By M. Scott Bortot |
As Product Manager (PdM) Biometrics engineers were developing plans to migrate the Army’s massive biometrics matching capability, the DoD Automated Biometrics Identification System (DoD ABIS) to the cloud, they faced two choices: migrate the data and algorithms in one “Big Bang,” or take a slow and steady incremental deployment approach.
DoD ABIS enables Soldiers to accurately identify, target, deny access, and/or detain known or suspected adversaries. And, while its migration to the cloud took longer than the “Big Bang” approach, the PdM Biometrics engineers settled on the incremental approach to reduce the risk of a negative impact to 24/7 worldwide operations caused by migration activities.
Just ask Kimberly McCoid, lead engineer for PdM Biometrics, Biometrics Enabling Capabilities (BEC).
“With the migration to the cloud, we can process and get the biometrics information back to the warfighter faster than the previous system,” McCoid said. “Getting that information to them as soon as possible is of vital importance.”
In late June, the PM Biometrics engineers completed the ninth and final incremental deployment to DoD ABIS. The year-long process took teamwork, ingenuity, and careful planning to migrate DoD ABIS from servers to the cloud.
PdM Biometrics is an office under Project Manager Terrestrial Sensors (PM TS). PM TS procures, fields, and supports numerous state-of-the-art ground sensor systems globally, including within the United States.
DoD ABIS serves as the authoritative repository for biometrics data collected from known and suspected terrorists and persons of interest. It interacts with a broad range of customers and collection devices to collect new biometric signatures and provide feedback as to whether the provided signature matches with a known person of interest. Soldiers perform enrollments to collect modalities such as fingerprints, facial images, palm prints, and iris patterns, and DoD ABIS returns a match response.
In June, engineers added a fifth modality to the system, voice, as part of the nine-increment deployment process.
“We can now say a person was in the same spot as over here because it’s the same voice,” McCoid said. “We know it’s the same person and we can build the case to see if he is a good guy or a bad guy, or threat actor.”
Jerald Willis, Deputy Product Manager Biometrics, explained the importance of migrating DoD ABIS to the cloud.
“If there are displaced persons due to war, we are able to vet and to expand those capabilities because of the cloud and it reduces the amount of, or negates the need for, hardware in the lead time that’s required to bring in hardware to expand capabilities,” Willis said.
Prior to the cloud migration, physical servers housed DoD ABIS in separate locations that required hardware refreshes every five years. A cloud-based system is preferable to separate servers as it is available 24/7 without interruption, can be updated more easily, and can be scaled quickly to support operations.
The system is operated by the Department of the Army Criminal Investigation Division (DACID) Biometric Operations Department (BOD), in partnership with the FBI’s Criminal Justice Information Division campus in West Virginia.
The request to migrate DoD ABIS to the cloud came from the requirement approved by the Army Requirements Oversight Council or AROC. To meet this requirement engineers took a dynamic approach.
“We built the structure of the house, the roof, the sides, the timber of it,” McCoid said. “And then we started to build inward.”
Willis said engineers needed to prioritize what to migrate.
“We worked initially on the low hanging fruit so that as we went into the cloud, we could iron out any of the unknowns,” said Willis. “This was a way to build up some of the infrastructure items so that the major lifts could be done toward the end.”
Engineers occasionally grappled with technical issues despite the incremental deployment approach.
Jimmie Culley, Product Lead BEC, said engineers faced challenges with interdependencies with other systems as they worked through the incremental deployments.
For example, IP addresses with certain systems were hard-coded and required innovative solutions to connect with the DoD ABIS cloud. During the process, engineers learned how Windows Subsystem for Linux manipulates data from net applications, storage devices, and servers, and then how to move it to a cloud-based system.
“Dependencies on other systems required us to make changes, so it was a process of discovery learning,” said Culley. “Understanding that and making sure all of those are integrated, synced and working properly was a major challenge.”
McCoid emphasized that working with the DACIB BOD team proved critical to ensuring the success of the incremental deployments.
“I think the really important takeaway is we have great teamwork between us and the developer, which is our system integrator, and our BOD customer,” McCoid said. “We have informal touchpoints, and anytime we’re out there, we chat with people to make sure that if there’s something on their mind, they know they can come to us.”
In addition to regularly scheduled meetings, informal touchpoints enabled engineers and developers to share information on ways to improve the incremental deployment process. In one instance, it helped improve how error messages are relayed.
“There was someone who was color blind and when the error message was in red, they couldn’t see it,” McCoid said. “Now, we developed an audible alarm to address the issue and use certain colors that can be seen by people who are color blind.”