banner
LightNews
ravirockks.bsky.social
Ravi Nayyar
@ravirockks.bsky.social
490 followers 390 following 9.8K posts
Critical Software + CNI Law | PhD Candidate at the University of Sydney | Fellow @ASPI-org.bsky.social | Associate Fellow at the Social Cyber Institute | Blogging @atechnolegalupdate.substack.com | Cricket, #Bloods | #KalikaMataKiJai
Posts Media Videos Starter Packs
Pinned
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · Jan 6
G’Day,

Since folks are increasingly talking about software supply chain risks to national security, here's a collection of my work on the subject.

Going back to 2022.
Tangos in the Tangled Web
Stuff Ravi's written on all things software supply chain x security x law
open.substack.com
4
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
Cyber Survivability – enabling operations in contested environments‘
www.war.gov/News/Release...
www.war.gov
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
‘The CSRMC is grounded in ten core principles: …
Continuous Monitoring and ATO – enabling real-time situational awareness to achieve constant ATO posture
DevSecOps – supporting secure, agile development and deployment
www.war.gov
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
Hmm.
warontherocks.com/2025/09/port...
Ports, Politics, and Power: The Messy Reality of China’s Overseas Port Investments
What if China’s global port empire isn’t the master plan Washington fears, but a patchwork of messy deals shaped as much by local politics as Beijing’s
warontherocks.com
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
‘… but through ad hoc, semi-directed experimentation driven by provincial leaders, ministries, and various state-owned and private enterprises. Furthermore, the dynamics of these processes can be compounded by participant countries exercising their agency’.
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
‘… which often prioritizes the commercial performance of policy banks and state-owned enterprises above other factors. This dynamic suggests a process where strategy is pursued not through top-down decree, …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
‘… even if top officials in Beijing have clear strategic goals for certain projects or economic sectors, their ability to dictate outcomes is constrained by internal competition, …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 8h
Jarheads testing the ability of small teams to move to an objective, establish C2 nodes, reposition ‘under enemy fire’ and repeat: breakingdefense.com/2025/09/no-h...

That is, testing how to operate against China across island chains.
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
’… Army personnel needed fully mission-capable ventilators during the COVID-19 pandemic … lacked visibility of its ventilator inventory because some were included in medical kits and “not accounted for separately in GCSS-Army” …’
www.defensenews.com/global/midea...
Army mismanaged CENTCOM stockpiles of troop supplies modules: Audit
The Army failed to properly maintain Force Provider modules, or containerized support facilities for troops, the Pentagon's IG found.
www.defensenews.com
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
’… “for more than four years, officials did not properly account for FP module components that require maintenance,” including generators and skid steers … officials instructed [redacted] to account for all components that comprise a FP module or add-on kit as one line item.
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
’… the “FP maintenance training requirement is not documented to ensure storage site personnel are aware of the need for the required TACOM ILSC training” to properly preserve FP modules before opening the containers …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
’… in 2022, units reported that they received Force Provider containers with ripped tents and inoperable generators, laundry equipment and showers …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
’In 2020, the Army transferred responsibility for maintaining the modules to another entity, but “did not specifically add maintenance requirements for FP modules until April 2024 …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
‘The Army failed to properly maintain Force Provider modules, which are prepositioned “tent cities” that comprise 24 to 32 shipping containers packed with materials to erect housing, kitchen and other facilities …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 9h
Bits from a fantastic reality check on UA’s startup-driven DIB: warontherocks.com/2025/08/ukra...

‘[Ukraine’s experience] offers lessons in what to do when your defense ecosystem has collapsed, but it does not answer how to build a mature defense model for the long term’.
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
From a searing critique by Joe Slowik of CISA’s ‘Shields Up!’ campaign: pylos.co/2025/07/13/t...
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
‘Once domestic output clears 100 million units, the United States should allocate export packages to European and Indo-Pacific allies willing to mirror our manufacturing lines and processes’.
warontherocks.com/2025/07/fact...
Factories First: Winning the Drone War Before It Starts
Wars are won by factories before they are won on the battlefield. Recognizing that the United States lacks the manufacturing depth for the coming drone
warontherocks.com
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
‘These firms already understand Six Sigma quality at million-unit volumes — what they lack is a reason to pivot. Guaranteed drone orders supply that reason.
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
‘… should also incentivize performers to partner with Tier 1 and Tier 2 auto suppliers for frame molding, precision metal parts, camera modules, and sensors.
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
’Just as NASA’s Apollo guidance computers seeded Silicon Valley, a drone swarm program of record would do the same for next-generation power electronics, battery chemistries, advanced plastics, and AI-enabled edge devices.
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
‘The Franklin D. Roosevelt administration did not design the B-24 Liberator — it guaranteed Ford that if Willow Run built one an hour, the government would buy every last bomber. The same clarity is needed today.
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
On the reading list.
openresearch-repository.anu.edu.au/items/7529dc...
Logistics, national support and the failure to prepare - The ADF's approach to strategic logistics 1987-1999
The historiography of the Australian Defence Force's (ADF) performance during Operation Warden in 1999 portrays operational success as being in spite of severe logistics limitations. The ADF may have ...
openresearch-repository.anu.edu.au
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
’… and emphasis on select SOF Arctic allies to provide “reverse” SFA to ensure incoming allied reinforcements possess the polar capabilities to operate effectively in the High North’.
irregularwarfare.org/articles/spa...
Space and Ice: Envisioning Special Operations Forces’ Role in Future Operational Environments
Discover how Special Operations Forces are evolving with space-based capabilities and Arctic expertise to prepare NATO for the next era of strategic competition.
irregularwarfare.org
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
‘This article posits two points: the need to develop a U.S. Space Force-directed SJTAC function to increase Triad lethality and bolster allied SOF with space-based capabilities, …
1
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 10h
ravirockks.bsky.social
Ravi Nayyar @ravirockks.bsky.social · 11h
‘… industry needs to ensure that such tools are engineered in a way that they are first and foremost operable at the tactical edge, particularly in denied, degraded, intermittent and limited (DDIL) environments’.
breakingdefense.com/2025/08/arcy...
ARCYBER chief's advice to industry: Make interoperable tech and start at the edge - Breaking Defense
"The biggest opportunities that I see are from a modularity and platform independence standpoint," Lt. Gen. Maria Barrett, the commanding general of Army Cyber Command, said.
breakingdefense.com