Plotting the Laboratory's Technology Future
Q & A with Zachary Lemnios
As Chief Technology Officer since 2005, Zachary Lemnios is responsible for coordinating Lincoln Laboratory's technology strategy. He spoke recently with Lincoln Laboratory Journal Editor in Chief Herb Brody about the Laboratory's strengths and challenges.
Lincoln Laboratory CTO Zachary Lemnios says the Laboratory's expertise in language processing and social network analysis is especially valuable in a world of asymmetric threats.
Lincoln Laboratory Journal: How have the changes in the nature of the threats to U.S. security affected what Lincoln Laboratory does?
LEMNIOS: As the 9/11 attacks showed, a new set of asymmetric threats has emerged—threats that aren't well characterized and that are not necessarily driven by nation-states so it's hard to assign where they've come from. The U.S. doesn't have the tools or the experience and understanding of how to work through that.
LLJ: What are the ramifications of that shift for technology development?
LEMNIOS: The first issue is thinking through how an adversary uses commercially available technology. After all, we are a country that publishes freely and puts an awful lot up on the Web for anyone to read. We see that today in IEDs [improvised explosive devices]. The triggering mechanisms are exploitations of what's available commercially. We need to be thinking through how an adversary exploits open source understanding of technology and adapts it to their means.
LLJ: Broadly speaking, what does Lincoln Laboratory contribute to this effort?
LEMNIOS: The Laboratory has a keen role here—probably a unique role—in understanding how an adversary adapts and works in an environment that is entirely open, where the barriers to entry are very low, where the consequence is very high, and where the fingerprints are hidden. How do we understand that environment technically? How might we build countermeasures—tools to identify these threats or to mitigate their effects? The Lab does that very well because we are one of the few places where field testing, state-of-the-art development, prototyping, and an understanding of the application space and threat space come together.
LLJ: What's the most important area of technology that you think the Lab ought to become more deeply involved in?
LEMNIOS: One thing that worries me a lot is this: how do we understand the enormous amounts of data that the Department of Defense now collects on emerging and operating threats? How do we find salient features, such as targets and signatures that aren't well characterized? The second is how do we make this information more clearly accessible to the end user.
LLJ: So this would be kind of data mining?
LEMNIOS: Yes. And, in particular, social network analysis, which means not just looking for a single target but looking for networks of targets—people, places, or things that have some relationship. Rather than finding the single IED, for example, you want to look for the network of the bomb maker, the emplacement team, the trigger team, and the team that broadcasts the attack. This is a particularly urgent problem as our young men and women in service are under attack this very moment.
LLJ: How might you go about doing that?
LEMNIOS: There are many signatures—communications is one, imagery is another, and there may be cultural cues. Our understanding of the Soviet Union was based upon a published set of operations and a published set of capabilities. They published it, we verified it, and we trained against it. We had a very-well-understood schema of how the Soviets would employ forces, what their strategic approach would be, what their tactical engagements might look like. This is a different world. The real challenge now is finding the indications and warnings and signatures of events when you don't have a lot of history on what that person or what that group might do. One of the challenges is trying to understand from this enormous data collection these very diverse set of sensors, how we cohere a picture of what's going on strategically and tactically. The Laboratory is developing the fundamentals in that space.
LLJ: You also mentioned user interfaces. Why is that so important?
LEMNIOS: We need to do a better job at presenting information so that the end user understands things in a natural way. A person looking at a photograph can pick out the salient features. We need computer systems that do that with sensor data. The human-machine interface hasn't yet scaled to the level of complexity of the systems that we're building. We need to be able to convey the information so that the user really understands it.
LLJ: It seems you have defined two separate but interrelated problems: one, how to abstract out salient features from huge amounts of data; and two, how to then convey this higher level of abstraction to the end user. What are the specific approaches that Lincoln Laboratory is pursuing?
LEMNIOS: The first question is, how do you build algorithms to look for salient features? This is all about building networked sensors, building a schema for storing data, data retrieval, putting in place Bayesian filters or hidden Markov model filters. There's a body of science that's helping us understand how to do that. The second piece is, once you've done that, how do you convey lots of information in a way that doesn’t overload the user? While there are a few examples of good human-machine interface, the fundamentals are not well understood.
LL JOURNAL: What specific capabilities would you like to see developed?
LEMNIOS: Well, right now users have to learn about their computers. I'd like to see it the other way around: computers should learn about their users and adapt themselves accordingly. Why is it that when I sit down at my keyboard, I have to type the same things over and over again—login, password, pulling up certain screens? I do that every day. Why doesn't my system just do that for me? It knows that when I come in, the first thing I do is check e-mail, and I look at a particular website. The operating system should build a model of a user and tailor its interaction to the user. We do this socially all the time. When you have friends over for dinner and they are interested in a topic—gardening, say, or fine wine—you'll end up having a discussion about that.
LLJ: Advanced information technology can also be used against us, though, right?
LEMNIOS: Yes. In fact, the Laboratory has been working for many years to understand the cyber threat. A team of four can do enormous damage. An individual can basically shut down a city. It's a problem set that the Lab has resources to address, and we're starting to do so.
LLJ: On this, and other national security issues, what do you think sets Lincoln Laboratory apart from the many other institutions focusing on similar work?
LEMNIOS: Well, we have very bright people, of course. But there are bright people everywhere. More uniquely, Lincoln Laboratory has access to the right data sets—that's the heritage of Lincoln Lab. A lot of other organizations are trying to solve these problems in the abstract. But here, we have access to user data and an understanding of threats that have been identified. We have access to not only the worm or virus itself but also to information as to how it was inserted into the system.
LLJ: How would you characterize the Laboratory's place in the defense technology ecosystem?
LEMNIOS: We have a dual role. On the one hand, we are a gold standard for data and analysis; that is, we provide the independent assessment of ideas and technologies developed by others. In other cases, we are a pioneer of new concepts. The Laboratory takes on projects that have enormous technology risk, far more than the private sector would take on.
LLJ: You are on R&D management side of things and spent several years at the Defense Advanced Research Projects Agency [DARPA], which funds a lot of cutting-edge technology development. If you could have all the scientists and engineers at the Laboratory understand something better than they do now, conceptually, what would it be?
LEMNIOS: I'd like to see a more consistent ability to think beyond technology into the application space and into the countermeasures space. The Laboratory does that really well. That's because we live in field sites, we collect data, we do the data analysis, and we own the data sets. We have many people here doing analysis not just on the data that we collect, but also on systems that the U.S. operates and on systems that will counter our systems. So we're really thinking all the time about countermeasures.
LLJ: So what tends to guide the Laboratory's activities more—"technology push" or "applications pull"?
LEMNIOS: There's both. Part of our job in this office is to balance the two—that is, to find the right connections between innovative technology and compelling applications. In some cases, a systems engineer will pose an application that absolutely demands a technology and we connect those up. But it's that intersection that is so rich. And there are a lot of people at the Lab who live in that intersection.
LLJ: What Laboratory programs do you think exemplify the Laboratory's main strengths in this regard?
LEMNIOS: There are a few. One is the Air Force red team. Threat assessment, technology development, countermeasures assessment—that's exactly their game. The same is true for the work that we're doing in counter IED work. And then there's the ERSA [Enhanced Regional Situation Awareness] activity, which is all about threat assessment. You build a core capability, drive it with what's available commercially, add where you need to, but don’t be overly aggressive about technology development. Another good example is a program we have for analyzing patterns of communications to help predict what actions a terrorist group is going to take. It's called CT-SNAIR, for counterterror social network analysis and intent recognition.
LLJ: How did this effort originate?
LEMNIOS: Several years ago, when the Laboratory started building a counterterrorism program, the first thing that we did was take a close look at the threat network and how it might evolve, and try to understand where the vulnerabilities were in the kill chain. Take the threat of improvised explosive devices, or IEDs, for instance. While many organizations are looking at defeating the trigger of the IED, we have been doing a lot of work to try to understand the operation of the network of people that are responsible for IEDs. How are these networks structured, and how do they evolve? Where are the vulnerabilities in the process of designing, building, and placing of IEDs, as well as in the filming and subsequent reporting of the attacks?
LLJ: Isn't this what intelligence organizations do all the time? How is CT-SNAIR different?
LEMNIOS: Conventional intelligence operations certainly do help identify people and where they are on the ground. The capability that is emerging—which CT-SNAIR is a part of—is to analyze the communication network amongst those who pose the threat so that we can better understand what they might be doing.
LLJ: Even though the information could be in any number of languages?
LEMNIOS: Yes. In fact, the ability to do natural language translation is an important piece. The Laboratory has a lot of strength in that technology. So language understanding, coupled with social networking analysis, is really what the CT-SNAIR effort is all about. CT-SNAIR uses tools that build upon the language processing work the Laboratory's been doing for many years. This effort couples well to work on MIT campus. We're also collaborating with Carnegie Mellon and with the University of Massachusetts, Amherst, in particular, on the front-end social network analysis tools. This effort entails more than just word spotting; we are also trying to identify phrases, disambiguate aliases, and understand cultural context, all of which are really hard research problems.
LLJ: How far along is CT-SNAIR toward being a deployable system?
LEMNIOS: It's not anywhere near close to that stage yet. At this point, we're trying to understand the underlying science of the problem and validate the algorithms that are being used.
LLJ: What are some key areas with this system that need to be worked on?
LEMNIOS: Well, right now the false-alarm rate is a big problem. Getting false-alarm rates down to acceptable levels is key. It won’t be very useful if the system keeps triggering alerts in situations when the communications being analyzed are benign. There’s a huge area here of research on how to get a system like this to do machine learning in very dynamic environments with unstructured data. This is an area that the Laboratory is very interested in.
LLJ: Is the goal of CT-SNAIR more to monitor the activity of a known group or to identify new groups that we didn't previously know existed?
LEMNIOS: For now, we are focusing on improving our understanding of existing networks. Eventually you'd like to be able to identify networks that aren't yet known, but this would give rise to enormous false-alarm rates. So at best I think these will be tools that cue an analyst rather than replace an analyst. And if we could provide some insight that the analyst hasn't yet seen, that would be a win.
LLJ: One common theme to describe work at Lincoln Laboratory is that it would seem important for there to be in place a culture and a structure that encourages interaction among different disciplines.
LEMNIOS: Yes, it is all about that. In fact, most of problems that we take on are so interdisciplinary that it's far more important to have a team with great technical depth across a number of domains than a single individual researcher with twice as much depth in his or her own specialty.
LLJ: How does the Laboratory foster this kind of innovation?
LEMNIOS: We have a couple of mechanisms to help launch new ideas. The first is the Advanced Concepts Committee, or ACC. The ACC is all about finding a way to get the young, bright staff member with a glowing idea enough money to prove his or her thesis. This program gives a staff member enough money to run an experiment and collect the first data set. All the ACC work is internally funded, and the consequence of failure is low. We're basically betting on people and betting on good ideas.
LLJ: So that's more at the component level. What about systems level thinking?
LEMNIOS: That's where the other mechanism—the New Technology Initiatives Program [NTIP]—comes in. The NTIP is the first opportunity to start integrating a number of concepts into a systems picture. The level of funding is higher than that of the ACC and the time horizon is closer. With an NTIP project, we assume that the enabling technologies are mature enough. The bet that we are placing on these efforts is the integration concept. We want make sure that technical developments hang together from the system perspective. It's also the first time that we start thinking about measures and countermeasures. If somebody comes up with a new radiofrequency tag, say, and wants to demonstrate it against some sort of aircraft, the NTIP might also look at what the countermeasures to that tag might be. The NTIP might think through what's the concept of operations. That is, how would you actually use this, and how does that compare with the existing concept?
LLJ: What are some examples of NTIP successes?
LEMNIOS: Well, one is CT-SNAIR, which we've already talked about. Another is MASIVS [Multi-Aperture Sparse Imager Video System], a system concept to build a very-wide-area imager from a number of commercial imagers. Whereas the ACC would be funding the actual device, the NTIP is looking at how we take that and start integrating it. It really takes a different mindset; we have different types of people in each of these two groups. The ACC largely funds work by people who love to spend time at the lab bench, whereas the NTIP projects are more for system thinkers. Both are absolutely vital.
LLJ: Lincoln Laboratory has traditionally shunned the spotlight. When you talk to people in government, academia, and industry about the Laboratory, what's the most common misperception that you encounter?
LEMNIOS: A lot of people confuse us with the Department of Energy labs—the national labs such as Los Alamos and Sandia. Of course, we are not a DOE lab. And in fact, I would argue that while those national labs are good in certain selective areas, Lincoln Laboratory has a deeper foundation in a broader set of topics that are of interest to the DoD—as well as the agility to take on new problems in lots of areas. Another way a lot of people have the wrong idea about Lincoln Laboratory is that they still regard us as a radar house. While that was the heritage of the Laboratory, we really are now an information technology organization in the sense that much of the work here is really about target identification, discrimination, and understanding, and the flow of that information across very complex systems. Radar is one sensor. We work with many other sensors.
LLJ: What effect do you think the Laboratory will feel as the new administration takes the reins in Washington?
LEMNIOS: We just don’t know. I suspect that missile defense work might scale back a bit, but there will be other areas that increase. Homeland protection, for instance, is an area that I think we’ll be seeing a lot more interest in. Counter-terrorism work will grow. And we're starting a small effort and trying to understand where the Laboratory can make contributions in the energy space. Energy, after all, is now correctly viewed as a national security problem and so it is entirely consistent with the larger mission of Lincoln Laboratory.
LLJ: What aspects of energy technology do you see the Laboratory focusing its efforts on?
LEMNIOS: Well, you can divide up the energy space into two major pieces. First, there's a supply side that deals with fuels, distribution, and power conversion at the megawatt level. Then there is the consumer piece, which pertains to making sure that appliances and other energy-consuming systems are efficient in their use of electricity. I suspect most of the work we do will be on the usage piece—building low-power electronics, say. I could see our involvement in building systems that have power management schemes that go beyond what is available commercially, and maybe new technologies that allow for more efficient dc-to-dc conversion. We have also talked with some professors at the University of California, Davis, about developing a smarter electrical grid that could take advantage of the energy storage and load-management that could be provided by a large fleet of plug-in electric hybrid vehicles. We are primarily interested in what the system architecture might look like. And we have a significant effort in collaboration with MIT campus to build a thermoelectric power generator (see "Power to Go," Lincoln Laboratory Journal, vol. 17, no. 1, p. 9). That's a good example as one of the first projects that puts the Lab in this space. The Solid State Division is doing a lot of work to extend the low-power operation of conventional CMOS and CMOS SOI [silicon-on-insulator] technology. These efforts could lead to much lower power consumption as we build systems with large numbers of processors, and processors with higher and higher transistor counts.
LLJ: What impact do you expect the present economic crisis to have on Lincoln Laboratory?
LEMNIOS: There's going to be a lot of budget pressure on all elements of DoD, including the Laboratory, to propose the best ideas.
LLJ: The Laboratory is also less reliant on DoD than in the past, right?
LEMNIOS: Yes, we've got a portfolio that's richer than we had a few years ago. We have a large number of sponsors and more of a diverse assortment of sponsors. We're moving into some new areas. We may thin down other areas within the Laboratory; missile defense, as I said, may be an area that has some sponsor pressure. During past downturns, we've been fortunate and we've had sponsors continue the work here. I suspect that's going to happen this time as well. Generally, we weather these kinds of things out; we try to reduce the overhead expenses as best we can. Now, as has been the case historically, we have had an over-commitment of sponsors—that is, we have more work that we can possibly do. But fundamentally, technology remains key to many of the problems that DoD has, and the Laboratory is in a unique position to provide a lot of those key technologies. That's not going to change.