Platform ATAK-CIV
Deliverable SYS-007. Structure per cc02-standards/SYSTEM-STANDARD.md. Every component traces to a design basis (NEED/REQ) and to an acceptance criterion.
1. Purpose and Design Basis
1.1 Scope and Objective
Platform ATAK-CIV (v2) provides the primary spatial Common Operating Picture (COP) for the protective detail. It runs the Android Tactical Assault Kit (ATAK-CIV) on client handsets and tablets, mapping operator positions, threat points, and route overlays in real-time.
1.2 Design Basis
This system establishes a standardized telemetry platform utilizing Cursor on Target (CoT) messages over secure SSL/TLS channels. It connects client nodes to the static server (SYS-001) or local routing arrays (SYS-002) to sync real-time tactical overlays.
1.3 Needs
- NEED-SYS-007-01: Detail operators require a shared, real-time spatial Common Operating Picture (COP) mapping team positions and markers to maintain tactical coordination.
- Source: Team Leader (RF)
- Context: Relying on verbal descriptions of locations during movements increases risk and delay.
- NEED-SYS-007-02: Systems Engineer (CS) requires a secure and interoperable protocol to transmit telemetry payload packets across multiple devices.
- Source: Systems Engineer (CS)
- Context: Position reports and tactical symbols must be serialized, encrypted, and distributed reliably.
1.4 Requirements
- REQ-SYS-007-01 (Traceability: NEED-SYS-007-01): The platform shall run the Android Tactical Assault Kit (ATAK-CIV) on certified tablets and handsets to display the COP [VR-SYS-007-01].
- Verification Method: Inspection (I)
- REQ-SYS-007-02 (Traceability: NEED-SYS-007-02): The platform shall exchange Cursor on Target (CoT) XML telemetry messages with the C2 server over a secure TLS connection [VR-SYS-007-02].
- Verification Method: Test (T)
- REQ-SYS-007-03 (Traceability: NEED-SYS-007-01): The client application shall cache geographic map packages locally to support offline mapping when WAN is disconnected [VR-SYS-007-03].
- Verification Method: Demonstration (D)
- REQ-SYS-007-04 (Traceability: NEED-SYS-007-02): The ATAK client configuration profiles shall be encrypted and locked with a dedicated PIN to prevent data extraction [VR-SYS-007-04].
- Verification Method: Test (T)
2. Architecture As Built
+-----------------------------------------------------------------------+
| SYS-007 Platform ATAK-CIV (Client Endpoint) |
| |
| [Operator Handset / Tablet] <--- TLS Connection ---> [C2 Server] |
| (ATAK-CIV / Local Cache) (SYS-001 / 002) |
| | |
+--------------------------------------------------------------|--------+
v
ART-common-operating-picture
3. Components and Bill of Materials
| Component | Spec | Vendor / Link | Price | Tier | Status | Traceability |
|---|---|---|---|---|---|---|
| ATAK-CIV Client | Android Tactical Assault Kit (ATAK-CIV) application | ATAK Product Center | $0.00 | - | SELECTED | REQ-SYS-007-01 |
| Server Connection | SSL/TLS client certificate profile | Internal | $0.00 | - | SELECTED | REQ-SYS-007-02 |
| Offline Map Packages | Local DTED and map overlay files (AO specific) | Internal | $0.00 | - | SELECTED | REQ-SYS-007-03 |
4. Build and Deployment
4.1 Client Installation
- Download the verified ATAK-CIV APK package on the administrator workstation.
- Sideload the APK onto client devices (SYS-003 Pixel 8 handsets / Samsung tablets).
- Open the application and accept the mandatory operating permissions.
4.2 Profile Importing
- Import the C2 connection profile package (containing OTS certificates and server IP settings).
- Set the client callsign matching the operator initials (e.g. operator_RF).
- Verify that the client icon appears on the static C2 monitoring console (SYS-001).
5. Hardening Baseline
- Connection Hardening: Configure the client to reject unencrypted connection attempts; enforce certificate-based client authentication; restrict connection cipher suite to TLS 1.3 only [REQ-SYS-007-02].
- Data Protection Hardening: Enable application-level passcode locks; disable local logging of coordinates on the client filesystem; configure the client profile to zeroize storage when a remote server disconnect trigger is received [REQ-SYS-007-04].
- Mapping Hardening: Restrict offline map package caching to designated encrypted data folders; disable online map streaming from commercial providers [REQ-SYS-007-03].
6. Integration Points
- Inputs:
SYS-001(Connects to static cloud C2 server) andSYS-004/SYS-005(Receives data from situational awareness sensors). - Provides:
ART-common-operating-picture(Telemetry and mapping coordinates to tactical teams). - Proposed Seam: Communicates with
EP-011(Communications Plan) to synchronize talkgroups and mesh net configuration settings.
7. Acceptance Tests
| Criterion | Method | Expected Result | Reference |
|---|---|---|---|
| REQ-SYS-007-01 | Inspection | Confirm ATAK-CIV application launches and runs successfully on all handset and tablet configurations. | VR-SYS-007-01 |
| REQ-SYS-007-02 | Test | Verify that client CoT packets are encrypted via network packet capture on port 8089. | VR-SYS-007-02 |
| REQ-SYS-007-03 | Demonstration | Turn off network connectivity and verify map data displays correctly from the local cache. | VR-SYS-007-03 |
| REQ-SYS-007-04 | Test | Verify that failed application PIN attempts lock the client configuration profile. | VR-SYS-007-04 |
8. Run and Maintenance Handover
- Operational Check: Execute a map check and verify location beacon connectivity prior to team dispatch.
- Update Cadence: Update offline map layers monthly and check client certificate expiration dates.
- Ownership: Systems Engineer (CS) for mapping database and certificate updates; Operations Manager (BR) for client inventory tracking.
END OF SYSTEM
Model wiring
Generated from cell frontmatter at publish time.