How Elastic brings speed, scale, and ease to real-time situational awareness

illustration-radar-security.png

Real-time situational awareness (RTSA) done right provides complete, actionable information about what is going on around the operating environment at the moment and enables accurate decision making and data sharing easily, rapidly, and securely. RTSA has real world impact on a number of use cases, including network management and cybersecurity, supply chain management, military operations, public safety and emergency response, port of entry and logistics security, and campus or facility security.

In this blog, we explore what RTSA done right means to someone who has had boots on the digital ground – a former command and control (C2) system operator.

RTSA from the C2 operator’s perspective

Q: As a former operator in an Air Operations Center (AOC) environment, what are the essential things you needed to have real-time situational awareness?

In that role, I needed to know where assets were, be it people, equipment, fuel, munitions, and other sensor data, and know where adversary assets were as well. Because I’m a very visual person, seeing these items on a map was especially helpful to me. Additional details on assets such as flight times and fuel burn help to know whether to move assets from one current tasking to another. Another useful feature to have is weather data in machine language so that it’s immediately usable in this type of dynamic environment.

Q: We use the term real-time, but in reality, things happen in near real-time. What are the factors that get us as close to real-time as possible?

We got as close to real-time as possible by being able to see live video feeds, having access to line of sight data, and by using instant chat tools. There are times that data literally needed to route around the world, and perhaps things could become pixelated, but that was solved by relying more on local assets. Also, we had the timeline down pretty well for pre-planned events using larger datasets.


Q: How about data, what categories of data are fused to build a common operational picture? Is there such a thing as too much data?

First, yes, there is such a thing as too much data. But as long as you have the capability to filter layers of data to each operator’s preference, then you can work with that data. I’m very visual and like to see more data than most, as I’ve learned to read and interpret the data quickly. I also like to see historical trends, where I can see if something popped up a month ago and see if there’s any interconnection with what’s happening today. So I tended to use that additional data visual layer to analyze any trends. In the future, I could see a predictive analytics element to this where the trending identifies a certain amount of interference, and this information is passed on to the team that tracks it.


Q: We often hear about real-time situational awareness driving faster OODA loops (the cycle of observing, orienting, deciding, and acting). In terms of orienting, or putting what you observe into context, what helped you do that?

First, I don’t know what I’m up against unless I know where things are at, so observing is important for that. But in terms of orienting, experience is key, there’s not really a set formula for that. However, something that can be helpful is having the ability to view data in different ways. For example, instead of seeing dots on a map, perhaps you view the same current tasking on a horizontal axis. Or perhaps you have an order of battle view, which helps you put out a hierarchical or chronological report.


Q: We came across a quotation from author Steven Kotler who describes situational awareness as the ability to keep cool when all hell breaks loose. Describe at a high level, where you’ve seen that happen. How about the flipside, how has real-time situational awareness prevented hell from breaking loose?

Having real-time situational awareness really builds confidence. When you’re a watch officer with a certain area of responsibility and activity is occurring in that area, then it’s important that you can track what’s happening, generate reports, and keep agency leadership up to speed with confidence.


Real-time situational awareness also helps you be proactive. For example, when rapid asset maneuvers are needed, and you can quickly build plans to get assets to safe places. Even if people are inexperienced in this type of thing, the tools can help move past any deficiencies from that inexperience.

Q: What are some enhancements that you believe would serve a C2 environment well?


Some enhancements that I think could help in C2 environments are using technology to sync coordinate formats between service areas. This way analysts don’t have to translate coordinates, because they may not be comfortable doing this. Another enhancement would be in the area of real-time feedback between mission execution, planning, and assessment teams. Technology can help where if the mission execution team makes a change, perhaps things are moving out an hour, then this change is automatically highlighted on the planning side so that maintenance is moved out accordingly, and the assessment team knows of the change as well.


Q: In your tenure, what’s changed in terms of real-time situational awareness? How do you think it will change in the future?

Something that’s changed in my tenure is more focus on execution monitoring for intelligence, and then using that data to create a plan or strategy. In terms of what may change in the future, I don’t think you’ll ever take the human out of the loop because I don’t don’t think you’d trust a machine to autonomously task something, but you would want the machine to take data inputs and provide recommendations which a human then decides what to do with. Also, every now and then in the AOC environment, you may be given an extra asset and you’ve got to decide who gets to use it. In the future, I think we’ll have better tools that provide data-driven answers for what to do with the asset.

Enabling RTSA with speed, scale, and ease-use-use

At Elastic, we value community insights like those shared here, and apply that insight to continually improve our platform. When it comes to C2 environments, we work to equip teams and leaders with RTSA by gathering and normalizing data from disparate systems, securely enabling analytics where they are needed, and alerting on actions in an easy-to-use dashboard﹣all within a second of data ingest. 

Learn more about building RTSA dashboards in your C2 environment by visiting elastic.co/industries/public-sector or contacting us directly at federal@elastic.co or sled@elastic.co.