

We are seeking collaborators to extend this work. We also want to hear about users’ experiences with tactical cloudlets. If interested, please contact us.

Learn More

Moving Cloud Computing to the Tactical Edge

Video
By

This video gives a shot snapshot of "Moving Cloud Computing to the Tactical Edge."

Watch

What are the challenges in bringing cloud computing to edge environments?

Video
By

Watch Grace Lewis discuss "What are the challenges in bringing cloud computing to edge environments?"

Watch

Secure VM Migration in Tactical Cloudlets

Conference Paper
By

The goal of this paper is to present a solution for secure VM migration between tactical cloudlets based on secure key generation and exchange in the field.

Read

SEI Cyber Minute: Tactical Cloudlets

Video
By

Grace Lewis discusses technical cloudlets and their benefits in detail.

Watch

Establishing Trust in Disconnected Environments

Blog Page
By

READ

Establishing Trusted Identities in Disconnected Edge Environments

Conference Paper
By

The goal of this paper is to present a solution for establishing trusted identities in disconnected environments based on secure key generation and exchange in the field.

Read