Platform ATAK-CIV

Deliverable SYS-007. Structure per cc02-standards/SYSTEM-STANDARD.md. Every component traces to a design basis (NEED/REQ) and to an acceptance criterion.

1. Purpose and Design Basis

1.1 Scope and Objective

Platform ATAK-CIV (v2) provides the primary spatial Common Operating Picture (COP) for the protective detail. It runs the Android Tactical Assault Kit (ATAK-CIV) on client handsets and tablets, mapping operator positions, threat points, and route overlays in real-time.

1.2 Design Basis

This system establishes a standardized telemetry platform utilizing Cursor on Target (CoT) messages over secure SSL/TLS channels. It connects client nodes to the static server (SYS-001) or local routing arrays (SYS-002) to sync real-time tactical overlays.

1.3 Needs

  • NEED-SYS-007-01: Detail operators require a shared, real-time spatial Common Operating Picture (COP) mapping team positions and markers to maintain tactical coordination.
    • Source: Team Leader (RF)
    • Context: Relying on verbal descriptions of locations during movements increases risk and delay.
  • NEED-SYS-007-02: Systems Engineer (CS) requires a secure and interoperable protocol to transmit telemetry payload packets across multiple devices.
    • Source: Systems Engineer (CS)
    • Context: Position reports and tactical symbols must be serialized, encrypted, and distributed reliably.

1.4 Requirements

  • REQ-SYS-007-01 (Traceability: NEED-SYS-007-01): The platform shall run the Android Tactical Assault Kit (ATAK-CIV) on certified tablets and handsets to display the COP [VR-SYS-007-01].
    • Verification Method: Inspection (I)
  • REQ-SYS-007-02 (Traceability: NEED-SYS-007-02): The platform shall exchange Cursor on Target (CoT) XML telemetry messages with the C2 server over a secure TLS connection [VR-SYS-007-02].
    • Verification Method: Test (T)
  • REQ-SYS-007-03 (Traceability: NEED-SYS-007-01): The client application shall cache geographic map packages locally to support offline mapping when WAN is disconnected [VR-SYS-007-03].
    • Verification Method: Demonstration (D)
  • REQ-SYS-007-04 (Traceability: NEED-SYS-007-02): The ATAK client configuration profiles shall be encrypted and locked with a dedicated PIN to prevent data extraction [VR-SYS-007-04].
    • Verification Method: Test (T)

2. Architecture As Built

+-----------------------------------------------------------------------+
| SYS-007 Platform ATAK-CIV (Client Endpoint)                           |
|                                                                       |
|  [Operator Handset / Tablet] <--- TLS Connection ---> [C2 Server]      |
|  (ATAK-CIV / Local Cache)                             (SYS-001 / 002)  |
|                                                              |        |
+--------------------------------------------------------------|--------+
                                                               v
                                                 ART-common-operating-picture

3. Components and Bill of Materials

ComponentSpecVendor / LinkPriceTierStatusTraceability
ATAK-CIV ClientAndroid Tactical Assault Kit (ATAK-CIV) applicationATAK Product Center$0.00-SELECTEDREQ-SYS-007-01
Server ConnectionSSL/TLS client certificate profileInternal$0.00-SELECTEDREQ-SYS-007-02
Offline Map PackagesLocal DTED and map overlay files (AO specific)Internal$0.00-SELECTEDREQ-SYS-007-03

4. Build and Deployment

4.1 Client Installation

  1. Download the verified ATAK-CIV APK package on the administrator workstation.
  2. Sideload the APK onto client devices (SYS-003 Pixel 8 handsets / Samsung tablets).
  3. Open the application and accept the mandatory operating permissions.

4.2 Profile Importing

  1. Import the C2 connection profile package (containing OTS certificates and server IP settings).
  2. Set the client callsign matching the operator initials (e.g. operator_RF).
  3. Verify that the client icon appears on the static C2 monitoring console (SYS-001).

5. Hardening Baseline

  • Connection Hardening: Configure the client to reject unencrypted connection attempts; enforce certificate-based client authentication; restrict connection cipher suite to TLS 1.3 only [REQ-SYS-007-02].
  • Data Protection Hardening: Enable application-level passcode locks; disable local logging of coordinates on the client filesystem; configure the client profile to zeroize storage when a remote server disconnect trigger is received [REQ-SYS-007-04].
  • Mapping Hardening: Restrict offline map package caching to designated encrypted data folders; disable online map streaming from commercial providers [REQ-SYS-007-03].

6. Integration Points

  • Inputs: SYS-001 (Connects to static cloud C2 server) and SYS-004/SYS-005 (Receives data from situational awareness sensors).
  • Provides: ART-common-operating-picture (Telemetry and mapping coordinates to tactical teams).
  • Proposed Seam: Communicates with EP-011 (Communications Plan) to synchronize talkgroups and mesh net configuration settings.

7. Acceptance Tests

CriterionMethodExpected ResultReference
REQ-SYS-007-01InspectionConfirm ATAK-CIV application launches and runs successfully on all handset and tablet configurations.VR-SYS-007-01
REQ-SYS-007-02TestVerify that client CoT packets are encrypted via network packet capture on port 8089.VR-SYS-007-02
REQ-SYS-007-03DemonstrationTurn off network connectivity and verify map data displays correctly from the local cache.VR-SYS-007-03
REQ-SYS-007-04TestVerify that failed application PIN attempts lock the client configuration profile.VR-SYS-007-04

8. Run and Maintenance Handover

  • Operational Check: Execute a map check and verify location beacon connectivity prior to team dispatch.
  • Update Cadence: Update offline map layers monthly and check client certificate expiration dates.
  • Ownership: Systems Engineer (CS) for mapping database and certificate updates; Operations Manager (BR) for client inventory tracking.

END OF SYSTEM

Model wiring

Generated from cell frontmatter at publish time.