![](https://bharatshakti.in/wp-content/uploads/2024/03/LT-BSI-Defence.gif")
The Illusion of Air-Gapped Security
The idea that isolation equals security has long shaped defence communication network design. By physically separating classified systems from the Internet and external devices, militaries sought to ensure confidentiality and control. Yet this model, while comforting, is increasingly misleading, especially in the current net-centric environment.
Modern command systems depend on distributed data flows that traverse satellite, radio, and tactical IP-based networks. Software updates, encrypted gateways, and remote management tools blur the boundaries between “isolated” and “connected.” In such an environment, compromise can occur not through external intrusion but through vulnerabilities embedded within the very systems entrusted to safeguard information.
Air-gapping offers protection only against direct network intrusion. They do not protect against what is already inside — software, firmware, and vendor-controlled binaries that determine how the network behaves. In these hybrid environments, the “gap” is no longer physical but logical. Software commands traverse firewalls, not air. And the real gatekeeper of those commands — the Operations Support Systems (OSS) — quietly becomes the single point of operational vulnerability.
Evolving Threat in Defence Communications
The shift toward multi-domain, network-centric warfare demands near-real-time data fusion across land, air, sea, space, and cyber domains. As India’s armed forces move toward integrated theatre commands, communication infrastructure becomes the decisive enabler of operational coherence.
However, every addition of automation or interoperability expands the attack surface. Operations Support Systems (OSS)— which orchestrate, monitor, and control networks — represent a new locus of vulnerability. When such systems are foreign-origin or compiled externally, the trust boundary extends beyond national oversight.
When an OSS of foreign origin manages mission-critical radio, satellite, or terrestrial systems, the trust boundary silently shifts beyond national oversight. Even without cloud connectivity, precompiled binaries, embedded policy logic, or dormant code paths can manipulate decisions — delaying, distorting, or denying command flows at crucial moments. In a geopolitical crisis, such latent dependencies could erode not just capability, but sovereignty itself.
To secure the defence digital core, nations must look inward. Domestic OSS ecosystems—built, compiled, and maintained within national boundaries—offer the only sustainable path toward operational assurance.
Danger of Foreign-Controlled OSS
In an MDO & Net-centric environment, defence communication systems — whether terrestrial optical rings, tactical radios, or satellite ground stations of various services (Army, Navy and Air Force) will need to connect. If a foreign-controlled vulnerability exists in any one service defence network, it can compromise the entire network.
Defence communication systems are orchestrated through OSS platforms, including the Network Management System (NMS). These systems decide what to transmit, when to reroute, which nodes to prioritise, and how failures are handled. If such an OSS originates abroad, it effectively introduces foreign decision-making logic into the command layer of a national defence network, potentially manipulating and controlling it.
Below are some of the most critical trust fracture points that can silently compromise defence communication systems even in an air-gapped environment:
- Foreign OSS application software may contain intentionally embedded flaws, backdoors, or fragile logic paths exploitable by the vendor’s home country or adversaries aware of them. Such code can remain dormant until specific conditions are met (time, load, network state, or operational context), enabling disruption precisely when resilience is most critical. It can lead to selective denial-of-service attacks, false alarms, misrouting, or stealthy degradation of critical communications.
- OSS platforms have a holistic view of topology, devices, configurations, and live network states. When local teams escalate issues to foreign support engineers, this process often exposes architectural details, component versions, and problem patterns that, together, reveal the network’s operational DNA. Adversaries gain a fast track to understanding weak points, dependencies, and potential choke nodes.
- A “foreign” OSS is rarely built in a single country. Components may originate across multiple jurisdictions, subcontractors, or open-source dependencies. A module compiled elsewhere may contain malicious code, creating a globally diffused attack surface that no single audit can fully control. A foreign footprint within the defence infrastructure makes total control nearly impossible.
- Every OSS binary installed inside a defence facility has a supply-chain lineage. It was compiled somewhere, signed by someone, and packaged in accordance with another country’s export laws. Even if the software arrives via CD and is installed offline, the underlying code still carries the DNA of its origin. Air-gapping, therefore, prevents external intrusion, but not internal intrusion.
Radio and Satellite: The Semi-Connected Frontier
Defence networks often rely on radio frequency (RF) and satellite channels for long-range communication. These are not “disconnected” in the true sense — they radiate into shared spectrums and depend on communication protocols that are globally standardised.
Even if data is encrypted, metadata and timing patterns can reveal operational states. Moreover, a foreign OSS controlling RF systems can subtly alter frequency-hopping algorithms, encryption refresh cycles, or transmission priorities, creating controlled degradation or confusion without any overt “attack” signature. A compromised OSS does not jam you; it convinces you that you are jammed.
Platform Security & Indigenisation Guidelines
There has been a concerted effort in the past few years towards “Atma Nirbharta” and tech sovereignty. MoD has issued stringent guidelines to ensure that all equipment, hardware, and software are indigenous or that their security is validated/ensured. However, ensuring network security is especially important when it is handled by multiple stakeholders other than the MoD. The platforms (aircraft, ships, tanks, guns, radars, etc.) can all become vulnerable if the interconnecting network(s) are not secure.
Securing the Defence Digital Core
The path forward isn’t isolation — it’s indigenisation. There is a need to invest in developing domestic OSS platforms that can fully replace or augment foreign-origin systems in defence and telecom networks. It requires a coordinated effort of all stakeholders. The following measures outline a sustainable framework: –
- Domestic OSS Ecosystem: Build, compile, and maintain all critical network orchestration systems within national boundaries. Indigenous development ensures transparency across code paths and compiler chains.
- Supply-Chain Assurance: Implement cryptographic provenance verification for all firmware and software components, from routers to radio systems. Periodic re-validation should be institutionalised at the tri-service level.
- Zero-Trust Architecture: Move from perimeter defence to continuous authentication — verify always, trust never. Each node, application, and operator must be validated before executing sensitive actions.
- Logic-Integrity Audits: Conduct adversarial red-teaming not just for penetration testing but for logic analysis — challenging command sequencing, timing, and orchestration layers under simulated stress.
- AI-Enabled Anomaly Detection: Deploy indigenous AI models trained on baseline operational data to flag deviations in network behaviour, latency, or routing patterns. AI can detect logic-layer manipulations that static rules might miss.
- Hardware–Software Co-Verification: Integrate trusted platform modules (TPMs) and secure boot firmware to ensure devices execute only authenticated code.
- Human–Machine Security Interface: Develop specialised cyber awareness for operators, focusing on recognising anomalous system behaviour rather than only traditional intrusion signs.
Conclusion: From Isolation to Insight
A domestic OSS ecosystem does more than mitigate cyber risk; it anchors national sovereignty in the digital domain. When every command, control, and communication node operates on indigenous logic, no hidden command, offshore licence, or foreign compiler can compromise operational readiness.
Lt Gen Karanbir Brar (Retd), (The author is former DG, Armoured Corps)
The author is former DG, Armoured Corps
